Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-04 CVE-2022-20796 NULL Pointer Dereference vulnerability in multiple products
On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device.
local
low complexity
clamav cisco fedoraproject debian CWE-476
5.5
5.5
2022-05-03 CVE-2022-29824 Integer Overflow or Wraparound vulnerability in multiple products
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows.
network
low complexity
xmlsoft fedoraproject debian netapp oracle CWE-190
6.5
6.5
2022-05-02 CVE-2021-42528 XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file.
local
low complexity
adobe debian
5.5
5.5
2022-04-29 CVE-2022-1195 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio.
local
low complexity
linux debian CWE-416
5.5
5.5
2022-04-28 CVE-2022-29869 Information Exposure Through Log Files vulnerability in multiple products
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.
network
low complexity
samba fedoraproject debian CWE-532
5.3
5.3
2022-04-19 CVE-2022-21496 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI).
network
low complexity
oracle netapp debian azul
5.3
5.3
2022-04-18 CVE-2022-24859 PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files.
local
low complexity
pypdf2-project debian
5.5
5.5
2022-04-15 CVE-2022-24851 Cross-site Scripting vulnerability in multiple products
LDAP Account Manager (LAM) is an open source web frontend for managing entries stored in an LDAP directory.
network
low complexity
ldap-account-manager debian CWE-79
4.8
4.8
2022-04-15 CVE-2022-28041 Integer Overflow or Wraparound vulnerability in multiple products
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc.
network
low complexity
nothings fedoraproject debian CWE-190
6.5
6.5
2022-04-14 CVE-2022-1328 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line
network
low complexity
mutt debian fedoraproject CWE-120
5.3
5.3