Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-07-09 CVE-2021-3612 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP.
7.8
2021-07-08 CVE-2021-21779 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4.
network
low complexity
webkitgtk fedoraproject debian CWE-416
8.8
2021-07-07 CVE-2021-21775 Use After Free vulnerability in multiple products
A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4.
network
low complexity
webkitgtk fedoraproject debian CWE-416
8.0
2021-07-07 CVE-2021-35039 Improper Verification of Cryptographic Signature vulnerability in multiple products
kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c.
local
low complexity
linux debian CWE-347
7.8
2021-07-02 CVE-2021-35197 Incorrect Authorization vulnerability in multiple products
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access.
network
low complexity
mediawiki debian fedoraproject CWE-863
7.5
2021-06-30 CVE-2021-35474 Out-of-bounds Write vulnerability in multiple products
Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server.
network
low complexity
apache debian CWE-787
7.5
2021-06-24 CVE-2021-32490 Out-of-bounds Write vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-787
7.8
2021-06-24 CVE-2021-32491 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-190
7.8
2021-06-24 CVE-2021-32493 Out-of-bounds Write vulnerability in multiple products
A flaw was found in djvulibre-3.5.28 and earlier.
local
low complexity
djvulibre-project debian CWE-787
7.8
2021-06-16 CVE-2021-33813 XXE vulnerability in multiple products
An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.
network
low complexity
jdom apache debian fedoraproject oracle CWE-611
7.5