Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-11 | CVE-2022-0908 | NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. | 5.5 |
| 2022-03-11 | CVE-2022-0909 | Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
| 2022-03-11 | CVE-2022-0924 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
| 2022-03-11 | CVE-2022-26874 | Cross-site Scripting vulnerability in multiple products lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. | 5.4 |
| 2022-03-10 | CVE-2022-26847 | Information Exposure vulnerability in multiple products SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects. | 5.3 |
| 2022-03-10 | CVE-2022-26661 | XXE vulnerability in multiple products An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. | 6.5 |
| 2022-03-10 | CVE-2022-0865 | Reachable Assertion vulnerability in multiple products Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-03-10 | CVE-2021-32434 | Out-of-bounds Read vulnerability in multiple products abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. | 5.5 |
| 2022-03-10 | CVE-2021-32435 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 5.5 |
| 2022-03-10 | CVE-2021-32436 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. | 6.5 |