Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-02 | CVE-2022-43248 | Out-of-bounds Write vulnerability in multiple products Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. | 6.5 |
| 2022-11-02 | CVE-2022-43249 | Out-of-bounds Write vulnerability in multiple products Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. | 6.5 |
| 2022-11-02 | CVE-2022-43250 | Out-of-bounds Write vulnerability in multiple products Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. | 6.5 |
| 2022-11-02 | CVE-2022-43252 | Out-of-bounds Write vulnerability in multiple products Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. | 6.5 |
| 2022-11-02 | CVE-2022-43253 | Out-of-bounds Write vulnerability in multiple products Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. | 6.5 |
| 2022-11-01 | CVE-2022-42799 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products The issue was addressed with improved UI handling. | 6.1 |
| 2022-11-01 | CVE-2022-42824 | A logic issue was addressed with improved state management. | 5.5 |
| 2022-11-01 | CVE-2022-42310 | Incomplete Cleanup vulnerability in multiple products Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. | 5.5 |
| 2022-11-01 | CVE-2022-42311 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. | 6.5 |
| 2022-11-01 | CVE-2022-42312 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. | 6.5 |