Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-4907

Exploit
  • EPSS 1.45%
  • Published 29.07.2023 00:15:10
  • Last modified 21.11.2024 07:36:13

Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

4.4

CVE-2023-3772

  • EPSS 0.01%
  • Published 25.07.2023 16:15:11
  • Last modified 21.11.2024 08:18:01

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possibl...

4.4

CVE-2023-3773

  • EPSS 0.01%
  • Published 25.07.2023 16:15:11
  • Last modified 21.11.2024 08:18:01

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attrib...

6.3

CVE-2023-38745

  • EPSS 0.02%
  • Published 25.07.2023 04:15:10
  • Last modified 21.11.2024 08:14:09

Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite ...

5.5

CVE-2023-20593

Exploit
  • EPSS 6.32%
  • Published 24.07.2023 20:15:10
  • Last modified 13.02.2025 17:16:01

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information.

4.1

CVE-2023-3863

  • EPSS 0.01%
  • Published 24.07.2023 15:15:09
  • Last modified 21.11.2024 08:18:14

A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue.

7.5

CVE-2023-3417

  • EPSS 0.16%
  • Published 24.07.2023 11:15:09
  • Last modified 21.11.2024 08:17:13

Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character ...

5.5

CVE-2023-38633

Exploit
  • EPSS 36.47%
  • Published 22.07.2023 17:15:09
  • Last modified 21.11.2024 08:13:58

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../et...

7.8

CVE-2023-3609

  • EPSS 0.01%
  • Published 21.07.2023 21:15:11
  • Last modified 13.02.2025 17:16:57

A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementin...

7.8

CVE-2023-3610

  • EPSS 0.02%
  • Published 21.07.2023 21:15:11
  • Last modified 13.02.2025 17:16:57

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The ...