Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-30 | CVE-2021-3476 | A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. | 5.3 |
| 2021-03-30 | CVE-2021-3475 | There is a flaw in OpenEXR in versions before 3.0.0-beta. | 5.3 |
| 2021-03-30 | CVE-2021-3474 | There's a flaw in OpenEXR in versions before 3.0.0-beta. | 5.3 |
| 2021-03-30 | CVE-2021-21409 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 5.9 |
| 2021-03-26 | CVE-2021-29265 | Race Condition vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.7. | 4.7 |
| 2021-03-26 | CVE-2021-29264 | An issue was discovered in the Linux kernel through 5.11.10. | 5.5 |
| 2021-03-25 | CVE-2021-3449 | NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. | 5.9 |
| 2021-03-23 | CVE-2021-3409 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. | 5.7 |
| 2021-03-22 | CVE-2021-28971 | Improper Handling of Exceptional Conditions vulnerability in multiple products In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | 5.5 |
| 2021-03-22 | CVE-2021-28964 | Race Condition vulnerability in multiple products A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. | 4.7 |