Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-21 | CVE-2022-42334 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. | 6.5 |
| 2023-03-01 | CVE-2023-24751 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. | 6.5 |
| 2023-03-01 | CVE-2023-24752 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. | 5.5 |
| 2023-03-01 | CVE-2023-24754 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. | 5.5 |
| 2023-03-01 | CVE-2023-24755 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. | 5.5 |
| 2023-03-01 | CVE-2023-24756 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. | 5.5 |
| 2023-03-01 | CVE-2023-24757 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. | 5.5 |
| 2023-03-01 | CVE-2023-24758 | NULL Pointer Dereference vulnerability in multiple products libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. | 5.5 |
| 2023-02-23 | CVE-2023-23920 | Untrusted Search Path vulnerability in multiple products An untrusted search path vulnerability exists in Node.js. | 4.2 |
| 2023-02-21 | CVE-2023-23009 | Resource Exhaustion vulnerability in multiple products Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length. | 6.5 |