Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-16 CVE-2020-21533 Out-of-bounds Write vulnerability in multiple products
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
4.3
2021-09-16 CVE-2020-21534 Classic Buffer Overflow vulnerability in multiple products
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
4.3
2021-09-16 CVE-2020-21535 Out-of-bounds Read vulnerability in multiple products
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
local
low complexity
xfig-project debian CWE-125
5.5
2021-09-13 CVE-2021-41054 Classic Buffer Overflow vulnerability in multiple products
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.
network
low complexity
atftp-project debian CWE-120
5.0
2021-09-09 CVE-2021-39200 Information Exposure vulnerability in multiple products
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database.
4.3
2021-09-09 CVE-2020-19143 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
4.3
2021-09-09 CVE-2020-19144 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
4.3
2021-09-09 CVE-2021-3761 Out-of-bounds Write vulnerability in multiple products
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate.
network
low complexity
cloudflare debian CWE-787
5.0
2021-09-07 CVE-2020-19131 Out-of-bounds Write vulnerability in multiple products
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
network
low complexity
simplesystems debian CWE-787
5.0
2021-09-07 CVE-2021-39257 Uncontrolled Recursion vulnerability in multiple products
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22.
local
low complexity
tuxera debian CWE-674
5.5