Debian

Debian Linux

9947 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-3338

Exploit
  • EPSS 8.6%
  • Veröffentlicht 30.06.2023 22:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:02

A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. This issue could allow a remote user to crash the system.

7.8

CVE-2023-3090

Exploit
  • EPSS 0.01%
  • Veröffentlicht 28.06.2023 20:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:55

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnera...

7.8

CVE-2023-3389

  • EPSS 0.02%
  • Veröffentlicht 28.06.2023 20:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:56

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past comm...

8.8

CVE-2023-3420

  • EPSS 3.96%
  • Veröffentlicht 26.06.2023 21:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:45

Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3421

  • EPSS 0.71%
  • Veröffentlicht 26.06.2023 21:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:45

Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-3422

  • EPSS 0.19%
  • Veröffentlicht 26.06.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 08:17:13

Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2023-36661

  • EPSS 60.67%
  • Veröffentlicht 25.06.2023 22:15:21
  • Zuletzt bearbeitet 05.05.2025 16:15:42

Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)

7.8

CVE-2023-36664

  • EPSS 6.43%
  • Veröffentlicht 25.06.2023 22:15:21
  • Zuletzt bearbeitet 05.12.2024 15:15:07

Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).

4.4

CVE-2023-3212

  • EPSS 0.01%
  • Veröffentlicht 23.06.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:16:42

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileg...

7.1

CVE-2023-34241

Exploit
  • EPSS 0.03%
  • Veröffentlicht 22.06.2023 23:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:50

OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has b...