Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-06 CVE-2021-46141 Use After Free vulnerability in multiple products
An issue was discovered in uriparser before 0.9.6.
5.5
2022-01-06 CVE-2021-46142 Use After Free vulnerability in multiple products
An issue was discovered in uriparser before 0.9.6.
5.5
2022-01-04 CVE-2021-3842 nltk is vulnerable to Inefficient Regular Expression Complexity
network
low complexity
nltk debian fedoraproject
5.0
2022-01-01 CVE-2021-44717 Improper Resource Shutdown or Release vulnerability in multiple products
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion.
network
high complexity
golang debian CWE-404
4.8
2022-01-01 CVE-2021-45930 Out-of-bounds Write vulnerability in multiple products
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
local
low complexity
qt fedoraproject debian CWE-787
5.5
2022-01-01 CVE-2021-45942 Out-of-bounds Write vulnerability in multiple products
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).
local
low complexity
openexr fedoraproject debian CWE-787
5.5
2022-01-01 CVE-2021-45943 Out-of-bounds Write vulnerability in multiple products
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
local
low complexity
osgeo debian fedoraproject oracle CWE-787
5.5
2022-01-01 CVE-2021-45944 Use After Free vulnerability in multiple products
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
local
low complexity
artifex debian CWE-416
5.5
2022-01-01 CVE-2021-45949 Out-of-bounds Write vulnerability in multiple products
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
local
low complexity
artifex debian CWE-787
5.5
2022-01-01 CVE-2021-45958 Out-of-bounds Write vulnerability in multiple products
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode).
5.5