Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  >> 9.0  Security Vulnerabilities
CVE-2021-27345
A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-10
CVE-2021-27347
Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-10
CVE-2020-25467
A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-06-10
CVE-2020-13950
Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service
CVSS Score
7.5
EPSS Score
0.174
Published
2021-06-10
CVE-2020-35452
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
CVSS Score
7.3
EPSS Score
0.15
Published
2021-06-10
CVE-2021-26690
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service
CVSS Score
7.5
EPSS Score
0.713
Published
2021-06-10
CVE-2021-26691
In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow
CVSS Score
9.8
EPSS Score
0.426
Published
2021-06-10
CVE-2021-30641
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'
CVSS Score
5.3
EPSS Score
0.246
Published
2021-06-10
CVE-2020-24489
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-06-09
CVE-2021-0129
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
CVSS Score
5.7
EPSS Score
0.001
Published
2021-06-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved