Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.7

CVE-2021-43980

  • EPSS 0.25%
  • Veröffentlicht 28.09.2022 14:15:09
  • Zuletzt bearbeitet 21.05.2025 15:15:55

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10...

6.1

CVE-2022-32166

  • EPSS 0.62%
  • Veröffentlicht 28.09.2022 10:15:09
  • Zuletzt bearbeitet 21.05.2025 15:15:56

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory m...

4.7

CVE-2022-3303

Exploit
  • EPSS 0.02%
  • Veröffentlicht 27.09.2022 23:15:15
  • Zuletzt bearbeitet 21.05.2025 16:15:28

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use t...

7.8

CVE-2022-3324

Exploit
  • EPSS 0.08%
  • Veröffentlicht 27.09.2022 23:15:15
  • Zuletzt bearbeitet 03.11.2025 21:15:54

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

5.4

CVE-2022-3201

  • EPSS 0.08%
  • Veröffentlicht 26.09.2022 16:15:13
  • Zuletzt bearbeitet 21.11.2024 07:19:02

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromiu...

9.8

CVE-2022-21797

Exploit
  • EPSS 0.27%
  • Veröffentlicht 26.09.2022 05:15:10
  • Zuletzt bearbeitet 21.11.2024 06:45:27

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.

7.5

CVE-2022-40188

  • EPSS 0.46%
  • Veröffentlicht 23.09.2022 16:15:11
  • Zuletzt bearbeitet 27.05.2025 15:15:28

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

3.7

CVE-2022-35252

Exploit
  • EPSS 0.36%
  • Veröffentlicht 23.09.2022 14:15:12
  • Zuletzt bearbeitet 05.05.2025 17:18:16

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service...

7.5

CVE-2022-1941

  • EPSS 0.17%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:47

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and ...

5.3

CVE-2022-38398

  • EPSS 0.23%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 03.11.2025 20:15:56

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.