Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-16 CVE-2021-31347 XML Injection (aka Blind XPath Injection) vulnerability in multiple products
An issue was discovered in libezxml.a in ezXML 0.8.6.
network
low complexity
ezxml-project debian CWE-91
6.5
2021-04-15 CVE-2021-29450 Wordpress is an open source CMS.
network
low complexity
wordpress debian
4.3
2021-04-15 CVE-2021-29447 Wordpress is an open source CMS.
network
low complexity
wordpress debian
6.5
2021-04-15 CVE-2021-31229 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in libezxml.a in ezXML 0.8.6.
network
low complexity
ezxml-project debian CWE-787
6.5
2021-04-14 CVE-2021-29338 Integer Overflow or Wraparound vulnerability in multiple products
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS).
local
low complexity
uclouvain fedoraproject debian CWE-190
5.5
2021-04-14 CVE-2020-36322 Incomplete Cleanup vulnerability in multiple products
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf.
local
low complexity
linux debian starwindsoftware CWE-459
5.5
2021-04-13 CVE-2021-29425 Path Traversal vulnerability in multiple products
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
network
high complexity
apache debian oracle netapp CWE-22
4.8
2021-04-11 CVE-2021-30485 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in libezxml.a in ezXML 0.8.6.
network
low complexity
ezxml-project debian CWE-476
6.5
2021-04-09 CVE-2021-30159 An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject
4.3
2021-04-09 CVE-2021-30155 Missing Authorization vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject CWE-862
4.3