Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-24752

Exploit
  • EPSS 0.03%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:48:22

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

5.5

CVE-2023-24754

Exploit
  • EPSS 0.03%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 21:15:16

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

5.5

CVE-2023-24755

Exploit
  • EPSS 0.03%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 21:15:16

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

5.5

CVE-2023-24756

Exploit
  • EPSS 0.03%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 21:15:16

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

5.5

CVE-2023-24757

Exploit
  • EPSS 0.02%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 16:15:36

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

5.5

CVE-2023-24758

Exploit
  • EPSS 0.03%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 21:15:16

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

7.8

CVE-2023-25221

Exploit
  • EPSS 0.04%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:49:20

Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.

9.8

CVE-2023-27372

  • EPSS 93.12%
  • Veröffentlicht 28.02.2023 20:15:10
  • Zuletzt bearbeitet 11.03.2025 15:15:38

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

4.7

CVE-2023-26545

  • EPSS 0.02%
  • Veröffentlicht 25.02.2023 04:15:10
  • Zuletzt bearbeitet 25.06.2025 20:54:48

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

4.2

CVE-2023-23920

  • EPSS 0.1%
  • Veröffentlicht 23.02.2023 20:15:14
  • Zuletzt bearbeitet 17.03.2025 19:15:19

An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.