Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-18 CVE-2022-30974 Uncontrolled Recursion vulnerability in multiple products
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.
local
low complexity
artifex debian fedoraproject CWE-674
5.5
2022-05-18 CVE-2022-30975 NULL Pointer Dereference vulnerability in multiple products
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.
local
low complexity
artifex debian fedoraproject CWE-476
5.5
2022-05-12 CVE-2022-21151 Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel netapp debian
5.5
2022-05-11 CVE-2022-1623 Out-of-bounds Read vulnerability in multiple products
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff fedoraproject netapp debian CWE-125
5.5
2022-05-09 CVE-2022-27114 Integer Overflow or Wraparound vulnerability in multiple products
There is a vulnerability in htmldoc 1.9.16.
4.3
2022-05-05 CVE-2022-27337 A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
network
low complexity
freedesktop fedoraproject debian
6.5
2022-05-05 CVE-2022-1516 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection.
local
low complexity
linux debian CWE-476
5.5
2022-05-04 CVE-2022-20796 NULL Pointer Dereference vulnerability in multiple products
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device.
local
low complexity
clamav cisco fedoraproject debian CWE-476
5.5
2022-05-03 CVE-2022-29824 Integer Overflow or Wraparound vulnerability in multiple products
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows.
network
low complexity
xmlsoft fedoraproject debian netapp oracle CWE-190
6.5
2022-05-02 CVE-2021-42528 NULL Pointer Dereference vulnerability in multiple products
XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file.
local
low complexity
adobe debian CWE-476
5.5