Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-37967 | Origin Validation Error vulnerability in multiple products Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2021-10-08 | CVE-2021-37968 | Information Exposure Through Discrepancy vulnerability in multiple products Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2021-10-08 | CVE-2021-37971 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2021-10-08 | CVE-2021-37976 | Missing Authorization vulnerability in multiple products Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2021-10-06 | CVE-2021-41125 | Insufficiently Protected Credentials vulnerability in multiple products Scrapy is a high-level web crawling and scraping framework for Python. | 6.5 |
| 2021-10-04 | CVE-2021-32672 | Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. | 4.3 |
| 2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
| 2021-09-27 | CVE-2021-20317 | Improper Initialization vulnerability in multiple products A flaw was found in the Linux kernel. | 4.4 |
| 2021-09-20 | CVE-2021-32276 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in faad2 through 2.10.0. | 5.5 |
| 2021-09-20 | CVE-2021-32280 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in fig2dev before 3.2.8.. | 5.5 |