Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-27 CVE-2021-28698 Infinite Loop vulnerability in multiple products
long running loops in grant table handling In order to properly monitor resource use, Xen maintains information on the grant mappings a domain may create to map grants offered by other domains.
local
low complexity
xen fedoraproject debian CWE-835
5.5
2021-08-27 CVE-2021-28699 inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status.
local
low complexity
xen fedoraproject debian
5.5
2021-08-27 CVE-2021-28700 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen.
network
low complexity
xen fedoraproject debian CWE-770
4.9
2021-08-27 CVE-2020-23226 Cross-site Scripting vulnerability in multiple products
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.
network
low complexity
cacti debian CWE-79
6.1
2021-08-25 CVE-2021-21834 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-25 CVE-2021-21836 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-25 CVE-2021-21840 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-25 CVE-2021-21841 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-25 CVE-2021-21842 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-25 CVE-2021-21848 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8