Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2021-4214 Classic Buffer Overflow vulnerability in multiple products
A heap overflow flaw was found in libpngs' pngimage.c program.
local
low complexity
libpng debian netapp CWE-120
5.5
5.5
2022-08-23 CVE-2021-3975 Use After Free vulnerability in multiple products
A use-after-free flaw was found in libvirt. 		6.5
6.5
2022-08-23 CVE-2021-20316 Race Condition vulnerability in multiple products
A flaw was found in the way Samba handled file/directory metadata.
network
high complexity
samba debian redhat CWE-362
6.8
6.8
2022-08-23 CVE-2021-3759 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores.
local
low complexity
linux debian CWE-770
5.5
5.5
2022-08-23 CVE-2021-3800 Information Exposure vulnerability in multiple products
A flaw was found in glib before version 2.63.6.
local
low complexity
gnome debian netapp CWE-200
5.5
5.5
2022-08-22 CVE-2022-2873 Incorrect Calculation of Buffer Size vulnerability in multiple products
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. 		5.5
5.5
2022-08-18 CVE-2022-26373 Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel debian
5.5
5.5
2022-08-18 CVE-2021-32862 Cross-site Scripting vulnerability in multiple products
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert.
network
low complexity
jupyter debian CWE-79
5.4
5.4
2022-08-17 CVE-2022-2867 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.
local
low complexity
libtiff fedoraproject debian CWE-191
5.5
5.5
2022-08-17 CVE-2022-2868 Improper Validation of Specified Quantity in Input vulnerability in multiple products
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
local
low complexity
libtiff fedoraproject debian CWE-1284
5.5
5.5