The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Debian

MariaDB: privilege escalation via wsrep_provider/notify_cmd
An attacker can bypass restrictions via wsrep_provider/notify_cmd of MariaDB, in order to escalate his privileges...
CVE-2021-27928, DLA-2605-1, RHSA-2021:1240-01, RHSA-2021:1241-01, RHSA-2021:1242-01, VIGILANCE-VUL-34894
Linux kernel: information disclosure via iscsi_host_get_param
A local attacker can read a memory fragment via iscsi_host_get_param() of the Linux kernel, in order to obtain sensitive information...
CERTFR-2021-AVI-191, CERTFR-2021-AVI-211, CERTFR-2021-AVI-217, CERTFR-2021-AVI-220, CERTFR-2021-AVI-241, CERTFR-2021-AVI-242, CERTFR-2021-AVI-264, CERTFR-2021-AVI-266, CERTFR-2021-AVI-278, CERTFR-2021-AVI-284, CVE-2021-27365, DLA-2586-1, DLA-2610-1, openSUSE-SU-2021:0532-1, RHSA-2021:1069-01, RHSA-2021:1070-01, RHSA-2021:1071-01, RHSA-2021:1081-01, RHSA-2021:1093-01, RHSA-2021:1171-01, RHSA-2021:1173-01, RHSA-2021:1267-01, RHSA-2021:1272-01, RHSA-2021:1279-01, RHSA-2021:1288-01, RHSA-2021:1289-01, RHSA-2021:1295-01, SSA:2021-072-01, SUSE-SU-2021:1175-1, SUSE-SU-2021:1176-1, SUSE-SU-2021:1177-1, SUSE-SU-2021:1210-1, SUSE-SU-2021:1211-1, SUSE-SU-2021:1238-1, USN-4883-1, USN-4887-1, USN-4889-1, USN-4901-1, VIGILANCE-VUL-34764
Python aiohttp: open redirect
An attacker can deceive the user of Python aiohttp, in order to redirect him to a malicious site...
CVE-2021-21330, DSA-4864-1, VIGILANCE-VUL-34708
QEMU: denial of service via NIC Loopback Mode
An attacker, inside a guest system, can trigger a fatal error via NIC Loopback Mode of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-3416, DLA-2623-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1243-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, VIGILANCE-VUL-34703
QEMU: overload via e1000
An attacker, inside a guest system, can trigger an overload via e1000 of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20257, DLA-2623-1, SUSE-SU-2021:1023-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1243-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, SUSE-SU-2021:1251-1, SUSE-SU-2021:1252-1, SUSE-SU-2021:14702-1, SUSE-SU-2021:14704-1, VIGILANCE-VUL-34685
QEMU: denial of service via eepro100
An attacker, inside a guest system, can trigger a fatal error via eepro100 of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20255, DLA-2623-1, VIGILANCE-VUL-34684
ImageMagick: denial of service via MagickCore/gem.c
An attacker can trigger a fatal error via MagickCore/gem.c of ImageMagick, in order to trigger a denial of service...
CVE-2021-20176, DLA-2602-1, SUSE-SU-2021:0528-1, VIGILANCE-VUL-34627
QEMU: integer overflow via vmxnet3
An attacker, inside a guest system, can trigger an integer overflow via vmxnet3 of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
CVE-2021-20203, DLA-2623-1, openSUSE-SU-2021:0363-1, SUSE-SU-2021:0521-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, VIGILANCE-VUL-34626
unrar-free: out-of-bounds memory reading via ExtrFile
An attacker can force a read at an invalid address via ExtrFile() of unrar-free, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2017-14122, DLA-2567-1, VIGILANCE-VUL-34622
unrar-free: NULL pointer dereference via DecodeNumber
An attacker can force a NULL pointer to be dereferenced via DecodeNumber() of unrar-free, in order to trigger a denial of service...
CVE-2017-14121, DLA-2567-1, VIGILANCE-VUL-34621
Our database contains other pages. You can request a free trial to read them.

Display information about Debian: