Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-05 | CVE-2021-40516 | Out-of-bounds Read vulnerability in multiple products WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin. | 5.0 |
| 2021-09-03 | CVE-2021-39191 | Open Redirect vulnerability in multiple products mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. | 6.1 |
| 2021-09-03 | CVE-2021-40491 | Insufficient Verification of Data Authenticity vulnerability in multiple products The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. | 6.5 |
| 2021-09-01 | CVE-2021-36056 | Heap-based Buffer Overflow vulnerability in multiple products XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. | 5.5 |
| 2021-09-01 | CVE-2021-36058 | Integer Overflow or Wraparound vulnerability in multiple products XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. | 5.5 |
| 2021-08-31 | CVE-2021-40085 | An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. | 4.0 |
| 2021-08-31 | CVE-2021-3634 | Out-of-bounds Write vulnerability in multiple products A flaw has been found in libssh in versions prior to 0.9.6. | 6.5 |
| 2021-08-27 | CVE-2021-28694 | IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. | 6.8 |
| 2021-08-27 | CVE-2021-28695 | IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. | 6.8 |
| 2021-08-27 | CVE-2021-28696 | Incorrect Authorization vulnerability in multiple products IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. | 6.8 |