Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-39371 XXE vulnerability in multiple products
An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity.
network
low complexity
osgeo debian CWE-611
5.0
2021-08-22 CVE-2021-39365 Improper Certificate Validation vulnerability in multiple products
In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks.
network
gnome debian CWE-295
4.3
2021-08-19 CVE-2021-37698 Improper Certificate Validation vulnerability in multiple products
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting.
network
low complexity
icinga debian CWE-295
5.0
2021-08-18 CVE-2021-32728 Improper Certificate Validation vulnerability in multiple products
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer.
network
low complexity
nextcloud debian CWE-295
6.5
2021-08-18 CVE-2021-21837 Integer Overflow or Wraparound vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-190
6.8
2021-08-18 CVE-2021-21838 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-18 CVE-2021-21839 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-18 CVE-2021-21843 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-18 CVE-2021-21844 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8
2021-08-18 CVE-2021-21845 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac debian CWE-119
6.8