Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-38864

Exploit
  • EPSS 0.06%
  • Veröffentlicht 15.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:17:11

Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

5.5

CVE-2022-38865

Exploit
  • EPSS 0.06%
  • Veröffentlicht 15.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:17:12

Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

5.5

CVE-2022-38866

  • EPSS 0.07%
  • Veröffentlicht 15.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:17:12

Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

5.4

CVE-2018-25047

Exploit
  • EPSS 0.63%
  • Veröffentlicht 15.09.2022 00:15:09
  • Zuletzt bearbeitet 03.11.2025 22:15:45

In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a ...

8.1

CVE-2022-40674

  • EPSS 1.09%
  • Veröffentlicht 14.09.2022 11:15:54
  • Zuletzt bearbeitet 30.05.2025 20:15:30

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

7.5

CVE-2022-37797

Exploit
  • EPSS 1.44%
  • Veröffentlicht 12.09.2022 15:15:08
  • Zuletzt bearbeitet 21.11.2024 07:15:11

In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to c...

6.5

CVE-2022-38266

Exploit
  • EPSS 0.31%
  • Veröffentlicht 09.09.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:16:08

An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.

5.5

CVE-2022-3169

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 07:18:58

A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.

5.5

CVE-2022-2905

Exploit
  • EPSS 0.01%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:01:54

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

5.5

CVE-2022-36280

  • EPSS 0.05%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:12:42

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user accou...