Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-22809

Exploit
  • EPSS 48.02%
  • Veröffentlicht 18.01.2023 17:15:10
  • Zuletzt bearbeitet 04.04.2025 16:15:16

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to proce...

5.5

CVE-2022-47929

Exploit
  • EPSS 0.04%
  • Veröffentlicht 17.01.2023 21:15:14
  • Zuletzt bearbeitet 04.04.2025 18:15:43

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and...

8

CVE-2022-46648

  • EPSS 1.98%
  • Veröffentlicht 17.01.2023 10:15:11
  • Zuletzt bearbeitet 21.11.2024 07:30:51

ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-47...

8

CVE-2022-47318

  • EPSS 0.44%
  • Veröffentlicht 17.01.2023 10:15:11
  • Zuletzt bearbeitet 04.04.2025 16:15:16

ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46...

6.5

CVE-2023-23589

Exploit
  • EPSS 0.78%
  • Veröffentlicht 14.01.2023 01:15:15
  • Zuletzt bearbeitet 07.04.2025 19:15:52

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.

7.8

CVE-2023-23559

  • EPSS 0.03%
  • Veröffentlicht 13.01.2023 01:15:10
  • Zuletzt bearbeitet 05.05.2025 16:15:30

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

5.3

CVE-2022-3341

  • EPSS 0.1%
  • Veröffentlicht 12.01.2023 15:15:10
  • Zuletzt bearbeitet 07.08.2025 19:26:02

A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer der...

5.5

CVE-2023-23455

  • EPSS 0.03%
  • Veröffentlicht 12.01.2023 07:15:09
  • Zuletzt bearbeitet 20.03.2025 21:15:18

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification resu...

5.5

CVE-2023-23454

  • EPSS 0.04%
  • Veröffentlicht 12.01.2023 07:15:08
  • Zuletzt bearbeitet 20.03.2025 21:15:18

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than v...

9.8

CVE-2022-4338

  • EPSS 0.68%
  • Veröffentlicht 10.01.2023 22:15:14
  • Zuletzt bearbeitet 21.11.2024 07:35:05

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.