Vulnerabilities > Debian > Low

DATE CVE VULNERABILITY TITLE RISK
2021-06-15 CVE-2021-3592 Access of Uninitialized Pointer vulnerability in multiple products
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU.
3.8
2021-06-11 CVE-2021-22898 Missing Initialization of Resource vulnerability in multiple products
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers.
3.1
2021-06-09 CVE-2020-24512 Information Exposure Through Discrepancy vulnerability in multiple products
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel debian netapp CWE-203
3.3
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2021-05-11 CVE-2020-24587 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key.
2.6
2021-05-11 CVE-2020-24586 The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network.
low complexity
ieee debian linux arista intel
3.5
2021-04-26 CVE-2021-29473 Out-of-bounds Read vulnerability in multiple products
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata.
local
high complexity
exiv2 fedoraproject debian CWE-125
2.5
2021-04-01 CVE-2021-22890 Authentication Bypass by Spoofing vulnerability in multiple products
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets.
3.7
2021-03-23 CVE-2021-3392 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the MegaRAID emulator of QEMU.
local
low complexity
qemu fedoraproject debian CWE-416
3.2
2021-02-25 CVE-2021-20203 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0.
local
low complexity
qemu fedoraproject debian CWE-190
3.2