Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.29%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 21:15:16

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

Exploit
  • EPSS 0.29%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 16:15:36

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

Exploit
  • EPSS 0.29%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 07.03.2025 21:15:16

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.

Exploit
  • EPSS 0.33%
  • Veröffentlicht 01.03.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:49:20

Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.

  • EPSS 99.64%
  • Veröffentlicht 28.02.2023 20:15:10
  • Zuletzt bearbeitet 11.03.2025 15:15:38

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

  • EPSS 0.33%
  • Veröffentlicht 25.02.2023 04:15:10
  • Zuletzt bearbeitet 25.06.2025 20:54:48

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

  • EPSS 0.47%
  • Veröffentlicht 23.02.2023 20:15:14
  • Zuletzt bearbeitet 17.03.2025 19:15:19

An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.

Exploit
  • EPSS 1.7%
  • Veröffentlicht 23.02.2023 20:15:13
  • Zuletzt bearbeitet 12.03.2025 19:15:36

An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms...

  • EPSS 0.98%
  • Veröffentlicht 22.02.2023 07:15:10
  • Zuletzt bearbeitet 20.05.2026 02:16:34

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.

Exploit
  • EPSS 1.61%
  • Veröffentlicht 21.02.2023 16:15:11
  • Zuletzt bearbeitet 17.03.2025 17:15:15

Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length.