Debian

Debian Linux

9141 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-39351

Exploit
  • EPSS 0.1%
  • Published 31.08.2023 20:15:08
  • Last modified 21.11.2024 08:15:12

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX (rfx) handling. Inside the `rfx_process_...

7.5

CVE-2023-39354

Exploit
  • EPSS 0.18%
  • Published 31.08.2023 20:15:08
  • Last modified 21.11.2024 08:15:13

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `nsc_rle_decompress_data` function. The Out-Of-Bounds Read occurs because it proce...

9.8

CVE-2023-39355

Exploit
  • EPSS 0.28%
  • Published 31.08.2023 20:15:08
  • Last modified 21.11.2024 08:15:13

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Versions of FreeRDP on the 3.x release branch before beta3 are subject to a Use-After-Free in processing `RDPGFX_CMDID_RESETGRAPHICS` packets. I...

7.5

CVE-2023-40589

Exploit
  • EPSS 0.1%
  • Published 31.08.2023 19:15:11
  • Last modified 21.11.2024 08:19:46

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions there is a Global-Buffer-Overflow in the ncrush_decompress function. Feeding crafted input into this function can trigger t...

7.5

CVE-2023-20900

  • EPSS 0.84%
  • Published 31.08.2023 10:15:08
  • Last modified 21.11.2024 07:41:47

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if ...

8.8

CVE-2023-4572

  • EPSS 0.6%
  • Published 29.08.2023 20:15:10
  • Last modified 21.11.2024 08:35:27

Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-38802

Exploit
  • EPSS 0.77%
  • Published 29.08.2023 16:15:09
  • Last modified 21.11.2024 08:14:13

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).

9.8

CVE-2023-41361

  • EPSS 0.5%
  • Published 29.08.2023 04:15:17
  • Last modified 21.11.2024 08:21:09

An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.

7.5

CVE-2023-41358

  • EPSS 0.35%
  • Published 29.08.2023 04:15:16
  • Last modified 21.11.2024 08:21:08

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero.

9.1

CVE-2023-41360

  • EPSS 0.24%
  • Published 29.08.2023 04:15:16
  • Last modified 21.11.2024 08:21:09

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.