Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-10 CVE-2020-21697 Use After Free vulnerability in multiple products
A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.
network
low complexity
ffmpeg debian CWE-416
6.5
6.5
2021-08-09 CVE-2021-37620 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-37621 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-37622 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-32815 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-09 CVE-2021-34334 Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian
5.5
5.5
2021-08-08 CVE-2021-38198 arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
local
low complexity
linux debian
5.5
5.5
2021-08-08 CVE-2021-38199 fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
low complexity
linux netapp debian
6.5
6.5
2021-08-08 CVE-2021-38204 Use After Free vulnerability in multiple products
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.
low complexity
linux debian CWE-416
6.8
6.8
2021-08-08 CVE-2021-36221 Race Condition vulnerability in multiple products
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
network
high complexity
golang fedoraproject debian oracle siemens CWE-362
5.9
5.9