Debian Linux vulnerabilities

CVE-2021-22895 [MEDIUM] CWE-295 CVE-2021-22895: Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack o Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

CVE-2021-22898 [LOW] CWE-200 CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, kn curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the se

CVE-2021-26691 [CRITICAL] CWE-122 CVE-2021-26691: In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin s In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow

CVE-2020-13950 [HIGH] CWE-476 CVE-2020-13950: Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer deref Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

CVE-2021-26690 [HIGH] CWE-476 CVE-2021-26690: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

CVE-2020-35452 [HIGH] CWE-787 CVE-2020-35452: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overf Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to th

CVE-2021-30641 [MEDIUM] CVE-2021-30641: Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'

CVE-2021-27347 [MEDIUM] CWE-416 CVE-2021-27347: Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.

CVE-2021-27345 [MEDIUM] CWE-476 CVE-2021-27345: A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows att A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file.

CVE-2020-25467 [MEDIUM] CWE-476 CVE-2020-25467: A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file.

CVE-2021-33833 [CRITICAL] CWE-787 CVE-2021-33833: ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress i ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or RDLENGTH (for A or AAAA).

CVE-2020-24489 [HIGH] CWE-459 CVE-2020-24489: Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially ena Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2020-24513 [MEDIUM] CVE-2020-24513: Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authen Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2021-0089 [MEDIUM] CWE-203 CVE-2021-0089: Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentia Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

CVE-2021-33829 [MEDIUM] CWE-79 CVE-2021-33829: A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4 A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled.

CVE-2020-24511 [MEDIUM] CWE-668 CVE-2020-24511: Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user t Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2021-0129 [MEDIUM] CVE-2021-0129: Improper access control in BlueZ may allow an authenticated user to potentially enable information d Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

CVE-2021-28169 [MEDIUM] CWE-200 CVE-2021-28169: For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the Conca For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation o

CVE-2021-26313 [MEDIUM] CWE-208 CVE-2021-26313: Potential speculative code store bypass in all supported CPU products, in conjunction with software Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.

CVE-2020-24512 [LOW] CWE-203 CVE-2020-24512: Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potenti Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.