Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-10-12 CVE-2021-3671 NULL Pointer Dereference vulnerability in multiple products
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request).
network
low complexity
samba debian netapp CWE-476
6.5
2021-10-12 CVE-2021-25634 Improper Certificate Validation vulnerability in multiple products
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid.
network
low complexity
libreoffice debian CWE-295
5.0
2021-10-11 CVE-2021-25633 Improper Certificate Validation vulnerability in multiple products
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid.
network
low complexity
libreoffice debian CWE-295
5.0
2021-10-08 CVE-2021-37958 Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
network
low complexity
google fedoraproject debian
5.4
2021-10-08 CVE-2021-37963 Side-channel information leakage in DevTools in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to bypass site isolation via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
2021-10-08 CVE-2021-37965 Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
2021-10-08 CVE-2021-37966 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-346
4.3
2021-10-08 CVE-2021-37967 Origin Validation Error vulnerability in multiple products
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-346
4.3
2021-10-08 CVE-2021-37968 Information Exposure Through Discrepancy vulnerability in multiple products
Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-203
4.3
2021-10-08 CVE-2021-37971 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-1021
4.3