Debian

Debian Linux

9294 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-50302

Warnung
  • EPSS 2.78%
  • Veröffentlicht 19.11.2024 02:16:32
  • Zuletzt bearbeitet 04.11.2025 14:36:30

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that i...

9.8

CVE-2024-52316

  • EPSS 1.3%
  • Veröffentlicht 18.11.2024 12:15:18
  • Zuletzt bearbeitet 07.11.2025 16:15:59

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly s...

4.2

CVE-2024-10978

  • EPSS 0.22%
  • Veröffentlicht 14.11.2024 13:15:04
  • Zuletzt bearbeitet 03.11.2025 22:16:36

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. Th...

7.5

CVE-2024-52301

Warnung
  • EPSS 18.4%
  • Veröffentlicht 12.11.2024 20:15:14
  • Zuletzt bearbeitet 26.08.2025 02:37:14

Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The ...

9.8

CVE-2024-49369

  • EPSS 14.77%
  • Veröffentlicht 12.11.2024 17:15:08
  • Zuletzt bearbeitet 26.11.2025 13:01:15

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowin...

9.8

CVE-2024-52533

Exploit
  • EPSS 2.46%
  • Veröffentlicht 11.11.2024 23:15:05
  • Zuletzt bearbeitet 17.06.2025 01:23:56

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

7.8

CVE-2024-46956

  • EPSS 0.28%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 03.11.2025 23:16:12

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

5.5

CVE-2024-46955

  • EPSS 0.1%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 03.11.2025 23:16:11

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

7.8

CVE-2024-46953

  • EPSS 0.1%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 03.11.2025 23:16:11

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

7.8

CVE-2024-46952

  • EPSS 0.1%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 14.11.2024 02:01:40

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).