Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-16 CVE-2020-21535 Out-of-bounds Read vulnerability in multiple products
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
local
low complexity
xfig-project debian CWE-125
5.5
5.5
2021-09-09 CVE-2021-39201 WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database.
network
low complexity
wordpress debian
5.4
5.4
2021-09-09 CVE-2020-19143 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
network
low complexity
simplesystems debian CWE-787
6.5
6.5
2021-09-09 CVE-2020-19144 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
network
low complexity
simplesystems debian netapp CWE-787
6.5
6.5
2021-09-07 CVE-2021-39257 Uncontrolled Recursion vulnerability in multiple products
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22.
local
low complexity
tuxera debian CWE-674
5.5
5.5
2021-09-03 CVE-2021-39191 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject debian
6.1
6.1
2021-09-03 CVE-2021-40491 Insufficient Verification of Data Authenticity vulnerability in multiple products
The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address.
network
low complexity
gnu debian CWE-345
6.5
6.5
2021-09-01 CVE-2021-36058 XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user.
local
low complexity
adobe debian
5.5
5.5
2021-08-31 CVE-2021-40085 An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1.
network
low complexity
openstack debian
6.5
6.5
2021-08-31 CVE-2021-3634 Out-of-bounds Write vulnerability in multiple products
A flaw has been found in libssh in versions prior to 0.9.6. 		6.5
6.5