Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.27%
  • Veröffentlicht 01.11.2022 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:44

Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone, there might be Xenstore nodes left with access rights containing the domid of the removed domain. This is norma...

  • EPSS 0.27%
  • Veröffentlicht 01.11.2022 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:44

Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xen...

  • EPSS 0.28%
  • Veröffentlicht 01.11.2022 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:44

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a ...

  • EPSS 0.28%
  • Veröffentlicht 01.11.2022 13:15:11
  • Zuletzt bearbeitet 21.11.2024 07:24:45

Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a ...

  • EPSS 1.63%
  • Veröffentlicht 31.10.2022 06:15:09
  • Zuletzt bearbeitet 06.05.2025 19:15:56

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control...

Exploit
  • EPSS 0.61%
  • Veröffentlicht 29.10.2022 19:15:10
  • Zuletzt bearbeitet 21.11.2024 07:24:11

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multip...

Exploit
  • EPSS 0.66%
  • Veröffentlicht 29.10.2022 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:24:11

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which...

  • EPSS 1.06%
  • Veröffentlicht 26.10.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 07:17:57

Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD...

Exploit
  • EPSS 1.16%
  • Veröffentlicht 26.10.2022 20:15:10
  • Zuletzt bearbeitet 03.11.2025 22:15:59

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header une...

  • EPSS 1.2%
  • Veröffentlicht 26.10.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 07:20:04

A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remo...