Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-42003

Exploit
  • EPSS 0.29%
  • Veröffentlicht 02.10.2022 05:15:09
  • Zuletzt bearbeitet 21.11.2024 07:24:15

In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enab...

7.5

CVE-2022-42004

Exploit
  • EPSS 0.23%
  • Veröffentlicht 02.10.2022 05:15:09
  • Zuletzt bearbeitet 21.11.2024 07:24:15

In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choice...

4.2

CVE-2022-41849

  • EPSS 0.02%
  • Veröffentlicht 30.09.2022 06:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:56

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_di...

4.7

CVE-2022-41850

  • EPSS 0.04%
  • Veröffentlicht 30.09.2022 06:15:12
  • Zuletzt bearbeitet 21.11.2024 07:23:56

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

7.8

CVE-2022-3352

Exploit
  • EPSS 0.03%
  • Veröffentlicht 29.09.2022 12:15:09
  • Zuletzt bearbeitet 21.11.2024 07:19:21

Use After Free in GitHub repository vim/vim prior to 9.0.0614.

9.8

CVE-2016-2338

Exploit
  • EPSS 13.46%
  • Veröffentlicht 29.09.2022 03:15:11
  • Zuletzt bearbeitet 21.11.2024 02:48:15

An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed a...

6.5

CVE-2022-31629

Exploit
  • EPSS 15.42%
  • Veröffentlicht 28.09.2022 23:15:10
  • Zuletzt bearbeitet 04.11.2025 18:15:39

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

5.5

CVE-2022-31628

  • EPSS 0.01%
  • Veröffentlicht 28.09.2022 23:15:09
  • Zuletzt bearbeitet 21.11.2024 07:04:53

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

7.8

CVE-2022-1270

Exploit
  • EPSS 0.05%
  • Veröffentlicht 28.09.2022 20:15:10
  • Zuletzt bearbeitet 21.05.2025 15:15:55

In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

7.5

CVE-2022-39261

  • EPSS 9.51%
  • Veröffentlicht 28.09.2022 14:15:10
  • Zuletzt bearbeitet 21.11.2024 07:17:54

Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates for which the name is a user input. It is possible to use the `source` or `in...