Vulnerabilities > Debian > Debian Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-11 | CVE-2022-1623 | Out-of-bounds Read vulnerability in multiple products LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
| 2022-05-09 | CVE-2022-27114 | Integer Overflow or Wraparound vulnerability in multiple products There is a vulnerability in htmldoc 1.9.16. | 4.3 |
| 2022-05-05 | CVE-2022-27337 | A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 6.5 |
| 2022-05-05 | CVE-2022-1516 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. | 5.5 |
| 2022-05-04 | CVE-2022-20796 | NULL Pointer Dereference vulnerability in multiple products On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. | 5.5 |
| 2022-05-03 | CVE-2022-29824 | Integer Overflow or Wraparound vulnerability in multiple products In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. | 6.5 |
| 2022-05-02 | CVE-2021-42528 | NULL Pointer Dereference vulnerability in multiple products XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. | 5.5 |
| 2022-04-29 | CVE-2022-1195 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. | 5.5 |
| 2022-04-28 | CVE-2022-29869 | Information Exposure Through Log Files vulnerability in multiple products cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. | 5.3 |
| 2022-04-19 | CVE-2022-21426 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). | 5.3 |