Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-15 CVE-2021-31229 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in libezxml.a in ezXML 0.8.6.
network
low complexity
ezxml-project debian CWE-787
6.5
6.5
2021-04-14 CVE-2021-29338 Integer Overflow or Wraparound vulnerability in multiple products
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS).
local
low complexity
uclouvain fedoraproject debian CWE-190
5.5
5.5
2021-04-14 CVE-2020-36322 Incomplete Cleanup vulnerability in multiple products
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf.
local
low complexity
linux debian starwindsoftware CWE-459
5.5
5.5
2021-04-13 CVE-2021-29425 Path Traversal vulnerability in multiple products
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
network
high complexity
apache debian oracle netapp CWE-22
4.8
4.8
2021-04-11 CVE-2021-30485 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in libezxml.a in ezXML 0.8.6.
network
low complexity
ezxml-project debian CWE-476
6.5
6.5
2021-04-09 CVE-2021-30159 An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject
4.3
4.3
2021-04-09 CVE-2021-30155 Missing Authorization vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject CWE-862
4.3
4.3
2021-04-09 CVE-2021-30152 Improper Privilege Management vulnerability in multiple products
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2.
network
low complexity
mediawiki debian fedoraproject CWE-269
4.3
4.3
2021-04-08 CVE-2021-3482 Out-of-bounds Write vulnerability in multiple products
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1.
network
low complexity
exiv2 redhat fedoraproject debian CWE-787
6.5
6.5
2021-04-07 CVE-2020-36311 An issue was discovered in the Linux kernel before 5.9.
local
low complexity
linux debian
5.5
5.5