Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-32206

Exploit
  • EPSS 2.57%
  • Published 07.07.2022 13:15:08
  • Last modified 05.05.2025 17:18:13

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allo...

9.8

CVE-2022-32207

Exploit
  • EPSS 0.17%
  • Published 07.07.2022 13:15:08
  • Last modified 23.04.2025 18:15:53

When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen...

5.9

CVE-2022-32208

Exploit
  • EPSS 0.3%
  • Published 07.07.2022 13:15:08
  • Last modified 05.05.2025 17:18:13

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.

5.5

CVE-2022-2318

  • EPSS 0.08%
  • Published 06.07.2022 19:15:08
  • Last modified 21.11.2024 07:00:45

There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

7.5

CVE-2022-31129

Exploit
  • EPSS 4.18%
  • Published 06.07.2022 18:15:19
  • Last modified 21.11.2024 07:03:57

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rf...

9.8

CVE-2022-33980

  • EPSS 87.66%
  • Published 06.07.2022 13:15:09
  • Last modified 21.11.2024 07:08:42

Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons....

7.1

CVE-2022-26365

  • EPSS 0.04%
  • Published 05.07.2022 13:15:08
  • Last modified 21.11.2024 06:53:50

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...

7.8

CVE-2022-2304

Exploit
  • EPSS 0.06%
  • Published 05.07.2022 13:15:08
  • Last modified 21.11.2024 07:00:43

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.

7.1

CVE-2022-33740

  • EPSS 0.05%
  • Published 05.07.2022 13:15:08
  • Last modified 21.11.2024 07:08:26

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...

7.1

CVE-2022-33741

  • EPSS 0.04%
  • Published 05.07.2022 13:15:08
  • Last modified 21.11.2024 07:08:26

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing ...