Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2021-44759

  • EPSS 0.5%
  • Published 23.03.2022 14:15:07
  • Last modified 21.11.2024 06:31:32

Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.

7.8

CVE-2022-27666

  • EPSS 0.78%
  • Published 23.03.2022 06:15:06
  • Last modified 21.11.2024 06:56:08

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation ...

7.5

CVE-2022-24764

  • EPSS 0.42%
  • Published 22.03.2022 17:15:07
  • Last modified 21.11.2024 06:51:02

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`...

9.8

CVE-2022-0547

  • EPSS 0.56%
  • Published 18.03.2022 18:15:12
  • Last modified 23.04.2025 19:15:52

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially ...

7.8

CVE-2022-1011

  • EPSS 0.2%
  • Published 18.03.2022 18:15:12
  • Last modified 21.11.2024 06:39:51

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

5.9

CVE-2022-24302

Exploit
  • EPSS 0.88%
  • Published 17.03.2022 22:15:08
  • Last modified 21.11.2024 06:50:07

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

7.5

CVE-2022-24761

  • EPSS 0.2%
  • Published 17.03.2022 13:15:07
  • Last modified 21.11.2024 06:51:02

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy ...

7.5

CVE-2022-26353

  • EPSS 0.21%
  • Published 16.03.2022 15:15:16
  • Last modified 21.11.2024 06:53:48

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected Q...

3.2

CVE-2022-26354

  • EPSS 0.01%
  • Published 16.03.2022 15:15:16
  • Last modified 21.11.2024 06:53:48

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

7

CVE-2021-39713

Exploit
  • EPSS 0.03%
  • Published 16.03.2022 15:15:11
  • Last modified 21.11.2024 06:20:04

Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel