Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2022-01-12 CVE-2021-43860 Incorrect Default Permissions vulnerability in multiple products
Flatpak is a Linux application sandboxing and distribution framework.
local
low complexity
flatpak fedoraproject redhat debian CWE-276
8.6
8.6
2022-01-12 CVE-2021-37529 Double Free vulnerability in multiple products
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
local
low complexity
fig2dev-project debian CWE-415
5.5
5.5
2022-01-12 CVE-2021-37530 Out-of-bounds Write vulnerability in multiple products
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
local
low complexity
fig2dev-project debian CWE-787
5.5
5.5
2022-01-12 CVE-2021-44648 Out-of-bounds Write vulnerability in multiple products
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
network
low complexity
gnome fedoraproject debian CWE-787
8.8
8.8
2022-01-10 CVE-2021-36408 Use After Free vulnerability in multiple products
An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265.
local
low complexity
struktur debian CWE-416
5.5
5.5
2022-01-10 CVE-2021-36409 Reachable Assertion vulnerability in multiple products
There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file or possibly have unspecified other impact.
local
low complexity
struktur debian CWE-617
7.8
7.8
2022-01-10 CVE-2021-36410 Out-of-bounds Write vulnerability in multiple products
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.
local
low complexity
struktur debian CWE-787
5.5
5.5
2022-01-10 CVE-2021-36411 Out-of-bounds Read vulnerability in multiple products
An issue has been found in libde265 v1.0.8 due to incorrect access control.
local
low complexity
struktur debian CWE-125
5.5
5.5
2022-01-10 CVE-2021-35452 Out-of-bounds Read vulnerability in multiple products
An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.
network
low complexity
struktur debian CWE-125
6.5
6.5
2022-01-10 CVE-2021-21408 Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject
8.8
8.8