Debian Linux vulnerabilities

9,911 known vulnerabilities affecting debian/debian_linux.

Total CVEs

9,911

CISA KEV

119

actively exploited

Public exploits

429

Exploited in wild

132

Severity breakdown

CRITICAL1128HIGH4110MEDIUM4311LOW362

Vulnerabilities

Page 133 of 496

CVE-2021-38016HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38016 [HIGH] CWE-863 CVE-2021-38016: Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

nvd

CVE-2021-4055HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4055 [HIGH] CWE-787 CVE-2021-4055: Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who co Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

nvd

CVE-2021-4062HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4062 [HIGH] CWE-787 CVE-2021-4062: Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-38017HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38017 [HIGH] CWE-863 CVE-2021-38017: Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a r Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

nvd

CVE-2021-38014HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38014 [HIGH] CWE-787 CVE-2021-38014: Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-38011HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38011 [HIGH] CWE-416 CVE-2021-38011: Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacke Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-38007HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38007 [HIGH] CWE-843 CVE-2021-38007: Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4056HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4056 [HIGH] CWE-843 CVE-2021-4056: Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potenti Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-38005HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38005 [HIGH] CWE-416 CVE-2021-38005: Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potenti Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4078HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4078 [HIGH] CWE-843 CVE-2021-4078: Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-38008HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38008 [HIGH] CWE-416 CVE-2021-38008: Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentia Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4063HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4063 [HIGH] CWE-416 CVE-2021-4063: Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker t Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-45469HIGHCVSS 7.8v9.0v10.0+1 more2021-12-23

CVE-2021-45469 [HIGH] CWE-125 CVE-2021-45469: In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.

nvd

CVE-2021-4053HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4053 [HIGH] CWE-416 CVE-2021-4053: Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to po Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4067HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4067 [HIGH] CWE-416 CVE-2021-4067: Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4058HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4058 [HIGH] CWE-787 CVE-2021-4058: Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to po Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4079HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4079 [HIGH] CWE-787 CVE-2021-4079: Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to po Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.

nvd

CVE-2021-38006HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-38006 [HIGH] CWE-416 CVE-2021-38006: Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacke Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4066HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4066 [HIGH] CWE-191 CVE-2021-4066: Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to poten Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd

CVE-2021-4057HIGHCVSS 8.8v10.0v11.02021-12-23

CVE-2021-4057 [HIGH] CWE-416 CVE-2021-4057: Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

nvd

← Previous133 / 496Next →