Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-3169

  • EPSS 0.03%
  • Veröffentlicht 09.09.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 07:18:58

A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.

5.5

CVE-2022-2905

Exploit
  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:01:54

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

5.5

CVE-2022-36280

  • EPSS 0.04%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:12:42

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user accou...

4.7

CVE-2022-40307

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 05:15:07
  • Zuletzt bearbeitet 21.11.2024 07:21:16

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

7.5

CVE-2022-40023

Exploit
  • EPSS 0.71%
  • Veröffentlicht 07.09.2022 13:15:09
  • Zuletzt bearbeitet 21.11.2024 07:20:44

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

7.8

CVE-2022-3134

Exploit
  • EPSS 0.04%
  • Veröffentlicht 06.09.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 07:18:53

Use After Free in GitHub repository vim/vim prior to 9.0.0389.

7.8

CVE-2022-2735

  • EPSS 0.14%
  • Veröffentlicht 06.09.2022 18:15:14
  • Zuletzt bearbeitet 21.11.2024 07:01:36

A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluste...

6.5

CVE-2022-38749

  • EPSS 0.52%
  • Veröffentlicht 05.09.2022 10:15:09
  • Zuletzt bearbeitet 21.11.2024 07:17:01

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

5.5

CVE-2022-38750

Exploit
  • EPSS 0.08%
  • Veröffentlicht 05.09.2022 10:15:09
  • Zuletzt bearbeitet 21.11.2024 07:17:01

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

6.5

CVE-2022-38751

  • EPSS 0.15%
  • Veröffentlicht 05.09.2022 10:15:09
  • Zuletzt bearbeitet 21.11.2024 07:17:01

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.