Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-22 CVE-2022-38648 Server-Side Request Forgery (SSRF) vulnerability in multiple products
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources.
network
low complexity
apache debian CWE-918
5.3
2022-09-21 CVE-2022-2795 By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
network
low complexity
isc debian fedoraproject
5.3
2022-09-21 CVE-2022-41218 Use After Free vulnerability in multiple products
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
local
low complexity
linux debian CWE-416
5.5
2022-09-19 CVE-2022-28201 Uncontrolled Recursion vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2.
local
low complexity
mediawiki debian CWE-674
4.4
2022-09-18 CVE-2022-40768 Use of Uninitialized Resource vulnerability in multiple products
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
local
low complexity
linux fedoraproject debian CWE-908
5.5
2022-09-15 CVE-2022-38850 Divide By Zero vulnerability in multiple products
The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c.
local
low complexity
mplayerhq debian CWE-369
5.5
2022-09-15 CVE-2022-38851 Out-of-bounds Read vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c.
local
low complexity
mplayerhq debian CWE-125
5.5
2022-09-15 CVE-2022-38855 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c.
local
low complexity
mplayerhq debian CWE-787
5.5
2022-09-15 CVE-2022-38858 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c.
local
low complexity
mplayerhq debian CWE-787
5.5
2022-09-15 CVE-2022-38860 Divide By Zero vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder.
local
low complexity
mplayerhq debian CWE-369
5.5