Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-36410 Out-of-bounds Write vulnerability in multiple products
A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.
local
low complexity
struktur debian CWE-787
5.5
5.5
2022-01-10 CVE-2021-36411 Out-of-bounds Read vulnerability in multiple products
An issue has been found in libde265 v1.0.8 due to incorrect access control.
local
low complexity
struktur debian CWE-125
5.5
5.5
2022-01-10 CVE-2021-35452 Out-of-bounds Read vulnerability in multiple products
An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.
network
low complexity
struktur debian CWE-125
6.5
6.5
2022-01-10 CVE-2021-21408 Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject
8.8
8.8
2022-01-10 CVE-2021-29454 Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic.
network
low complexity
smarty debian fedoraproject
8.8
8.8
2022-01-10 CVE-2022-22815 Improper Initialization vulnerability in multiple products
path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.
network
low complexity
python debian CWE-665
6.5
6.5
2022-01-10 CVE-2022-22816 Out-of-bounds Read vulnerability in multiple products
path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.
network
low complexity
python debian CWE-125
6.5
6.5
2022-01-10 CVE-2022-22817 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method.
network
low complexity
python debian
critical
 9.8
9.8
2022-01-10 CVE-2022-22822 Integer Overflow or Wraparound vulnerability in multiple products
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
network
low complexity
libexpat-project tenable siemens debian CWE-190
critical
 9.8
9.8
2022-01-10 CVE-2022-22823 Integer Overflow or Wraparound vulnerability in multiple products
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
network
low complexity
libexpat-project tenable debian siemens CWE-190
critical
 9.8
9.8