Debian

Debian Linux

9947 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2023-1989

  • EPSS 0.02%
  • Veröffentlicht 11.04.2023 21:15:15
  • Zuletzt bearbeitet 21.11.2024 07:40:17

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

8.2

CVE-2023-1668

  • EPSS 0.32%
  • Veröffentlicht 10.04.2023 22:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:28

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath f...

5.5

CVE-2020-11935

  • EPSS 0.03%
  • Veröffentlicht 07.04.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 04:58:56

It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.

6.5

CVE-2023-29415

Exploit
  • EPSS 0.16%
  • Veröffentlicht 06.04.2023 05:15:07
  • Zuletzt bearbeitet 13.02.2025 21:15:13

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.

6.3

CVE-2023-1855

  • EPSS 0.01%
  • Veröffentlicht 05.04.2023 20:15:07
  • Zuletzt bearbeitet 12.02.2025 16:15:34

A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability co...

8.8

CVE-2023-1810

  • EPSS 1.06%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:56

Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1811

  • EPSS 0.7%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:56

Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2023-1812

  • EPSS 0.93%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

6.5

CVE-2023-1813

  • EPSS 0.05%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medi...

6.5

CVE-2023-1814

  • EPSS 0.07%
  • Veröffentlicht 04.04.2023 22:15:07
  • Zuletzt bearbeitet 21.11.2024 07:39:57

Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)