Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-29050

Exploit
  • EPSS 0.71%
  • Published 10.01.2022 14:10:16
  • Last modified 21.11.2024 05:23:35

SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc dire...

5.4

CVE-2022-21662

  • EPSS 13.59%
  • Published 06.01.2022 23:15:08
  • Last modified 21.11.2024 06:45:10

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users (like author) in WordPress core are able to execute JavaScript/perform stored XSS attack, which can af...

7.2

CVE-2022-21663

Exploit
  • EPSS 0.46%
  • Published 06.01.2022 23:15:08
  • Last modified 21.11.2024 06:45:11

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. On a multisite, users with Super Admin role can bypass explicit/additional hardening under certain conditions through object injection. T...

8.8

CVE-2022-21664

  • EPSS 4.99%
  • Published 06.01.2022 23:15:08
  • Last modified 21.11.2024 06:45:11

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patc...

7.5

CVE-2022-21661

Exploit
  • EPSS 90.59%
  • Published 06.01.2022 23:15:07
  • Last modified 19.08.2025 16:35:50

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a c...

6.5

CVE-2021-28714

  • EPSS 0.02%
  • Published 06.01.2022 18:15:07
  • Last modified 21.11.2024 06:00:12

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux...

6.5

CVE-2021-28715

  • EPSS 0.01%
  • Published 06.01.2022 18:15:07
  • Last modified 22.05.2025 19:15:24

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux...

5.9

CVE-2022-22707

Exploit
  • EPSS 0.45%
  • Published 06.01.2022 06:15:07
  • Last modified 21.11.2024 06:47:17

In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configurati...

6.1

CVE-2021-46144

  • EPSS 1.29%
  • Published 06.01.2022 05:15:09
  • Last modified 21.11.2024 06:33:40

Roundcube before 1.4.13 and 1.5.x before 1.5.2 allows XSS via an HTML e-mail message with crafted Cascading Style Sheets (CSS) token sequences.

5.5

CVE-2021-46141

Exploit
  • EPSS 0.09%
  • Published 06.01.2022 04:15:06
  • Last modified 21.11.2024 06:33:40

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.