Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-3169

  • EPSS 0.03%
  • Published 09.09.2022 15:15:15
  • Last modified 21.11.2024 07:18:58

A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.

5.5

CVE-2022-2905

Exploit
  • EPSS 0.02%
  • Published 09.09.2022 15:15:10
  • Last modified 21.11.2024 07:01:54

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

5.5

CVE-2022-36280

  • EPSS 0.04%
  • Published 09.09.2022 15:15:10
  • Last modified 21.11.2024 07:12:42

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user accou...

4.7

CVE-2022-40307

  • EPSS 0.02%
  • Published 09.09.2022 05:15:07
  • Last modified 21.11.2024 07:21:16

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

7.5

CVE-2022-40023

Exploit
  • EPSS 0.71%
  • Published 07.09.2022 13:15:09
  • Last modified 21.11.2024 07:20:44

Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.

7.8

CVE-2022-3134

Exploit
  • EPSS 0.04%
  • Published 06.09.2022 20:15:09
  • Last modified 21.11.2024 07:18:53

Use After Free in GitHub repository vim/vim prior to 9.0.0389.

7.8

CVE-2022-2735

  • EPSS 0.14%
  • Published 06.09.2022 18:15:14
  • Last modified 21.11.2024 07:01:36

A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluste...

6.5

CVE-2022-38749

  • EPSS 0.52%
  • Published 05.09.2022 10:15:09
  • Last modified 21.11.2024 07:17:01

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

5.5

CVE-2022-38750

Exploit
  • EPSS 0.08%
  • Published 05.09.2022 10:15:09
  • Last modified 21.11.2024 07:17:01

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

6.5

CVE-2022-38751

  • EPSS 0.15%
  • Published 05.09.2022 10:15:09
  • Last modified 21.11.2024 07:17:01

Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.