Vulnerabilities > Debian > Debian Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-11 | CVE-2022-0909 | Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
2022-03-11 | CVE-2022-0924 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
2022-03-11 | CVE-2022-26874 | Cross-site Scripting vulnerability in multiple products lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. | 5.4 |
2022-03-10 | CVE-2022-26846 | SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. | 6.5 |
2022-03-10 | CVE-2022-26847 | Information Exposure vulnerability in multiple products SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects. | 5.0 |
2022-03-10 | CVE-2022-26661 | XXE vulnerability in multiple products An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. | 4.0 |
2022-03-10 | CVE-2022-26662 | XML Entity Expansion vulnerability in multiple products An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. | 5.0 |
2022-03-10 | CVE-2022-0865 | Reachable Assertion vulnerability in multiple products Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
2022-03-10 | CVE-2021-32434 | Out-of-bounds Read vulnerability in multiple products abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. | 5.5 |
2022-03-10 | CVE-2021-32435 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 5.5 |