Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-12 | CVE-2021-37530 | Out-of-bounds Write vulnerability in multiple products A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c. | 5.5 |
| 2022-01-10 | CVE-2021-36408 | Use After Free vulnerability in multiple products An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265. | 5.5 |
| 2022-01-10 | CVE-2021-36410 | Out-of-bounds Write vulnerability in multiple products A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265. | 5.5 |
| 2022-01-10 | CVE-2021-36411 | Out-of-bounds Read vulnerability in multiple products An issue has been found in libde265 v1.0.8 due to incorrect access control. | 5.5 |
| 2022-01-10 | CVE-2021-35452 | Out-of-bounds Read vulnerability in multiple products An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc. | 6.5 |
| 2022-01-10 | CVE-2022-22815 | Improper Initialization vulnerability in multiple products path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path. | 6.5 |
| 2022-01-10 | CVE-2022-22816 | Out-of-bounds Read vulnerability in multiple products path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. | 6.5 |
| 2022-01-10 | CVE-2022-22844 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. | 5.5 |
| 2022-01-06 | CVE-2022-21662 | Cross-site Scripting vulnerability in multiple products WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. | 5.4 |
| 2022-01-06 | CVE-2021-28714 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. | 6.5 |