Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
2.6
2021-05-11 CVE-2020-24586 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network.
low complexity
ieee debian linux arista intel
3.5
2021-04-26 CVE-2021-29473 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.
local
high complexity
exiv2 fedoraproject debian
2.5
2021-04-01 CVE-2021-22890 Authentication Bypass by Spoofing vulnerability in multiple products
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets.
3.7
2021-03-23 CVE-2021-3392 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the MegaRAID emulator of QEMU.
local
low complexity
qemu fedoraproject debian CWE-416
3.2
2021-02-25 CVE-2021-20203 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0.
local
low complexity
qemu fedoraproject debian CWE-190
3.2
2021-02-24 CVE-2021-27645 Double Free vulnerability in multiple products
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system.
local
high complexity
gnu fedoraproject debian CWE-415
2.5
2021-02-23 CVE-2020-27768 In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h.
local
low complexity
imagemagick debian
3.3
2021-01-26 CVE-2020-29443 Out-of-bounds Read vulnerability in multiple products
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
local
high complexity
qemu debian CWE-125
3.9
2021-01-20 CVE-2020-25686 A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista
3.7