Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-01-01 CVE-2021-45942 Out-of-bounds Write vulnerability in multiple products
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).
local
low complexity
openexr fedoraproject debian CWE-787
5.5
2022-01-01 CVE-2021-45943 Out-of-bounds Write vulnerability in multiple products
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
local
low complexity
osgeo debian fedoraproject oracle CWE-787
5.5
2022-01-01 CVE-2021-45944 Use After Free vulnerability in multiple products
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
local
low complexity
artifex debian CWE-416
5.5
2022-01-01 CVE-2021-45949 Out-of-bounds Write vulnerability in multiple products
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
local
low complexity
artifex debian CWE-787
5.5
2022-01-01 CVE-2021-45958 Out-of-bounds Write vulnerability in multiple products
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode).
5.5
2021-12-31 CVE-2021-4193 vim is vulnerable to Out-of-bounds Read
local
low complexity
vim fedoraproject debian apple
5.5
2021-12-31 CVE-2021-4192 vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject debian apple
7.8
2021-12-30 CVE-2021-4181 Out-of-bounds Read vulnerability in multiple products
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian oracle CWE-125
7.5
2021-12-30 CVE-2021-4184 Infinite Loop vulnerability in multiple products
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian oracle CWE-835
7.5
2021-12-30 CVE-2021-4185 Infinite Loop vulnerability in multiple products
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian oracle CWE-835
7.5