Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2022-20369

  • EPSS 0.04%
  • Veröffentlicht 11.08.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:42:41

In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio...

7.5

CVE-2021-37150

  • EPSS 0.27%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 08.09.2025 19:15:31

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-25763

  • EPSS 0.35%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 06:52:57

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-28129

  • EPSS 0.22%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:48

Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-31778

  • EPSS 0.15%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 07:05:17

Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.

7.5

CVE-2022-31779

  • EPSS 0.16%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 07:05:18

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

7.5

CVE-2022-31780

  • EPSS 0.33%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 07:05:18

Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

9.8

CVE-2022-37452

Exploit
  • EPSS 4.7%
  • Veröffentlicht 07.08.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 07:15:00

Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.

9.8

CVE-2022-37434

Exploit
  • EPSS 92.68%
  • Veröffentlicht 05.08.2022 07:15:07
  • Zuletzt bearbeitet 30.05.2025 20:15:30

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib s...

8

CVE-2022-31197

Exploit
  • EPSS 1.28%
  • Veröffentlicht 03.08.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 07:04:06

PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the `java.sql.ResultRow.refreshRow()` method is not performing escaping of...