Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-31 | CVE-2021-4193 | Out-of-bounds Read vulnerability in multiple products vim is vulnerable to Out-of-bounds Read | 5.5 |
| 2021-12-28 | CVE-2021-44832 | Improper Input Validation vulnerability in multiple products Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. | 6.6 |
| 2021-12-28 | CVE-2021-45909 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in gif2apng 1.9. | 6.8 |
| 2021-12-28 | CVE-2021-45910 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in gif2apng 1.9. | 6.8 |
| 2021-12-28 | CVE-2021-45911 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in gif2apng 1.9. | 6.8 |
| 2021-12-24 | CVE-2021-45480 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.15.11. | 4.7 |
| 2021-12-23 | CVE-2021-38009 | Information Exposure Through Discrepancy vulnerability in multiple products Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-12-23 | CVE-2021-38010 | Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | 6.5 |
| 2021-12-23 | CVE-2021-38018 | Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | 6.5 |
| 2021-12-23 | CVE-2021-38019 | Always-Incorrect Control Flow Implementation vulnerability in multiple products Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |