Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
8866 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21112 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-08-03 | 8.8 High |
| Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-20277 | 4 Debian, Fedoraproject, Redhat and 1 more | 8 Debian Linux, Fedora, Enterprise Linux and 5 more | 2024-08-03 | 7.5 High |
| A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20299 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-08-03 | 7.5 High |
| A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20317 | 3 Debian, Linux, Redhat | 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-08-03 | 4.4 Medium |
| A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP. | ||||
| CVE-2021-20302 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-08-03 | 5.5 Medium |
| A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20305 | 5 Debian, Fedoraproject, Netapp and 2 more | 10 Debian Linux, Fedora, Active Iq Unified Manager and 7 more | 2024-08-03 | 8.1 High |
| A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2021-20313 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-08-03 | 7.5 High |
| A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate signatures in TransformSignature is possible. The highest threat from this vulnerability is to data confidentiality. | ||||
| CVE-2021-20298 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-08-03 | 7.5 High |
| A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20300 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-08-03 | 5.5 Medium |
| A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20308 | 2 Debian, Htmldoc Project | 2 Debian Linux, Htmldoc | 2024-08-03 | 9.8 Critical |
| Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. | ||||
| CVE-2021-20321 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-08-03 | 4.7 Medium |
| A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system. | ||||
| CVE-2021-20316 | 3 Debian, Redhat, Samba | 8 Debian Linux, Enterprise Linux, Enterprise Linux Aus and 5 more | 2024-08-03 | 6.8 Medium |
| A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share. | ||||
| CVE-2021-20303 | 2 Debian, Openexr | 2 Debian Linux, Openexr | 2024-08-03 | 6.1 Medium |
| A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well. | ||||
| CVE-2021-20307 | 3 Debian, Fedoraproject, Libpano13 Project | 3 Debian Linux, Fedora, Libpano13 | 2024-08-03 | 9.8 Critical |
| Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values. | ||||
| CVE-2021-20275 | 2 Debian, Privoxy | 2 Debian Linux, Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service. | ||||
| CVE-2021-20322 | 6 Debian, Fedoraproject, Linux and 3 more | 34 Debian Linux, Fedora, Linux Kernel and 31 more | 2024-08-03 | 7.4 High |
| A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. | ||||
| CVE-2021-20276 | 2 Debian, Privoxy | 2 Debian Linux, Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in privoxy before 3.0.32. Invalid memory access with an invalid pattern passed to pcre_compile() may lead to denial of service. | ||||
| CVE-2021-20309 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-08-03 | 7.5 High |
| A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2021-20292 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-08-03 | 6.7 Medium |
| There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. | ||||
| CVE-2021-20272 | 2 Debian, Privoxy | 2 Debian Linux, Privoxy | 2024-08-03 | 7.5 High |
| A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash. | ||||