Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2021-3527 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the USB redirector device (usb-redir) of QEMU.
local
low complexity
qemu redhat debian CWE-770
5.5
2021-05-26 CVE-2020-22026 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-120
6.5
2021-05-26 CVE-2020-22028 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service.
network
low complexity
ffmpeg debian CWE-120
6.5
2021-05-26 CVE-2020-22019 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-120
6.5
2021-05-26 CVE-2020-22020 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-120
6.5
2021-05-26 CVE-2020-22021 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-120
6.5
2021-05-25 CVE-2020-20453 Divide By Zero vulnerability in multiple products
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
network
low complexity
ffmpeg debian CWE-369
6.5
2021-05-25 CVE-2020-20445 Divide By Zero vulnerability in multiple products
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-369
6.5
2021-05-25 CVE-2020-20446 Divide By Zero vulnerability in multiple products
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-369
6.5
2021-05-24 CVE-2020-26558 Improper Authentication vulnerability in multiple products
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session.
4.2