Debian

Debian Linux

9293 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2025-32433

Warnung Medienbericht Exploit
  • EPSS 49.27%
  • Veröffentlicht 16.04.2025 21:34:37
  • Zuletzt bearbeitet 04.11.2025 14:49:05

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in S...

9.8

CVE-2025-2291

  • EPSS 0.05%
  • Veröffentlicht 16.04.2025 18:16:04
  • Zuletzt bearbeitet 08.12.2025 18:32:49

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

5.5

CVE-2025-23138

  • EPSS 0.03%
  • Veröffentlicht 16.04.2025 14:13:17
  • Zuletzt bearbeitet 04.11.2025 17:00:09

In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe...

5.5

CVE-2025-22119

  • EPSS 0.03%
  • Veröffentlicht 16.04.2025 14:13:04
  • Zuletzt bearbeitet 03.11.2025 18:29:23

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphy_work before allocating rfkill fails syzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1] After rfkill allocation fails, the wiphy r...

3.8

CVE-2025-32728

  • EPSS 0.05%
  • Veröffentlicht 10.04.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 16:51:54

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

5.5

CVE-2025-29769

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.04.2025 20:15:21
  • Zuletzt bearbeitet 09.10.2025 13:41:29

libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known intern...

7.4

CVE-2025-3155

Exploit
  • EPSS 0.15%
  • Veröffentlicht 03.04.2025 14:15:46
  • Zuletzt bearbeitet 12.08.2025 21:15:30

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

7.8

CVE-2023-52935

  • EPSS 0.02%
  • Veröffentlicht 27.03.2025 16:37:15
  • Zuletzt bearbeitet 25.11.2025 17:28:44

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix ->anon_vma race If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires it to be locked. Page table traversal is allowed under any one of the ...

7.8

CVE-2024-40635

  • EPSS 0.01%
  • Veröffentlicht 17.03.2025 21:32:37
  • Zuletzt bearbeitet 02.10.2025 01:51:43

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow con...

10

CVE-2025-24201

Warnung
  • EPSS 0.08%
  • Veröffentlicht 11.03.2025 18:15:30
  • Zuletzt bearbeitet 14.11.2025 13:52:54

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iP...