Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-11 CVE-2021-28153 Link Following vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.8.
network
low complexity
gnome debian fedoraproject broadcom CWE-59
5.3
2021-03-10 CVE-2021-21375 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
low complexity
teluu debian CWE-754
6.5
2021-03-10 CVE-2020-13959 Cross-site Scripting vulnerability in multiple products
The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL.
network
low complexity
apache debian CWE-79
6.1
2021-03-09 CVE-2021-28116 Out-of-bounds Read vulnerability in multiple products
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data.
network
low complexity
squid-cache fedoraproject debian CWE-125
5.3
2021-03-09 CVE-2021-20255 Uncontrolled Recursion vulnerability in multiple products
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU.
local
low complexity
qemu debian CWE-674
5.5
2021-03-09 CVE-2021-21295 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty netapp debian quarkus apache oracle
5.9
2021-03-09 CVE-2021-20246 A flaw was found in ImageMagick in MagickCore/resample.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
2021-03-09 CVE-2021-20245 A flaw was found in ImageMagick in coders/webp.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
2021-03-09 CVE-2021-20244 A flaw was found in ImageMagick in MagickCore/visual-effects.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
2021-03-09 CVE-2021-21189 Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3