debian

10,149 tracked vulnerabilities.

CVE-2021-3578 HIGH
mbsync <1.3.6 and 1.4.2 - Code Execution via APPENDUID Heap Overflow
Feb 16, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-3560 HIGH KEV
polkit < 0.119 - Unauthenticated Privilege Escalation via D-Bus Request
Feb 16, 2022
CVSS 7.8
EPSS 0.22
CVE-2021-45444 HIGH
zsh < 5.8.1 - Remote Code Execution via PROMPT_SUBST Expansion
Feb 14, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-20001 CRITICAL
debian-edu-config < 2.12.16 - Incorrect Default Permissions for User Web Shares
Feb 11, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-38172 CRITICAL
perM 0.4.0 - Buffer Overflow via strncpy
Feb 05, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-4043 MEDIUM
gpac/gpac <1.1.0 - NULL Pointer Dereference
Feb 04, 2022
CVSS 5.5
EPSS 0.05
CVE-2021-40403 MEDIUM
Gerbv 2.7.0 and 2.8.0 - Information Disclosure via Pick-and-Place Rotation Parsing
Feb 04, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-40401 HIGH
Gerbv 2.7.0 and 2.7.1 - Use-After-Free in RS-274X Aperture Definition Tokenization
Feb 04, 2022
CVSS 8.6
EPSS 0.01
CVE-2021-46671 MEDIUM
atftp < 0.7.5 - Out-of-bounds Read in options.c
Feb 04, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-43859 HIGH
XStream <1.4.19 - DoS
Feb 01, 2022
CVSS 7.5
EPSS 0.08
CVE-2021-46669 HIGH
MariaDB < 10.2.44 - Use-After-Free via BIGINT Data Type Handling
Feb 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-45079 CRITICAL
strongSwan < 5.9.5 - Unauthenticated EAP-Success Spoofing via Early Response
Jan 31, 2022
CVSS 9.1
EPSS 0.03
CVE-2021-4160 MEDIUM
OpenSSL 1.0.2-1.0.2zb, 1.1.1-1.1.1l, 3.0.0 - Carry Propagation Bug in MIPS32/MIPS64 Squaring Procedure
Jan 28, 2022
CVSS 5.9
EPSS 0.04
CVE-2021-22600 MEDIUM KEV
Linux Kernel - Privilege Escalation
Jan 26, 2022
CVSS 6.6
EPSS 0.06
CVE-2021-22570 MEDIUM
Google Protobuf < 3.15.0 - Null Pointer Dereference via Proto Symbol Parsing
Jan 26, 2022
CVSS 6.5
EPSS 0.03
CVE-2021-3850 CRITICAL
adodb < 5.20.21 - Authentication Bypass
Jan 25, 2022
CVSS 9.1
EPSS 0.02
CVE-2021-45845 HIGH
FreeCAD 0.19 - OS Command Injection via Crafted FCStd Document
Jan 25, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-45844 HIGH
FreeCAD 0.19 - OS Command Injection via Crafted Filename
Jan 25, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-45343 MEDIUM
LibreCAD 2.2.0 - Denial of Service via Crafted DXF Document
Jan 25, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-45342 HIGH
LibreCAD < 2.1.3 - Remote Code Execution via Crafted JWW Document
Jan 25, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-45341 HIGH
LibreCAD < 2.2.0 - Remote Code Execution via Crafted JWW Document
Jan 25, 2022
CVSS 8.8
EPSS 0.07
CVE-2021-23518 HIGH
cached-path-relative < 1.1.0 - Prototype Pollution via Cache Variable
Jan 21, 2022
CVSS 7.3
EPSS 0.02
CVE-2021-45417 HIGH
Advanced Intrusion Detection Environment - Out-of-Bounds Write
Jan 20, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-23225 MEDIUM
Cacti 1.1.38 - Authenticated Stored Cross-Site Scripting via User Copy Function
Jan 19, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-33912 CRITICAL
libspf2 < 1.2.11 - Remote Code Execution via SPF DNS Record Buffer Overflow
Jan 19, 2022
CVSS 9.8
EPSS 0.10