Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-01 | CVE-2020-35532 | Out-of-bounds Read vulnerability in multiple products In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride field. | 5.5 |
| 2022-09-01 | CVE-2020-35533 | Out-of-bounds Read vulnerability in multiple products In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file. | 5.5 |
| 2022-09-01 | CVE-2022-3061 | Divide By Zero vulnerability in multiple products Found Linux Kernel flaw in the i740 driver. | 5.5 |
| 2022-08-31 | CVE-2022-1354 | Out-of-bounds Read vulnerability in multiple products A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. | 5.5 |
| 2022-08-31 | CVE-2022-1355 | Stack-based Buffer Overflow vulnerability in multiple products A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. | 6.1 |
| 2022-08-31 | CVE-2022-2153 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. | 5.5 |
| 2022-08-31 | CVE-2022-2519 | Double Free vulnerability in multiple products There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 | 6.5 |
| 2022-08-31 | CVE-2022-2520 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in libtiff 4.4.0rc1. | 6.5 |
| 2022-08-31 | CVE-2022-2521 | Release of Invalid Pointer or Reference vulnerability in multiple products It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. | 6.5 |
| 2022-08-30 | CVE-2021-46837 | NULL Pointer Dereference vulnerability in multiple products res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. | 6.5 |