Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-10 CVE-2021-21375 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
low complexity
teluu debian CWE-754
6.5
6.5
2021-03-10 CVE-2020-13959 Cross-site Scripting vulnerability in multiple products
The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL.
network
low complexity
apache debian CWE-79
6.1
6.1
2021-03-09 CVE-2021-28116 Out-of-bounds Read vulnerability in multiple products
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data.
network
low complexity
squid-cache fedoraproject debian CWE-125
5.3
5.3
2021-03-09 CVE-2021-21295 HTTP Request Smuggling vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty netapp debian quarkus apache oracle CWE-444
5.9
5.9
2021-03-09 CVE-2021-20246 A flaw was found in ImageMagick in MagickCore/resample.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-20245 A flaw was found in ImageMagick in coders/webp.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-20244 A flaw was found in ImageMagick in MagickCore/visual-effects.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-21189 Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2021-03-09 CVE-2021-21187 Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
network
low complexity
google fedoraproject debian
4.3
4.3
2021-03-09 CVE-2021-21186 Incorrect Authorization vulnerability in multiple products
Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code.
network
low complexity
google fedoraproject debian CWE-863
4.3
4.3