Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-01 CVE-2023-24752 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
2023-03-01 CVE-2023-24754 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
2023-03-01 CVE-2023-24755 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
2023-03-01 CVE-2023-24756 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
2023-03-01 CVE-2023-24757 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
2023-03-01 CVE-2023-24758 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
2023-02-23 CVE-2023-23920 Untrusted Search Path vulnerability in multiple products
An untrusted search path vulnerability exists in Node.js.
local
low complexity
nodejs debian CWE-426
4.2
2023-02-21 CVE-2023-23009 Resource Exhaustion vulnerability in multiple products
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
network
low complexity
libreswan debian CWE-400
6.5
2023-01-26 CVE-2022-47951 Path Traversal vulnerability in multiple products
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0.
network
low complexity
openstack debian CWE-22
5.7