Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-32434 Out-of-bounds Read vulnerability in multiple products
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. 		5.5
5.5
2022-03-10 CVE-2021-32435 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. 		5.5
5.5
2022-03-10 CVE-2021-32436 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.
network
low complexity
abcm2ps-project fedoraproject debian CWE-125
6.5
6.5
2022-03-09 CVE-2022-24349 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
4.4
2022-03-09 CVE-2022-24917 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
4.4
2022-03-09 CVE-2022-24919 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
4.4
2022-03-04 CVE-2021-20300 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp.
local
low complexity
openexr debian CWE-190
5.5
5.5
2022-03-04 CVE-2021-20302 A flaw was found in OpenEXR's TiledInputFile functionality.
local
low complexity
openexr debian
5.5
5.5
2022-03-04 CVE-2021-20303 Integer Overflow or Wraparound vulnerability in multiple products
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp.
local
low complexity
openexr debian CWE-190
6.1
6.1
2022-03-04 CVE-2021-3744 Memory Leak vulnerability in multiple products
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). 		5.5
5.5