Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-07-30 CVE-2021-32558 Injection vulnerability in multiple products
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10.
network
low complexity
digium debian CWE-74
5.0
2021-07-30 CVE-2021-35472 Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products
An issue was discovered in LemonLDAP::NG before 2.0.12.
6.0
2021-07-23 CVE-2021-32686 Race Condition vulnerability in multiple products
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
high complexity
teluu debian CWE-362
5.9
2021-07-22 CVE-2021-36222 NULL Pointer Dereference vulnerability in multiple products
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash.
network
low complexity
mit debian netapp oracle CWE-476
5.0
2021-07-22 CVE-2021-1093 Improper Resource Shutdown or Release vulnerability in multiple products
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.
local
low complexity
nvidia debian CWE-404
5.5
2021-07-22 CVE-2021-1094 Out-of-bounds Read vulnerability in multiple products
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.
local
low complexity
nvidia debian CWE-125
6.1
2021-07-22 CVE-2021-1095 NULL Pointer Dereference vulnerability in multiple products
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.
local
low complexity
nvidia debian CWE-476
5.5
2021-07-21 CVE-2021-37159 Use After Free vulnerability in multiple products
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
high complexity
linux debian oracle CWE-416
6.4
2021-07-21 CVE-2020-19609 Out-of-bounds Write vulnerability in multiple products
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
local
low complexity
artifex debian CWE-787
5.5
2021-07-21 CVE-2021-2369 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library).
network
low complexity
oracle debian
4.3