Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-26 CVE-2021-20196 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU.
local
low complexity
qemu debian CWE-476
6.5
2021-05-26 CVE-2021-3527 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the USB redirector device (usb-redir) of QEMU.
local
low complexity
qemu redhat debian CWE-770
5.5
2021-05-26 CVE-2020-22026 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
4.3
2021-05-26 CVE-2020-22028 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service.
4.3
2021-05-26 CVE-2020-22019 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service.
4.3
2021-05-26 CVE-2020-22020 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-120
6.5
2021-05-26 CVE-2020-22021 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.
4.3
2021-05-26 CVE-2020-22015 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.
6.8
2021-05-26 CVE-2021-33038 Information Exposure vulnerability in multiple products
An issue was discovered in management/commands/hyperkitty_import.py in HyperKitty through 1.3.4.
network
low complexity
hyperkitty-project debian CWE-200
5.0
2021-05-25 CVE-2020-20453 Divide By Zero vulnerability in multiple products
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
network
low complexity
ffmpeg debian CWE-369
4.0