Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-33285 Out-of-bounds Write vulnerability in multiple products
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service.
local
low complexity
tuxera redhat fedoraproject debian CWE-787
7.8
2021-09-07 CVE-2021-33289 Out-of-bounds Write vulnerability in multiple products
In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.
local
low complexity
tuxera debian fedoraproject CWE-787
7.8
2021-09-07 CVE-2021-35268 Out-of-bounds Write vulnerability in multiple products
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges.
local
low complexity
tuxera debian fedoraproject CWE-787
7.8
2021-09-07 CVE-2021-35269 Out-of-bounds Write vulnerability in multiple products
NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges.
local
low complexity
tuxera debian fedoraproject CWE-787
7.8
2021-09-05 CVE-2021-40516 Out-of-bounds Read vulnerability in multiple products
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
network
low complexity
weechat debian CWE-125
7.5
2021-09-03 CVE-2021-40490 Race Condition vulnerability in multiple products
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
local
high complexity
linux fedoraproject debian netapp CWE-362
7.0
2021-09-01 CVE-2021-36046 Out-of-bounds Write vulnerability in multiple products
XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-787
7.8
2021-09-01 CVE-2021-36047 XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
2021-09-01 CVE-2021-36048 XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian
7.8
2021-09-01 CVE-2021-36050 Out-of-bounds Write vulnerability in multiple products
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
local
low complexity
adobe debian CWE-787
7.8