Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-01 CVE-2023-24751 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc.
network
low complexity
struktur debian CWE-476
6.5
6.5
2023-03-01 CVE-2023-24752 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24754 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24755 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24756 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24757 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-03-01 CVE-2023-24758 NULL Pointer Dereference vulnerability in multiple products
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc.
local
low complexity
struktur debian CWE-476
5.5
5.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
6.5
2023-02-23 CVE-2023-23920 Untrusted Search Path vulnerability in multiple products
An untrusted search path vulnerability exists in Node.js.
local
low complexity
nodejs debian CWE-426
4.2
4.2
2023-02-21 CVE-2023-23009 Resource Exhaustion vulnerability in multiple products
Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.
network
low complexity
libreswan debian CWE-400
6.5
6.5