Debian Linux vulnerabilities
9,911 known vulnerabilities affecting debian/debian_linux.
Total CVEs
9,911
CISA KEV
119
actively exploited
Public exploits
429
Exploited in wild
132
Severity breakdown
CRITICAL1128HIGH4110MEDIUM4311LOW362
Vulnerabilities
Page 147 of 496
CVE-2020-19143MEDIUMCVSS 6.5v11.02021-09-09
CVE-2020-19143 [MEDIUM] CWE-787 CVE-2020-19143: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetFi
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
nvd
CVE-2021-21897HIGHCVSS 8.8v9.02021-09-08
CVE-2021-21897 [HIGH] CWE-191 CVE-2021-21897: A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsof
A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
nvd
CVE-2021-21996HIGHCVSS 7.5v9.0v10.0+1 more2021-09-08
CVE-2021-21996 [HIGH] CVE-2021-21996: An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and s
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
nvd
CVE-2021-40346HIGHCVSS 7.5v11.02021-09-08
CVE-2021-40346 [HIGH] CWE-190 CVE-2021-40346: An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to per
An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.
nvd
CVE-2021-28701HIGHCVSS 7.8v11.02021-09-08
CVE-2021-28701 [HIGH] CWE-362 CVE-2021-28701: Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pa
Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned pages of memory. The majority of such pages remain allocated / associated with a guest for its entire lifetime. Grant table v2 status pages, however, are de-allocated when a guest switches (back) from v2 to v1. Freeing such pages requires that the hypervi
nvd
CVE-2020-19131HIGHCVSS 7.5v9.02021-09-07
CVE-2020-19131 [HIGH] CWE-787 CVE-2020-19131: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImag
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
nvd
CVE-2021-33285HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-33285 [HIGH] CWE-787 CVE-2021-33285: In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is
nvd
CVE-2021-35269HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-35269 [HIGH] CWE-787 CVE-2021-35269: NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the f
NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges.
nvd
CVE-2021-35267HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-35267 [HIGH] CWE-787 CVE-2021-35267: NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the M
NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.
nvd
CVE-2021-33286HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-33286 [HIGH] CWE-787 CVE-2021-33286: In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS imag
In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.
nvd
CVE-2021-39254HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39254 [HIGH] CWE-190 CVE-2021-39254: A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overfl
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the function ntfs_attr_record_resize, in NTFS-3G < 2021.8.22.
nvd
CVE-2021-39252HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39252 [HIGH] CWE-125 CVE-2021-39252: A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.
A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.
nvd
CVE-2021-39251HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39251 [HIGH] CWE-476 CVE-2021-39251: A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 202
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G < 2021.8.22.
nvd
CVE-2021-35266HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-35266 [HIGH] CWE-787 CVE-2021-35266: In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution.
nvd
CVE-2021-39262HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39262 [HIGH] CWE-787 CVE-2021-39262: A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.
A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.
nvd
CVE-2021-39255HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39255 [HIGH] CWE-125 CVE-2021-39255: A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22.
nvd
CVE-2021-39256HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39256 [HIGH] CWE-787 CVE-2021-39256: A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS-3G < 2021.8.22.
nvd
CVE-2021-39258HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39258 [HIGH] CWE-125 CVE-2021-39258: A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in
A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22.
nvd
CVE-2021-39259HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-39259 [HIGH] CWE-787 CVE-2021-39259: A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22.
nvd
CVE-2021-33289HIGHCVSS 7.8v9.0v10.0+1 more2021-09-07
CVE-2021-33289 [HIGH] CWE-787 CVE-2021-33289: In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a
In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.
nvd