Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-09-07 | CVE-2021-39251 | A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22. | Debian_linux, Fedora, Enterprise_linux, Ntfs\-3g | 7.8 | ||
2021-09-07 | CVE-2021-39252 | A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22. | Debian_linux, Fedora, Ntfs\-3g | 7.8 | ||
2021-09-07 | CVE-2021-39253 | A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. | Debian_linux, Fedora, Ntfs\-3g | 7.8 | ||
2021-09-07 | CVE-2021-39254 | A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22. | Debian_linux, Fedora, Ntfs\-3g | 7.8 | ||
2021-09-08 | CVE-2021-28701 | Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervisor enforce that no parallel request can result in the addition of a mapping of such a page to a guest. That enforcement was missing, allowing... | Debian_linux, Fedora, Xen | 7.8 | ||
2021-09-08 | CVE-2021-21897 | A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Dxflib | 8.8 | ||
2021-09-08 | CVE-2021-40346 | An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. | Haproxy, Haproxy_docker_image | 7.5 | ||
2021-09-15 | CVE-2021-3778 | vim is vulnerable to Heap-based Buffer Overflow | Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Vim | 7.8 | ||
2021-09-15 | CVE-2021-3796 | vim is vulnerable to Use After Free | Debian_linux, Fedora, Ontap_select_deploy_administration_utility, Vim | 7.3 | ||
2021-09-16 | CVE-2021-34798 | Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. | Http_server, Brocade_fabric_operating_system_firmware, Debian_linux, Fedora, Cloud_backup, Clustered_data_ontap, Storagegrid, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Http_server, Instantis_enterprisetrack, Peoplesoft_enterprise_peopletools, Zfs_storage_appliance_kit, Ruggedcom_nms, Sinec_nms, Sinema_remote_connect_server, Sinema_server, Tenable\.sc | 7.5 |