Debian

Debian Linux

9144 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2021-40732

  • EPSS 0.12%
  • Published 13.10.2021 17:15:07
  • Last modified 21.11.2024 06:24:39

XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interactio...

5.3

CVE-2021-42326

  • EPSS 0.51%
  • Published 12.10.2021 19:15:08
  • Last modified 21.11.2024 06:27:36

Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.

6.5

CVE-2021-3671

  • EPSS 1.14%
  • Published 12.10.2021 18:15:08
  • Last modified 21.11.2024 06:22:07

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

3.7

CVE-2021-41136

  • EPSS 0.29%
  • Published 12.10.2021 16:15:07
  • Last modified 27.05.2025 16:15:21

Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request ...

7.5

CVE-2021-25634

  • EPSS 0.22%
  • Published 12.10.2021 14:15:08
  • Last modified 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

7.5

CVE-2021-42260

Exploit
  • EPSS 0.36%
  • Published 11.10.2021 20:15:07
  • Last modified 21.11.2024 06:27:28

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

7.5

CVE-2021-25633

  • EPSS 0.29%
  • Published 11.10.2021 17:15:07
  • Last modified 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

4.3

CVE-2021-37967

  • EPSS 0.39%
  • Published 08.10.2021 22:15:08
  • Last modified 21.11.2024 06:16:09

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

4.3

CVE-2021-37968

  • EPSS 0.52%
  • Published 08.10.2021 22:15:08
  • Last modified 21.11.2024 06:16:09

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

7.8

CVE-2021-37969

  • EPSS 0.72%
  • Published 08.10.2021 22:15:08
  • Last modified 21.11.2024 06:16:09

Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file.