Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-21861 | Incorrect Conversion between Numeric Types vulnerability in multiple products An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. | 6.8 |
| 2021-08-16 | CVE-2021-22939 | Improper Certificate Validation vulnerability in multiple products If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. | 5.3 |
| 2021-08-13 | CVE-2021-37695 | Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. | 5.4 |
| 2021-08-10 | CVE-2020-21675 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. | 5.5 |
| 2021-08-10 | CVE-2020-21676 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. | 5.5 |
| 2021-08-10 | CVE-2020-21688 | Use After Free vulnerability in multiple products A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code. | 6.8 |
| 2021-08-10 | CVE-2020-21697 | Use After Free vulnerability in multiple products A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file. | 4.3 |
| 2021-08-09 | CVE-2021-37620 | Out-of-bounds Read vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |
| 2021-08-09 | CVE-2021-37621 | Infinite Loop vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |
| 2021-08-09 | CVE-2021-37622 | Infinite Loop vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. | 5.5 |