Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-26 CVE-2021-3735 Improper Locking vulnerability in multiple products
A deadlock issue was found in the AHCI controller device of QEMU.
local
low complexity
qemu debian CWE-667
4.4
2022-08-24 CVE-2021-4159 A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures.
local
low complexity
linux redhat debian
4.4
2022-08-24 CVE-2021-4189 Unchecked Return Value vulnerability in multiple products
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode.
network
low complexity
python debian redhat netapp CWE-252
5.3
2022-08-24 CVE-2021-4214 Classic Buffer Overflow vulnerability in multiple products
A heap overflow flaw was found in libpngs' pngimage.c program.
local
low complexity
libpng debian netapp CWE-120
5.5
2022-08-23 CVE-2021-3975 Use After Free vulnerability in multiple products
A use-after-free flaw was found in libvirt.
6.5
2022-08-23 CVE-2021-20316 Race Condition vulnerability in multiple products
A flaw was found in the way Samba handled file/directory metadata.
network
high complexity
samba debian redhat CWE-362
6.8
2022-08-23 CVE-2021-3759 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores.
local
low complexity
linux debian CWE-770
5.5
2022-08-23 CVE-2021-3800 Information Exposure vulnerability in multiple products
A flaw was found in glib before version 2.63.6.
local
low complexity
gnome debian netapp CWE-200
5.5
2022-08-22 CVE-2022-2873 Incorrect Calculation of Buffer Size vulnerability in multiple products
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data.
5.5
2022-08-18 CVE-2022-26373 Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel debian
5.5