Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2021-3504 | A flaw was found in the hivex library in versions before 1.3.20. | 5.4 |
| 2021-05-11 | CVE-2020-26139 | Improper Authentication vulnerability in multiple products An issue was discovered in the kernel in NetBSD 7.1. | 5.3 |
| 2021-05-11 | CVE-2020-26147 | An issue was discovered in the Linux kernel 5.8.9. | 5.4 |
| 2021-05-06 | CVE-2021-31916 | An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. | 6.7 |
| 2021-05-06 | CVE-2021-31829 | Incorrect Authorization vulnerability in multiple products kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. | 5.5 |
| 2021-05-06 | CVE-2021-3507 | A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). | 6.1 |
| 2021-05-05 | CVE-2021-20254 | A flaw was found in samba. | 6.8 |
| 2021-04-30 | CVE-2021-21229 | Origin Validation Error vulnerability in multiple products Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | 6.5 |
| 2021-04-30 | CVE-2021-21228 | Incorrect Authorization vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | 4.3 |
| 2021-04-29 | CVE-2021-21417 | Use After Free vulnerability in multiple products fluidsynth is a software synthesizer based on the SoundFont 2 specifications. | 5.5 |