Debian

Debian Linux

9294 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-46951

  • EPSS 0.17%
  • Veröffentlicht 10.11.2024 21:15:14
  • Zuletzt bearbeitet 03.11.2025 23:16:11

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

5.9

CVE-2024-50602

  • EPSS 0.13%
  • Veröffentlicht 27.10.2024 05:15:04
  • Zuletzt bearbeitet 15.10.2025 17:54:22

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

9.1

CVE-2024-47685

  • EPSS 0.08%
  • Veröffentlicht 21.10.2024 12:15:05
  • Zuletzt bearbeitet 18.11.2025 15:36:36

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use...

8.1

CVE-2024-41311

Exploit
  • EPSS 0.13%
  • Veröffentlicht 15.10.2024 21:15:10
  • Zuletzt bearbeitet 24.03.2025 14:41:38

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

9.8

CVE-2024-9680

Warnung
  • EPSS 25.1%
  • Veröffentlicht 09.10.2024 13:15:12
  • Zuletzt bearbeitet 04.11.2025 14:35:50

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ...

5.3

CVE-2024-8508

  • EPSS 0.23%
  • Veröffentlicht 03.10.2024 17:15:15
  • Zuletzt bearbeitet 17.12.2024 19:28:03

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend...

9.8

CVE-2024-47175

Exploit
  • EPSS 36.75%
  • Veröffentlicht 26.09.2024 22:15:04
  • Zuletzt bearbeitet 03.11.2025 23:16:12

CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with ot...

5.9

CVE-2024-46544

  • EPSS 0.03%
  • Veröffentlicht 23.09.2024 11:15:10
  • Zuletzt bearbeitet 10.07.2025 19:11:29

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache ...

6.5

CVE-2024-8096

Exploit
  • EPSS 0.41%
  • Veröffentlicht 11.09.2024 10:15:02
  • Zuletzt bearbeitet 30.07.2025 19:42:16

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. ...

10

CVE-2024-42472

Exploit
  • EPSS 6.26%
  • Veröffentlicht 15.08.2024 19:15:19
  • Zuletzt bearbeitet 19.08.2025 15:21:28

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have acces...