Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-07-22 CVE-2021-35063 Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."
network
low complexity
oisf debian fedoraproject
7.5
2021-07-21 CVE-2021-32761 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an in-memory database that persists on disk.
network
high complexity
redislabs debian fedoraproject CWE-680
7.5
2021-07-20 CVE-2021-33909 Integer Overflow or Wraparound vulnerability in multiple products
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
7.8
2021-07-20 CVE-2021-3246 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.
8.8
2021-07-20 CVE-2021-22235 Infinite Loop vulnerability in multiple products
Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark debian CWE-835
7.5
2021-07-20 CVE-2019-25051 Out-of-bounds Write vulnerability in multiple products
objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
local
low complexity
gnu debian fedoraproject CWE-787
7.8
2021-07-19 CVE-2020-36423 Cleartext Transmission of Sensitive Information vulnerability in multiple products
An issue was discovered in Arm Mbed TLS before 2.23.0.
network
low complexity
arm debian CWE-319
7.5
2021-07-19 CVE-2020-36426 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Arm Mbed TLS before 2.24.0.
network
low complexity
arm debian CWE-125
7.5
2021-07-18 CVE-2021-36773 Uncontrolled Recursion vulnerability in multiple products
uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality).
7.5
2021-07-09 CVE-2021-3570 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the ptp4l program of the linuxptp package.
8.8