Vulnerabilities > Debian > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-05-25 CVE-2020-20450 NULL Pointer Dereference vulnerability in multiple products
FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-476
5.0
2021-05-25 CVE-2020-20451 Memory Leak vulnerability in multiple products
Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
network
low complexity
ffmpeg debian CWE-401
5.0
2021-05-25 CVE-2020-20445 Divide By Zero vulnerability in multiple products
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-369
4.0
2021-05-25 CVE-2020-20446 Divide By Zero vulnerability in multiple products
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
network
low complexity
ffmpeg debian CWE-369
4.0
2021-05-24 CVE-2020-21041 Classic Buffer Overflow vulnerability in multiple products
Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service
network
low complexity
ffmpeg debian CWE-120
5.0
2021-05-24 CVE-2020-26558 Improper Authentication vulnerability in multiple products
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session.
4.2
2021-05-21 CVE-2020-36330 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject debian redhat netapp apple CWE-125
6.4
2021-05-20 CVE-2021-3426 Path Traversal vulnerability in multiple products
There's a flaw in Python 3's pydoc.
5.7
2021-05-17 CVE-2021-3524 Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21.
network
low complexity
redhat fedoraproject debian CWE-74
6.5
2021-05-17 CVE-2021-3483 Use After Free vulnerability in multiple products
A flaw was found in the Nosy driver in the Linux kernel.
local
low complexity
linux debian netapp CWE-416
4.6