Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2022-31084

Exploit
  • EPSS 1.49%
  • Published 27.06.2022 21:15:08
  • Last modified 21.11.2024 07:03:51

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject t...

6.1

CVE-2022-31085

  • EPSS 0.09%
  • Published 27.06.2022 21:15:08
  • Last modified 21.11.2024 07:03:51

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL exte...

8.8

CVE-2022-31086

  • EPSS 1.33%
  • Published 27.06.2022 21:15:08
  • Last modified 21.11.2024 07:03:51

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnera...

7.8

CVE-2022-31087

  • EPSS 0.19%
  • Published 27.06.2022 21:15:08
  • Last modified 21.11.2024 07:03:52

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (and .php5/....

5.3

CVE-2022-31088

  • EPSS 0.52%
  • Published 27.06.2022 21:15:08
  • Last modified 21.11.2024 07:03:52

LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LD...

6.1

CVE-2022-32209

Exploit
  • EPSS 4.91%
  • Published 24.06.2022 15:15:11
  • Last modified 21.11.2024 07:05:55

# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affecte...

10

CVE-2022-2068

  • EPSS 25.23%
  • Published 21.06.2022 15:15:09
  • Last modified 15.09.2025 14:15:33

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022...

7.8

CVE-2022-1720

Exploit
  • EPSS 0.4%
  • Published 20.06.2022 15:15:10
  • Last modified 21.11.2024 06:41:19

Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

7.8

CVE-2022-2129

Exploit
  • EPSS 0.1%
  • Published 19.06.2022 19:15:08
  • Last modified 21.11.2024 07:00:22

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

7.8

CVE-2022-2126

Exploit
  • EPSS 0.16%
  • Published 19.06.2022 13:15:07
  • Last modified 21.11.2024 07:00:22

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.