Debian

Debian Linux

9142 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2021-44759

  • EPSS 0.5%
  • Veröffentlicht 23.03.2022 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:31:32

Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.

7.8

CVE-2022-27666

  • EPSS 0.78%
  • Veröffentlicht 23.03.2022 06:15:06
  • Zuletzt bearbeitet 21.11.2024 06:56:08

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation ...

7.5

CVE-2022-24764

  • EPSS 0.42%
  • Veröffentlicht 22.03.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:51:02

PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`...

9.8

CVE-2022-0547

  • EPSS 0.56%
  • Veröffentlicht 18.03.2022 18:15:12
  • Zuletzt bearbeitet 23.04.2025 19:15:52

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially ...

7.8

CVE-2022-1011

  • EPSS 0.2%
  • Veröffentlicht 18.03.2022 18:15:12
  • Zuletzt bearbeitet 21.11.2024 06:39:51

A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.

5.9

CVE-2022-24302

Exploit
  • EPSS 0.88%
  • Veröffentlicht 17.03.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:50:07

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

7.5

CVE-2022-24761

  • EPSS 0.2%
  • Veröffentlicht 17.03.2022 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:51:02

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy ...

7.5

CVE-2022-26353

  • EPSS 0.21%
  • Veröffentlicht 16.03.2022 15:15:16
  • Zuletzt bearbeitet 21.11.2024 06:53:48

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected Q...

3.2

CVE-2022-26354

  • EPSS 0.01%
  • Veröffentlicht 16.03.2022 15:15:16
  • Zuletzt bearbeitet 21.11.2024 06:53:48

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

7

CVE-2021-39713

Exploit
  • EPSS 0.03%
  • Veröffentlicht 16.03.2022 15:15:11
  • Zuletzt bearbeitet 21.11.2024 06:20:04

Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel