Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-18 CVE-2021-32862 Cross-site Scripting vulnerability in multiple products
The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert.
network
low complexity
jupyter debian CWE-79
5.4
5.4
2022-08-17 CVE-2022-2867 libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.
local
low complexity
libtiff fedoraproject debian
5.5
5.5
2022-08-17 CVE-2022-2868 Improper Validation of Specified Quantity in Input vulnerability in multiple products
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
local
low complexity
libtiff fedoraproject debian CWE-1284
5.5
5.5
2022-08-17 CVE-2022-2869 libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine.
local
low complexity
libtiff fedoraproject debian
5.5
5.5
2022-08-11 CVE-2022-20369 Out-of-bounds Write vulnerability in multiple products
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation.
local
low complexity
google debian CWE-787
6.7
6.7
2022-08-01 CVE-2022-2598 Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
local
low complexity
vim debian
5.5
5.5
2022-07-29 CVE-2022-34526 Out-of-bounds Write vulnerability in multiple products
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0.
network
low complexity
libtiff fedoraproject netapp debian CWE-787
6.5
6.5
2022-07-28 CVE-2022-2553 The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node.
network
low complexity
clusterlabs debian fedoraproject
6.5
6.5
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
5.5
2022-07-20 CVE-2022-31160 jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery.
network
low complexity
jqueryui netapp drupal fedoraproject debian
6.1
6.1