debian
10,149 tracked vulnerabilities.
CVE-2021-3578
HIGH
mbsync <1.3.6 and 1.4.2 - Code Execution via APPENDUID Heap Overflow
Feb 16, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-3560
HIGH
KEV
polkit < 0.119 - Unauthenticated Privilege Escalation via D-Bus Request
Feb 16, 2022
CVSS 7.8
EPSS 0.22
CVE-2021-45444
HIGH
zsh < 5.8.1 - Remote Code Execution via PROMPT_SUBST Expansion
Feb 14, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-20001
CRITICAL
debian-edu-config < 2.12.16 - Incorrect Default Permissions for User Web Shares
Feb 11, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-38172
CRITICAL
perM 0.4.0 - Buffer Overflow via strncpy
Feb 05, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-4043
MEDIUM
gpac/gpac <1.1.0 - NULL Pointer Dereference
Feb 04, 2022
CVSS 5.5
EPSS 0.05
CVE-2021-40403
MEDIUM
Gerbv 2.7.0 and 2.8.0 - Information Disclosure via Pick-and-Place Rotation Parsing
Feb 04, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-40401
HIGH
Gerbv 2.7.0 and 2.7.1 - Use-After-Free in RS-274X Aperture Definition Tokenization
Feb 04, 2022
CVSS 8.6
EPSS 0.01
CVE-2021-46671
MEDIUM
atftp < 0.7.5 - Out-of-bounds Read in options.c
Feb 04, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-43859
HIGH
XStream <1.4.19 - DoS
Feb 01, 2022
CVSS 7.5
EPSS 0.08
CVE-2021-46669
HIGH
MariaDB < 10.2.44 - Use-After-Free via BIGINT Data Type Handling
Feb 01, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-45079
CRITICAL
strongSwan < 5.9.5 - Unauthenticated EAP-Success Spoofing via Early Response
Jan 31, 2022
CVSS 9.1
EPSS 0.03
CVE-2021-4160
MEDIUM
OpenSSL 1.0.2-1.0.2zb, 1.1.1-1.1.1l, 3.0.0 - Carry Propagation Bug in MIPS32/MIPS64 Squaring Procedure
Jan 28, 2022
CVSS 5.9
EPSS 0.04
CVE-2021-22600
MEDIUM
KEV
Linux Kernel - Privilege Escalation
Jan 26, 2022
CVSS 6.6
EPSS 0.06
CVE-2021-22570
MEDIUM
Google Protobuf < 3.15.0 - Null Pointer Dereference via Proto Symbol Parsing
Jan 26, 2022
CVSS 6.5
EPSS 0.03
CVE-2021-3850
CRITICAL
adodb < 5.20.21 - Authentication Bypass
Jan 25, 2022
CVSS 9.1
EPSS 0.02
CVE-2021-45845
HIGH
FreeCAD 0.19 - OS Command Injection via Crafted FCStd Document
Jan 25, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-45844
HIGH
FreeCAD 0.19 - OS Command Injection via Crafted Filename
Jan 25, 2022
CVSS 7.8
EPSS 0.01
CVE-2021-45343
MEDIUM
LibreCAD 2.2.0 - Denial of Service via Crafted DXF Document
Jan 25, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-45342
HIGH
LibreCAD < 2.1.3 - Remote Code Execution via Crafted JWW Document
Jan 25, 2022
CVSS 7.8
EPSS 0.02
CVE-2021-45341
HIGH
LibreCAD < 2.2.0 - Remote Code Execution via Crafted JWW Document
Jan 25, 2022
CVSS 8.8
EPSS 0.07
CVE-2021-23518
HIGH
cached-path-relative < 1.1.0 - Prototype Pollution via Cache Variable
Jan 21, 2022
CVSS 7.3
EPSS 0.02
CVE-2021-45417
HIGH
Advanced Intrusion Detection Environment - Out-of-Bounds Write
Jan 20, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-23225
MEDIUM
Cacti 1.1.38 - Authenticated Stored Cross-Site Scripting via User Copy Function
Jan 19, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-33912
CRITICAL
libspf2 < 1.2.11 - Remote Code Execution via SPF DNS Record Buffer Overflow
Jan 19, 2022
CVSS 9.8
EPSS 0.10
Products
debian_linux 9,999
advanced_package_tool 21
dpkg 14
shadow 8
lintian 6
apt 5
devscripts 3
horde 3
reportbug 3
apt-cacher 2
aptlinex 2
cifs-utils 2
debusine 2
dpkg-dev 2
fsp 2
horde_groupware 2
mime-support 2
netkit 2
python-apt 2
python-dns 2
qpopper 2
xsabre 2
yubiserver 2
FreedomBox 1
adequate 1
amaya 1
apache 1
apache2 1
apt-listchanges 1
apt-setup 1
Quick Filters