Debian

Debian Linux

9288 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-10934

Medienbericht
  • EPSS 0.08%
  • Veröffentlicht 29.10.2025 20:15:35
  • Zuletzt bearbeitet 04.11.2025 13:12:43

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...

7.8

CVE-2025-10922

Medienbericht
  • EPSS 0.1%
  • Veröffentlicht 29.10.2025 19:29:42
  • Zuletzt bearbeitet 04.11.2025 13:15:06

GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...

7.8

CVE-2025-10921

Medienbericht
  • EPSS 0.08%
  • Veröffentlicht 29.10.2025 19:29:39
  • Zuletzt bearbeitet 04.11.2025 17:08:46

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...

7.8

CVE-2025-41244

Warnung Medienbericht Exploit
  • EPSS 0.94%
  • Veröffentlicht 29.09.2025 17:15:30
  • Zuletzt bearbeitet 06.11.2025 13:58:13

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled ...

7.4

CVE-2025-38352

Warnung Medienbericht
  • EPSS 0.19%
  • Veröffentlicht 22.07.2025 08:15:23
  • Zuletzt bearbeitet 04.11.2025 14:36:42

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() and calls handle_posix_cp...

8.8

CVE-2025-6558

Warnung Medienbericht
  • EPSS 0.11%
  • Veröffentlicht 15.07.2025 18:15:24
  • Zuletzt bearbeitet 06.11.2025 14:52:01

Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

8

CVE-2025-48384

Warnung
  • EPSS 0.71%
  • Veröffentlicht 08.07.2025 18:23:48
  • Zuletzt bearbeitet 06.11.2025 14:52:47

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed ...

7.8

CVE-2025-32463

Warnung Medienbericht Exploit
  • EPSS 18.49%
  • Veröffentlicht 30.06.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 19:26:48

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

9.8

CVE-2014-7210

  • EPSS 0.07%
  • Veröffentlicht 26.06.2025 20:52:47
  • Zuletzt bearbeitet 06.08.2025 16:38:04

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affec...

5.3

CVE-2025-48432

  • EPSS 0.08%
  • Veröffentlicht 05.06.2025 00:00:00
  • Zuletzt bearbeitet 15.10.2025 17:47:56

An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may l...