Debian

Debian Linux

9142 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-40188

  • EPSS 0.31%
  • Published 23.09.2022 16:15:11
  • Last modified 27.05.2025 15:15:28

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

3.7

CVE-2022-35252

Exploit
  • EPSS 0.11%
  • Published 23.09.2022 14:15:12
  • Last modified 05.05.2025 17:18:16

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service...

7.5

CVE-2022-1941

  • EPSS 0.14%
  • Published 22.09.2022 15:15:09
  • Last modified 21.11.2024 06:41:47

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and ...

5.3

CVE-2022-38398

  • EPSS 0.12%
  • Published 22.09.2022 15:15:09
  • Last modified 21.11.2024 07:16:23

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

5.3

CVE-2022-38648

  • EPSS 0.11%
  • Published 22.09.2022 15:15:09
  • Last modified 21.11.2024 07:16:51

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.

7.5

CVE-2022-40146

  • EPSS 37.1%
  • Published 22.09.2022 15:15:09
  • Last modified 21.11.2024 07:20:58

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.

7.8

CVE-2022-3256

Exploit
  • EPSS 0.05%
  • Published 22.09.2022 13:15:09
  • Last modified 21.11.2024 07:19:09

Use After Free in GitHub repository vim/vim prior to 9.0.0530.

5.3

CVE-2022-2795

  • EPSS 0.57%
  • Published 21.09.2022 11:15:09
  • Last modified 29.11.2024 12:15:04

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

7.5

CVE-2022-38177

  • EPSS 1.49%
  • Published 21.09.2022 11:15:09
  • Last modified 28.05.2025 16:15:26

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

7.5

CVE-2022-38178

  • EPSS 1.24%
  • Published 21.09.2022 11:15:09
  • Last modified 28.05.2025 16:15:26

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.