Debian

Debian Linux

9140 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2024-46544

  • EPSS 0.05%
  • Veröffentlicht 23.09.2024 11:15:10
  • Zuletzt bearbeitet 10.07.2025 19:11:29

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache ...

6.5

CVE-2024-8096

Exploit
  • EPSS 0.21%
  • Veröffentlicht 11.09.2024 10:15:02
  • Zuletzt bearbeitet 30.07.2025 19:42:16

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. ...

10

CVE-2024-42472

Exploit
  • EPSS 5.68%
  • Veröffentlicht 15.08.2024 19:15:19
  • Zuletzt bearbeitet 19.08.2025 15:21:28

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have acces...

8.1

CVE-2024-6387

Medienbericht Exploit
  • EPSS 38.58%
  • Veröffentlicht 01.07.2024 13:15:06
  • Zuletzt bearbeitet 30.09.2025 13:52:23

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to aut...

9.1

CVE-2024-37371

  • EPSS 1.94%
  • Veröffentlicht 28.06.2024 23:15:11
  • Zuletzt bearbeitet 13.03.2025 21:15:40

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

6.7

CVE-2024-35235

Exploit
  • EPSS 1.33%
  • Veröffentlicht 11.06.2024 15:16:07
  • Zuletzt bearbeitet 26.09.2025 23:51:23

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be ...

8.6

CVE-2024-5696

  • EPSS 1.66%
  • Veröffentlicht 11.06.2024 13:15:51
  • Zuletzt bearbeitet 27.03.2025 19:55:20

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

4.3

CVE-2024-5690

  • EPSS 4.02%
  • Veröffentlicht 11.06.2024 13:15:50
  • Zuletzt bearbeitet 26.03.2025 14:15:31

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

6.1

CVE-2024-37384

  • EPSS 0.22%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 01.05.2025 19:51:01

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

6.1

CVE-2024-37383

Warnung
  • EPSS 61.42%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 20.12.2024 16:52:05

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.