Debian Linux vulnerabilities
9,911 known vulnerabilities affecting debian/debian_linux.
Total CVEs
9,911
CISA KEV
119
actively exploited
Public exploits
429
Exploited in wild
132
Severity breakdown
CRITICAL1128HIGH4110MEDIUM4311LOW362
Vulnerabilities
Page 146 of 496
CVE-2021-34798HIGHCVSS 7.5v9.0v10.0+1 more2021-09-16
CVE-2021-34798 [HIGH] CWE-476 CVE-2021-34798: Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTT
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
nvd
CVE-2020-21598HIGHCVSS 8.8v10.0v11.02021-09-16
CVE-2020-21598 [HIGH] CWE-787 CVE-2020-21598: libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, w
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
nvd
CVE-2021-36160HIGHCVSS 7.5v9.0v10.0+1 more2021-09-16
CVE-2021-36160 [HIGH] CWE-125 CVE-2021-36160: A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory an
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
nvd
CVE-2021-41079HIGHCVSS 7.5v9.0v10.0+1 more2021-09-16
CVE-2021-41079 [HIGH] CWE-20 CVE-2021-41079: Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate
Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.
nvd
CVE-2020-21596MEDIUMCVSS 6.5v10.0v11.02021-09-16
CVE-2020-21596 [MEDIUM] CWE-120 CVE-2020-21596: libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exp
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
nvd
CVE-2020-21529MEDIUMCVSS 5.5v9.0v10.02021-09-16
CVE-2020-21529 [MEDIUM] CWE-787 CVE-2020-21529: fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
nvd
CVE-2020-21533MEDIUMCVSS 5.5v9.02021-09-16
CVE-2020-21533 [MEDIUM] CWE-787 CVE-2020-21533: fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
nvd
CVE-2020-21534MEDIUMCVSS 5.5v9.02021-09-16
CVE-2020-21534 [MEDIUM] CWE-120 CVE-2020-21534: fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
nvd
CVE-2020-21532MEDIUMCVSS 5.5v9.0v10.02021-09-16
CVE-2020-21532 [MEDIUM] CWE-120 CVE-2020-21532: fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
nvd
CVE-2020-21531MEDIUMCVSS 5.5v9.0v10.02021-09-16
CVE-2020-21531 [MEDIUM] CWE-120 CVE-2020-21531: fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
nvd
CVE-2020-21535MEDIUMCVSS 5.5v9.02021-09-16
CVE-2020-21535 [MEDIUM] CWE-125 CVE-2020-21535: fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
nvd
CVE-2020-21599MEDIUMCVSS 6.5v10.0v11.02021-09-16
CVE-2020-21599 [MEDIUM] CWE-787 CVE-2020-21599: libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
nvd
CVE-2020-21530MEDIUMCVSS 5.5v9.02021-09-16
CVE-2020-21530 [MEDIUM] CVE-2020-21530: fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
nvd
CVE-2020-21597MEDIUMCVSS 6.5v10.0v11.02021-09-16
CVE-2020-21597 [MEDIUM] CWE-787 CVE-2020-21597: libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited vi
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
nvd
CVE-2021-41072HIGHCVSS 8.1v9.0v10.0+1 more2021-09-14
CVE-2021-41072 [HIGH] CVE-2021-41072: squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulne
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and th
nvd
CVE-2021-41054HIGHCVSS 7.5v9.02021-09-13
CVE-2021-41054 [HIGH] CWE-120 CVE-2021-41054: tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not prop
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.
nvd
CVE-2021-3761HIGHCVSS 7.5v11.02021-09-09
CVE-2021-3761 [HIGH] CWE-787 CVE-2021-3761: Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength"
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a BGP hijack which during normal operations would be rejected as "RPKI invalid
nvd
CVE-2021-39201MEDIUMCVSS 5.4v10.0v11.02021-09-09
CVE-2021-39201 [MEDIUM] CWE-79 CVE-2021-39201: WordPress is a free and open-source content management system written in PHP and paired with a MySQL
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post `unfiltered_html`.
nvd
CVE-2020-19144MEDIUMCVSS 6.5v9.02021-09-09
CVE-2020-19144 [MEDIUM] CWE-787 CVE-2020-19144: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFme
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
nvd
CVE-2021-39200MEDIUMCVSS 5.3v10.0v11.02021-09-09
CVE-2021-39200 [MEDIUM] CWE-200 CVE-2021-39200: WordPress is a free and open-source content management system written in PHP and paired with a MySQL
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to perform actions on your behalf. This has been patched in WordPress 5.8.1
nvd