Debian

Debian Linux

9144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-21225

  • EPSS 1.01%
  • Veröffentlicht 26.04.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:47:48

Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.6

CVE-2021-21226

  • EPSS 1.34%
  • Veröffentlicht 26.04.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:47:48

Use after free in navigation in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

7.8

CVE-2021-3472

  • EPSS 0.09%
  • Veröffentlicht 26.04.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:37

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as s...

7.5

CVE-2020-15078

  • EPSS 0.31%
  • Veröffentlicht 26.04.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 05:04:45

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

7.5

CVE-2021-31598

  • EPSS 0.83%
  • Veröffentlicht 24.04.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:58

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.

7.8

CVE-2021-22204

Warnung Exploit
  • EPSS 92.81%
  • Veröffentlicht 23.04.2021 18:15:08
  • Zuletzt bearbeitet 22.10.2025 00:17:23

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

6.5

CVE-2021-22207

Exploit
  • EPSS 0.47%
  • Veröffentlicht 23.04.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:49:42

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

4.3

CVE-2021-2161

  • EPSS 0.27%
  • Veröffentlicht 22.04.2021 22:15:13
  • Zuletzt bearbeitet 21.11.2024 06:02:30

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM E...

2.6

CVE-2021-2163

  • EPSS 0.12%
  • Veröffentlicht 22.04.2021 22:15:13
  • Zuletzt bearbeitet 21.11.2024 06:02:30

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM E...

7

CVE-2021-23133

Exploit
  • EPSS 0.02%
  • Veröffentlicht 22.04.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:51:16

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr...