Vulnerabilities > Debian > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-31 | CVE-2022-2519 | Double Free vulnerability in multiple products There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 | 6.5 |
2022-08-31 | CVE-2022-2520 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in libtiff 4.4.0rc1. | 6.5 |
2022-08-31 | CVE-2022-2521 | Release of Invalid Pointer or Reference vulnerability in multiple products It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. | 6.5 |
2022-08-30 | CVE-2021-46837 | NULL Pointer Dereference vulnerability in multiple products res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. | 6.5 |
2022-08-29 | CVE-2022-0718 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. | 4.9 |
2022-08-29 | CVE-2022-1184 | Use After Free vulnerability in multiple products A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. | 5.5 |
2022-08-29 | CVE-2022-2953 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
2022-08-27 | CVE-2022-2787 | Improper Preservation of Permissions vulnerability in Debian Linux and Schroot Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. | 4.3 |
2022-08-26 | CVE-2022-0171 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |
2022-08-26 | CVE-2021-3669 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |