debian

10,149 tracked vulnerabilities.

CVE-2021-41990 HIGH
strongSwan < 5.9.4 - Integer Overflow via RSASSA-PSS Certificate Signature
Oct 18, 2021
CVSS 7.5
EPSS 0.06
CVE-2021-38562 HIGH
Best Practical Request Tracker 4.2.0-4.2.16, 4.4.0-4.4.4, 5.0.0-5.0.1 - Information Disclosure via Timing Attack
Oct 18, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-28021 HIGH
stb 2.26 - Out-of-bounds Write in stbi__extend_receive
Oct 15, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-42340 HIGH
Apache Tomcat 8.5.60-8.5.71, 9.0.40-9.0.53, 10.0.0-M1-10.0.11, 10.1.0-M1-10.1.0-M5 Memory Leak via WebSocket
Oct 14, 2021
CVSS 7.5
EPSS 0.11
CVE-2021-40732 MEDIUM
XMP Toolkit <2020.1 - Info Disclosure
Oct 13, 2021
CVSS 6.1
EPSS 0.02
CVE-2021-42326 MEDIUM
Redmine <4.1.5, <4.2.3 - Info Disclosure
Oct 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-3671 MEDIUM
Samba < 4.13.12 - Authenticated Denial of Service via Missing sname in TGS-REQ
Oct 12, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-41136 LOW
Puma < 4.3.8 and 5.0.0-5.5.1 - HTTP Request Smuggling via LF Character in Forwarded Headers
Oct 12, 2021
CVSS 3.7
EPSS 0.01
CVE-2021-25634 HIGH
LibreOffice 7.0.0-7.0.5 and 7.1.0-7.1.1 - Improper Certificate Validation in ODF Document Signature Verification
Oct 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-42260 HIGH
TinyXML < 2.6.2 - Denial of Service via Infinite Loop in TiXmlParsingData::Stamp
Oct 11, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-25633 HIGH
LibreOffice 7.0.0-7.0.5 and 7.1.0-7.1.1 - Improper Certificate Validation via Manipulated Document Signatures
Oct 11, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-37976 MEDIUM KEV
Google Chrome < 94.0.4606.71 - Unauthenticated Sensitive Information Exposure via Crafted HTML Page
Oct 08, 2021
CVSS 6.5
EPSS 0.20
CVE-2021-37975 HIGH KEV
Google Chrome < 94.0.4606.71 - Use-After-Free in V8 via Crafted HTML Page
Oct 08, 2021
CVSS 8.8
EPSS 0.35
CVE-2021-37974 HIGH
Google Chrome < 94.0.4606.71 - Use-After-Free in Safebrowsing
Oct 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-37973 CRITICAL KEV
Google Chrome < 94.0.4606.61 - Use-After-Free in Portals
Oct 08, 2021
CVSS 9.6
EPSS 0.12
CVE-2021-37972 HIGH
Google Chrome < 94.0.4606.54 - Out-of-bounds Read in libjpeg-turbo via Crafted HTML Page
Oct 08, 2021
CVSS 8.8
EPSS 0.02
CVE-2021-37971 MEDIUM
Google Chrome < 94.0.4606.54 - Security UI Spoofing via Omnibox Manipulation
Oct 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-37970 HIGH
Google Chrome < 94.0.4606.54 - Use-After-Free in File System API
Oct 08, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-37969 HIGH
Google Chrome < 94.0.4606.54 - Local Privilege Escalation via Crafted File
Oct 08, 2021
CVSS 7.8
EPSS 0.01
CVE-2021-37968 MEDIUM
Google Chrome < 94.0.4606.54 - Cross-Origin Data Leak via Background Fetch API
Oct 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-37967 MEDIUM
Google Chrome < 94.0.4606.54 - Cross-Origin Data Leak via Background Fetch API
Oct 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-37966 MEDIUM
Google Chrome < 94.0.4606.54 - URL Spoofing via Omnibox Manipulation
Oct 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-37965 MEDIUM
Google Chrome <94.0.4606.54 - Info Disclosure
Oct 08, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-37964 LOW
Google Chrome < 94.0.4606.54 - Wifi Impersonation via Crafted ONC File
Oct 08, 2021
CVSS 3.3
EPSS 0.01
CVE-2021-37963 MEDIUM
Google Chrome < 94.0.4606.54 - Side-Channel Information Leakage via DevTools
Oct 08, 2021
CVSS 4.3
EPSS 0.01