Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2023-03-01 CVE-2023-24754 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24755 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24756 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24757 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24758 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-25221 Out-of-bounds Write vulnerability in multiple products
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.
local
low complexity
struktur debian CWE-787
7.8
7.8
2023-02-28 CVE-2023-27372 SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled.
network
low complexity
spip debian
critical
 9.8
9.8
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
6.5
2023-02-23 CVE-2023-23920 Untrusted Search Path vulnerability in multiple products
An untrusted search path vulnerability exists in Node.js.
local
low complexity
nodejs debian CWE-426
4.2
4.2
2023-02-22 CVE-2023-26314 The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
network
low complexity
mono-project debian
8.8
8.8