Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-48627

  • EPSS 0.01%
  • Veröffentlicht 02.03.2024 22:15:46
  • Zuletzt bearbeitet 29.04.2025 16:51:43

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when...

7.5

CVE-2024-27354

  • EPSS 0.15%
  • Veröffentlicht 01.03.2024 23:15:08
  • Zuletzt bearbeitet 15.09.2025 17:58:58

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service (CPU consumption for an isPrime prima...

7.5

CVE-2024-27355

  • EPSS 0.15%
  • Veröffentlicht 01.03.2024 23:15:08
  • Zuletzt bearbeitet 15.09.2025 17:17:49

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service (CPU consumption for de...

7.8

CVE-2023-52482

  • EPSS 0.02%
  • Veröffentlicht 29.02.2024 06:15:46
  • Zuletzt bearbeitet 25.11.2025 17:22:27

In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which exists on Hygon processors too.

7.5

CVE-2024-25126

Exploit
  • EPSS 0.33%
  • Veröffentlicht 29.02.2024 00:15:51
  • Zuletzt bearbeitet 14.02.2025 15:51:19

Rack is a modular Ruby web server interface. Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service vulnerability (ReDos 2nd degree polynomial). This vulner...

7.5

CVE-2024-26141

Exploit
  • EPSS 0.29%
  • Veröffentlicht 29.02.2024 00:15:51
  • Zuletzt bearbeitet 14.02.2025 15:33:08

Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such large responses could lead to a denial of service issue. Vulnerable applications will...

7.5

CVE-2024-26146

  • EPSS 0.57%
  • Veröffentlicht 29.02.2024 00:15:51
  • Zuletzt bearbeitet 14.02.2025 15:51:42

Rack is a modular Ruby web server interface. Carefully crafted headers can cause header parsing in Rack to take longer than expected resulting in a possible denial of service issue. Accept and Forwarded headers are impacted. Ruby 3.2 has mitigations ...

6.1

CVE-2024-27285

Exploit
  • EPSS 2.47%
  • Veröffentlicht 28.02.2024 20:15:41
  • Zuletzt bearbeitet 14.02.2025 15:31:24

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb"...

4.2

CVE-2024-25081

  • EPSS 0.04%
  • Veröffentlicht 26.02.2024 16:27:58
  • Zuletzt bearbeitet 04.11.2025 19:16:58

Splinefont in FontForge through 20230101 allows command injection via crafted filenames.

6.5

CVE-2024-25082

  • EPSS 0.91%
  • Veröffentlicht 26.02.2024 16:27:58
  • Zuletzt bearbeitet 04.11.2025 19:16:58

Splinefont in FontForge through 20230101 allows command injection via crafted archives or compressed files.