Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-0529 | Out-of-bounds Write vulnerability in multiple products A flaw was found in Unzip. | 5.5 |
| 2022-02-09 | CVE-2022-0530 | A flaw was found in Unzip. | 5.5 |
| 2022-02-09 | CVE-2022-0534 | Out-of-bounds Read vulnerability in multiple products A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault). | 5.5 |
| 2022-02-04 | CVE-2021-40403 | An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0. | 6.3 |
| 2022-02-04 | CVE-2021-4043 | NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0. | 5.5 |
| 2022-02-04 | CVE-2022-0487 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. | 5.5 |
| 2022-02-04 | CVE-2021-46671 | Out-of-bounds Read vulnerability in multiple products options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client. | 5.3 |
| 2022-02-03 | CVE-2022-22818 | Cross-site Scripting vulnerability in multiple products The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. | 6.1 |
| 2022-02-02 | CVE-2022-24301 | Incorrect Default Permissions vulnerability in multiple products In Minetest before 5.4.0, players can add or subtract items from a different player's inventory. | 6.5 |
| 2022-02-01 | CVE-2022-23607 | Forced Browsing vulnerability in multiple products treq is an HTTP library inspired by requests but written on top of Twisted's Agents. | 6.5 |