Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 11.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-38114
libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.
Ffmpeg Ffmpeg 4.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
6.5
CVSSv3
CVE-2020-22037
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.
Ffmpeg Ffmpeg 4.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2021-38171
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
Ffmpeg Ffmpeg 4.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
5.9
CVSSv3
CVE-2021-22895
Nextcloud Desktop Client prior to 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
Nextcloud Desktop
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-0545
An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an malicious user to leak sensitive information or achieve code execution in the context of the Blender process when a specially c...
Blender Blender
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-20421
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
Google Android -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
9.8
CVSSv3
CVE-2021-3907
OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code e...
Cloudflare Octorpki
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.3
CVSSv3
CVE-2021-39200
WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions output data of the function wp_die() can be leaked under certain conditions, which can include data like nonces. It can then be used to p...
Wordpress Wordpress
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-26498
An issue exists in Asterisk up to and including 19.x. When using STIR/SHAKEN, it is possible to download files that are not certificates. These files could be much larger than what one would expect to download, leading to Resource Exhaustion. This is fixed in 16.25.2, 18.11.2, an...
Digium Asterisk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.1
CVSSv3
CVE-2022-26499
An SSRF issue exists in Asterisk up to and including 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.
Digium Asterisk
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »