Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2022-31084

Exploit
  • EPSS 1.49%
  • Veröffentlicht 27.06.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:51

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject t...

6.1

CVE-2022-31085

  • EPSS 0.09%
  • Veröffentlicht 27.06.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:51

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL exte...

8.8

CVE-2022-31086

  • EPSS 1.33%
  • Veröffentlicht 27.06.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:51

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnera...

7.8

CVE-2022-31087

  • EPSS 0.19%
  • Veröffentlicht 27.06.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:52

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (and .php5/....

5.3

CVE-2022-31088

  • EPSS 0.52%
  • Veröffentlicht 27.06.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:52

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LD...

6.1

CVE-2022-32209

Exploit
  • EPSS 4.91%
  • Veröffentlicht 24.06.2022 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:05:55

# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affecte...

10

CVE-2022-2068

  • EPSS 25.23%
  • Veröffentlicht 21.06.2022 15:15:09
  • Zuletzt bearbeitet 15.09.2025 14:15:33

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022...

7.8

CVE-2022-1720

Exploit
  • EPSS 0.4%
  • Veröffentlicht 20.06.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:41:19

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

7.8

CVE-2022-2129

Exploit
  • EPSS 0.1%
  • Veröffentlicht 19.06.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 07:00:22

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

7.8

CVE-2022-2126

Exploit
  • EPSS 0.16%
  • Veröffentlicht 19.06.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 07:00:22

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.