Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-0865 Reachable Assertion vulnerability in multiple products
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff debian fedoraproject netapp CWE-617
6.5
2022-03-10 CVE-2021-32434 Out-of-bounds Read vulnerability in multiple products
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c.
5.5
2022-03-10 CVE-2021-32435 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.
5.5
2022-03-10 CVE-2021-32436 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.
network
low complexity
abcm2ps-project fedoraproject debian CWE-125
6.5
2022-03-10 CVE-2021-33293 Out-of-bounds Read vulnerability in multiple products
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.
network
low complexity
libpano13-project debian CWE-125
6.4
2022-03-09 CVE-2022-24349 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
2022-03-09 CVE-2022-24917 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
2022-03-09 CVE-2022-24919 Cross-site Scripting vulnerability in multiple products
An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users.
network
high complexity
zabbix debian fedoraproject CWE-79
4.4
2022-03-04 CVE-2021-20300 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp.
local
low complexity
openexr debian CWE-190
5.5
2022-03-04 CVE-2021-20302 A flaw was found in OpenEXR's TiledInputFile functionality.
local
low complexity
openexr debian
5.5