Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-17 CVE-2022-47929 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands.
local
low complexity
linux debian CWE-476
5.5
2023-01-14 CVE-2023-23589 The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
network
low complexity
torproject debian fedoraproject
6.5
2023-01-12 CVE-2023-23454 Type Confusion vulnerability in multiple products
cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
local
low complexity
linux debian CWE-843
5.5
2023-01-12 CVE-2023-23455 Type Confusion vulnerability in multiple products
atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).
local
low complexity
linux debian CWE-843
5.5
2022-12-30 CVE-2022-34674 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.
local
low complexity
nvidia debian
6.1
2022-12-30 CVE-2022-34680 Incorrect Conversion between Numeric Types vulnerability in multiple products
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
local
low complexity
nvidia debian CWE-681
5.5
2022-12-30 CVE-2022-42259 Integer Overflow or Wraparound vulnerability in multiple products
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.
local
low complexity
nvidia debian CWE-190
5.5
2022-12-22 CVE-2022-36354 A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0.
network
low complexity
openimageio debian
5.3
2022-12-22 CVE-2022-43592 An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian
5.9
2022-12-22 CVE-2022-43593 A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian
5.9