Debian

Debian Linux

9140 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2024-46544

  • EPSS 0.05%
  • Published 23.09.2024 11:15:10
  • Last modified 10.07.2025 19:11:29

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache ...

6.5

CVE-2024-8096

Exploit
  • EPSS 0.21%
  • Published 11.09.2024 10:15:02
  • Last modified 30.07.2025 19:42:16

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. ...

10

CVE-2024-42472

Exploit
  • EPSS 5.68%
  • Published 15.08.2024 19:15:19
  • Last modified 19.08.2025 15:21:28

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have acces...

8.1

CVE-2024-6387

Media report Exploit
  • EPSS 38.58%
  • Published 01.07.2024 13:15:06
  • Last modified 30.09.2025 13:52:23

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to aut...

9.1

CVE-2024-37371

  • EPSS 1.94%
  • Published 28.06.2024 23:15:11
  • Last modified 13.03.2025 21:15:40

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

6.7

CVE-2024-35235

Exploit
  • EPSS 1.33%
  • Published 11.06.2024 15:16:07
  • Last modified 26.09.2025 23:51:23

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be ...

8.6

CVE-2024-5696

  • EPSS 1.66%
  • Published 11.06.2024 13:15:51
  • Last modified 27.03.2025 19:55:20

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

4.3

CVE-2024-5690

  • EPSS 4.02%
  • Published 11.06.2024 13:15:50
  • Last modified 26.03.2025 14:15:31

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

6.1

CVE-2024-37384

  • EPSS 0.22%
  • Published 07.06.2024 04:15:30
  • Last modified 01.05.2025 19:51:01

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

6.1

CVE-2024-37383

Warning
  • EPSS 61.42%
  • Published 07.06.2024 04:15:30
  • Last modified 20.12.2024 16:52:05

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.