Vulnerabilities > Debian > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-27 CVE-2020-22034 Out-of-bounds Write vulnerability in multiple products
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences.
network
low complexity
ffmpeg debian CWE-787
8.8
8.8
2021-05-27 CVE-2020-22029 Out-of-bounds Write vulnerability in multiple products
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
network
low complexity
ffmpeg debian CWE-787
8.8
8.8
2021-05-27 CVE-2020-22030 Out-of-bounds Write vulnerability in multiple products
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
network
low complexity
ffmpeg debian CWE-787
8.8
8.8
2021-05-27 CVE-2020-22031 Out-of-bounds Write vulnerability in multiple products
A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to memory corruption and other potential consequences.
network
low complexity
ffmpeg debian CWE-787
8.8
8.8
2021-05-27 CVE-2021-22885 Information Exposure Through an Error Message vulnerability in multiple products
A possible information disclosure / unintended method execution vulnerability in Action Pack >= 2.0.0 when using the `redirect_to` or `polymorphic_url`helper with untrusted user input.
network
low complexity
rubyonrails debian CWE-209
7.5
7.5
2021-05-27 CVE-2021-28651 Memory Leak vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian fedoraproject netapp CWE-401
7.5
7.5
2021-05-26 CVE-2021-3561 An Out of Bounds flaw was found fig2dev version 3.2.8a.
local
low complexity
fig2dev-project fedoraproject debian
7.1
7.1
2021-05-26 CVE-2020-22015 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.
network
low complexity
ffmpeg debian CWE-120
8.8
8.8
2021-05-26 CVE-2021-33038 Incorrect Default Permissions vulnerability in multiple products
An issue was discovered in management/commands/hyperkitty_import.py in HyperKitty through 1.3.4.
network
low complexity
hyperkitty-project debian CWE-276
7.5
7.5
2021-05-26 CVE-2020-27815 A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges.
local
low complexity
linux debian netapp
7.8
7.8