Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-11-19 | CVE-2021-39924 | Large loop in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | Debian_linux, Fedora, Wireshark | 7.5 | ||
2021-11-19 | CVE-2021-39925 | Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | Debian_linux, Fedora, Wireshark | 7.5 | ||
2021-11-19 | CVE-2021-39926 | Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file | Debian_linux, Fedora, Wireshark | 7.5 | ||
2021-11-19 | CVE-2021-39929 | Uncontrolled Recursion in the Bluetooth DHT dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file | Debian_linux, Fedora, Wireshark | 7.5 | ||
2021-11-19 | CVE-2021-21899 | A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | Debian_linux, Fedora, Libdxfrw | 8.8 | ||
2021-11-19 | CVE-2021-21900 | A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can lead to a use-after-free vulnerability. An attacker can provide a malicious file to trigger this vulnerability. | Debian_linux, Fedora, Libdxfrw | 8.8 | ||
2021-11-19 | CVE-2021-40391 | An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | Debian_linux, Fedora, Gerbv | 9.8 | ||
2021-11-19 | CVE-2021-21898 | A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | Debian_linux, Fedora, Libdxfrw | 8.8 | ||
2021-11-22 | CVE-2021-3935 | When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1. | Debian_linux, Fedora, Pgbouncer, Enterprise_linux | 8.1 | ||
2021-11-22 | CVE-2021-44143 | A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers (i.e., one that starts with an empty line) to provoke a heap overflow, which could conceivably be exploited for remote code execution. | Debian_linux, Fedora, Isync | 9.8 |