Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-03-05 CVE-2023-27635 Injection vulnerability in Debian Debmany 0.88.1
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands (because of an eval call) via a crafted .deb file.
local
low complexity
debian CWE-74
7.8
7.8
2023-03-01 CVE-2023-24751 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc.
network
low complexity
struktur debian CWE-476
6.5
6.5
2023-03-01 CVE-2023-24752 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24754 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24755 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24756 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24757 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24758 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-25221 Out-of-bounds Write vulnerability in multiple products
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.
local
low complexity
struktur debian CWE-787
7.8
7.8
2023-02-28 CVE-2023-27372 SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled.
network
low complexity
spip debian
critical
 9.8
9.8