Debian

Debian Linux

9144 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2020-27763

  • EPSS 0.09%
  • Published 03.12.2020 17:15:12
  • Last modified 21.11.2024 05:21:47

A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to applica...

7.4

CVE-2020-25638

  • EPSS 0.51%
  • Published 02.12.2020 15:15:12
  • Last modified 23.04.2025 20:15:19

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could...

4.1

CVE-2020-25656

Exploit
  • EPSS 0.01%
  • Published 02.12.2020 01:15:12
  • Last modified 21.11.2024 05:18:22

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnera...

5.5

CVE-2020-25704

  • EPSS 0.06%
  • Published 02.12.2020 01:15:12
  • Last modified 21.11.2024 05:18:31

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

3.2

CVE-2020-25723

  • EPSS 0.02%
  • Published 02.12.2020 01:15:12
  • Last modified 21.11.2024 05:18:34

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bog...

7.5

CVE-2020-27813

  • EPSS 0.18%
  • Published 02.12.2020 01:15:12
  • Last modified 21.11.2024 05:21:51

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

5.2

CVE-2020-15257

  • EPSS 12%
  • Published 01.12.2020 03:15:11
  • Last modified 21.11.2024 05:05:12

containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the ...

7.8

CVE-2020-29394

Exploit
  • EPSS 0.6%
  • Published 30.11.2020 19:15:12
  • Last modified 21.11.2024 05:23:59

A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the forma...

9.8

CVE-2020-28926

Exploit
  • EPSS 65.26%
  • Published 30.11.2020 18:15:11
  • Last modified 21.11.2024 05:23:18

ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/mem...

5

CVE-2020-25624

Exploit
  • EPSS 0.03%
  • Published 30.11.2020 07:15:11
  • Last modified 21.11.2024 05:18:16

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.