Debian

Debian Linux

9294 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2024-6387

Medienbericht Exploit
  • EPSS 54.14%
  • Veröffentlicht 01.07.2024 13:15:06
  • Zuletzt bearbeitet 30.09.2025 13:52:23

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to aut...

9.1

CVE-2024-37371

  • EPSS 2.61%
  • Veröffentlicht 28.06.2024 23:15:11
  • Zuletzt bearbeitet 03.11.2025 21:16:13

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

6.7

CVE-2024-35235

Exploit
  • EPSS 3.36%
  • Veröffentlicht 11.06.2024 15:16:07
  • Zuletzt bearbeitet 26.09.2025 23:51:23

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be ...

8.6

CVE-2024-5696

  • EPSS 2.24%
  • Veröffentlicht 11.06.2024 13:15:51
  • Zuletzt bearbeitet 06.11.2025 22:25:36

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

4.3

CVE-2024-5690

  • EPSS 3.72%
  • Veröffentlicht 11.06.2024 13:15:50
  • Zuletzt bearbeitet 26.03.2025 14:15:31

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

7.8

CVE-2024-36971

Warnung
  • EPSS 0.44%
  • Veröffentlicht 10.06.2024 09:15:09
  • Zuletzt bearbeitet 05.11.2025 19:19:56

In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we ...

6.1

CVE-2024-37384

  • EPSS 0.4%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 01.05.2025 19:51:01

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

6.1

CVE-2024-37383

Warnung
  • EPSS 66.36%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 31.10.2025 12:48:27

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.

8.1

CVE-2024-5629

  • EPSS 0.09%
  • Veröffentlicht 05.06.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:48:02

An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.

9.1

CVE-2024-5197

Exploit
  • EPSS 0.22%
  • Veröffentlicht 03.06.2024 14:15:09
  • Zuletzt bearbeitet 22.07.2025 18:17:56

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of t...