Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-18 CVE-2021-32862 Cross-site Scripting vulnerability in multiple products
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert.
network
low complexity
jupyter debian CWE-79
5.4
5.4
2022-08-17 CVE-2022-2867 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.
local
low complexity
libtiff fedoraproject debian CWE-191
5.5
5.5
2022-08-17 CVE-2022-2868 Improper Validation of Specified Quantity in Input vulnerability in multiple products
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
local
low complexity
libtiff fedoraproject debian CWE-1284
5.5
5.5
2022-08-17 CVE-2022-2869 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine.
local
low complexity
libtiff fedoraproject debian CWE-191
5.5
5.5
2022-08-11 CVE-2022-20369 Out-of-bounds Write vulnerability in multiple products
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation.
local
low complexity
google debian CWE-787
6.7
6.7
2022-08-01 CVE-2022-2598 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
local
low complexity
vim debian CWE-787
5.5
5.5
2022-07-29 CVE-2022-34526 Out-of-bounds Write vulnerability in multiple products
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0.
network
low complexity
libtiff fedoraproject netapp debian CWE-787
6.5
6.5
2022-07-28 CVE-2022-2553 Improper Authentication vulnerability in multiple products
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node.
network
low complexity
clusterlabs debian fedoraproject CWE-287
6.5
6.5
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
5.5
2022-07-20 CVE-2022-31160 Cross-site Scripting vulnerability in multiple products
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery.
network
low complexity
jqueryui netapp drupal fedoraproject debian CWE-79
6.1
6.1