Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-26260 An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1.
local
low complexity
openexr fedoraproject debian
5.5
5.5
2021-06-08 CVE-2021-3564 A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device.
local
low complexity
linux fedoraproject debian
5.5
5.5
2021-06-02 CVE-2020-22054 Memory Leak vulnerability in multiple products
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.
network
low complexity
ffmpeg debian CWE-401
6.5
6.5
2021-06-02 CVE-2020-22046 Memory Leak vulnerability in multiple products
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.
network
low complexity
ffmpeg debian CWE-401
6.5
6.5
2021-06-02 CVE-2020-22048 Memory Leak vulnerability in multiple products
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c.
network
low complexity
ffmpeg debian CWE-401
6.5
6.5
2021-06-02 CVE-2020-22049 Memory Leak vulnerability in multiple products
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c.
network
low complexity
ffmpeg debian CWE-401
6.5
6.5
2021-06-02 CVE-2021-3468 Infinite Loop vulnerability in multiple products
A flaw was found in avahi in versions 0.6 up to 0.8.
local
low complexity
avahi debian CWE-835
5.5
5.5
2021-06-02 CVE-2019-12067 NULL Pointer Dereference vulnerability in multiple products
The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.
local
low complexity
qemu debian fedoraproject redhat CWE-476
6.5
6.5
2021-06-02 CVE-2021-3544 Memory Leak vulnerability in multiple products
Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0.
local
low complexity
qemu debian CWE-401
6.5
6.5
2021-06-02 CVE-2021-3545 Use of Uninitialized Resource vulnerability in multiple products
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0.
local
low complexity
qemu debian CWE-908
6.5
6.5