Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-15 CVE-2022-38855 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c.
local
low complexity
mplayerhq debian CWE-787
5.5
5.5
2022-09-15 CVE-2022-38858 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c.
local
low complexity
mplayerhq debian CWE-787
5.5
5.5
2022-09-15 CVE-2022-38860 Divide By Zero vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder.
local
low complexity
mplayerhq debian CWE-369
5.5
5.5
2022-09-15 CVE-2022-38861 Out-of-bounds Write vulnerability in multiple products
The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.
local
low complexity
mplayerhq debian CWE-787
5.5
5.5
2022-09-15 CVE-2022-38863 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer.
local
low complexity
mplayerhq debian CWE-787
5.5
5.5
2022-09-15 CVE-2022-38864 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c.
local
low complexity
mplayerhq debian CWE-787
5.5
5.5
2022-09-15 CVE-2022-38865 Divide By Zero vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c.
local
low complexity
mplayerhq debian CWE-369
5.5
5.5
2022-09-15 CVE-2022-38866 Out-of-bounds Write vulnerability in multiple products
Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c .
local
low complexity
mplayerhq debian CWE-787
5.5
5.5
2022-09-15 CVE-2018-25047 Cross-site Scripting vulnerability in multiple products
In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS.
network
low complexity
smarty debian CWE-79
5.4
5.4
2022-09-09 CVE-2022-38266 Divide By Zero vulnerability in multiple products
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.
network
low complexity
tesseract-project leptonica debian CWE-369
6.5
6.5