Debian

Debian Linux

9209 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-9325

  • EPSS 8.89%
  • Published 27.09.2019 19:15:21
  • Last modified 21.11.2024 04:51:25

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: A...

8.8

CVE-2019-9278

  • EPSS 5.67%
  • Published 27.09.2019 19:15:19
  • Last modified 21.11.2024 04:51:20

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitatio...

7.5

CVE-2019-9232

  • EPSS 7.29%
  • Published 27.09.2019 19:15:17
  • Last modified 21.11.2024 04:51:15

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersion...

7.5

CVE-2019-8075

  • EPSS 1.04%
  • Published 27.09.2019 16:15:10
  • Last modified 21.11.2024 04:49:14

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.

7.5

CVE-2019-16869

Exploit
  • EPSS 3.59%
  • Published 26.09.2019 16:15:11
  • Last modified 07.07.2025 17:15:26

Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.

6.1

CVE-2019-10092

Exploit
  • EPSS 82.38%
  • Published 26.09.2019 16:15:10
  • Last modified 21.11.2024 04:18:23

In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only ...

5.3

CVE-2019-16910

  • EPSS 0.91%
  • Published 26.09.2019 13:15:10
  • Last modified 21.11.2024 04:31:19

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the...

5.3

CVE-2019-16738

Exploit
  • EPSS 0.42%
  • Published 26.09.2019 02:15:10
  • Last modified 21.11.2024 04:31:05

In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.

6.1

CVE-2017-18635

Exploit
  • EPSS 7.25%
  • Published 25.09.2019 23:15:09
  • Last modified 21.11.2024 03:20:32

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

9.8

CVE-2019-15941

  • EPSS 0.55%
  • Published 25.09.2019 20:15:11
  • Last modified 28.05.2025 17:23:02

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configura...