Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-15 CVE-2022-38861 Out-of-bounds Write vulnerability in multiple products
The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.
local
low complexity
mplayerhq debian CWE-787
5.5
2022-09-15 CVE-2022-38863 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer.
local
low complexity
mplayerhq debian CWE-787
5.5
2022-09-15 CVE-2022-38864 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c.
local
low complexity
mplayerhq debian CWE-787
5.5
2022-09-15 CVE-2022-38865 Divide By Zero vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c.
local
low complexity
mplayerhq debian CWE-369
5.5
2022-09-15 CVE-2022-38866 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c .
local
low complexity
mplayerhq debian CWE-787
5.5
2022-09-15 CVE-2018-25047 Cross-site Scripting vulnerability in multiple products
In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS.
network
low complexity
smarty debian CWE-79
5.4
2022-09-09 CVE-2022-38266 Divide By Zero vulnerability in multiple products
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.
network
low complexity
tesseract-project leptonica debian CWE-369
6.5
2022-09-09 CVE-2022-2905 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map.
local
low complexity
linux redhat debian CWE-125
5.5
2022-09-09 CVE-2022-36280 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'.
local
low complexity
linux debian CWE-787
5.5
2022-09-09 CVE-2022-3169 Improper Input Validation vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux fedoraproject debian CWE-20
5.5