Debian Linux Security Vulnerabilities - 2021
Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service
7.5CVSS
8.2AI Score
0.003EPSS
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
5.5CVSS
5.7AI Score
0.001EPSS
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.
5.5CVSS
5.4AI Score
0.001EPSS
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.
5.5CVSS
5.7AI Score
0.001EPSS
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.
5.5CVSS
5.7AI Score
0.001EPSS
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
5.5CVSS
5.7AI Score
0.001EPSS
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.
5.5CVSS
5.7AI Score
0.001EPSS
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.
5.5CVSS
5.4AI Score
0.001EPSS
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
6.5CVSS
7.2AI Score
0.003EPSS
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
6.5CVSS
7.2AI Score
0.004EPSS
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
8.8CVSS
8.5AI Score
0.004EPSS
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
6.5CVSS
7.2AI Score
0.002EPSS
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.
5.5CVSS
5.9AI Score
0.001EPSS
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
5.5CVSS
5.6AI Score
0.001EPSS
A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.
8.8CVSS
8.7AI Score
0.003EPSS
A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.
6.5CVSS
6.9AI Score
0.001EPSS
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
5.5CVSS
5.7AI Score
0.001EPSS
Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code.
8.8CVSS
9.3AI Score
0.026EPSS
A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.004EPSS
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.1AI Score
0.002EPSS
Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service.
6.5CVSS
7.6AI Score
0.001EPSS
Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service.
6.5CVSS
7.5AI Score
0.004EPSS
Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.
6.5CVSS
7.6AI Score
0.003EPSS
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.1AI Score
0.004EPSS
A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.002EPSS
A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.1AI Score
0.002EPSS
Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service.
6.5CVSS
7.5AI Score
0.003EPSS
A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.005EPSS
Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service.
6.5CVSS
7.4AI Score
0.002EPSS
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.005EPSS
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.002EPSS
A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.1AI Score
0.004EPSS
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.1AI Score
0.002EPSS
A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service.
6.5CVSS
7.5AI Score
0.004EPSS
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.004EPSS
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
9.2AI Score
0.002EPSS
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences.
8.8CVSS
8.9AI Score
0.004EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.
6.5CVSS
7.4AI Score
0.005EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc.
6.5CVSS
7.4AI Score
0.001EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function in libavfilter/graphparser.c.
6.5CVSS
7.4AI Score
0.001EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c.
6.5CVSS
7.4AI Score
0.001EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.
6.5CVSS
7.2AI Score
0.001EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c.
6.5CVSS
7AI Score
0.001EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c.
6.5CVSS
7.4AI Score
0.003EPSS
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.
6.5CVSS
7.4AI Score
0.003EPSS
Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.
6.1CVSS
6AI Score
0.002EPSS
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure).
6.8CVSS
6.6AI Score
0.004EPSS
Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to potentially enable escalation of privilege via local access.
8.8CVSS
8.6AI Score
0.0004EPSS
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
6.5CVSS
7AI Score
0.0005EPSS
Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
3.3CVSS
5.8AI Score
0.0005EPSS