Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.3%
  • Veröffentlicht 27.09.2022 23:15:15
  • Zuletzt bearbeitet 21.05.2025 16:15:28

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use t...

Exploit
  • EPSS 0.5%
  • Veröffentlicht 27.09.2022 23:15:15
  • Zuletzt bearbeitet 03.11.2025 21:15:54

Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

  • EPSS 0.61%
  • Veröffentlicht 26.09.2022 16:15:13
  • Zuletzt bearbeitet 21.11.2024 07:19:02

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromiu...

Exploit
  • EPSS 1.98%
  • Veröffentlicht 26.09.2022 05:15:10
  • Zuletzt bearbeitet 21.11.2024 06:45:27

The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.

  • EPSS 1.52%
  • Veröffentlicht 23.09.2022 16:15:11
  • Zuletzt bearbeitet 27.05.2025 15:15:28

Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

Exploit
  • EPSS 1.84%
  • Veröffentlicht 23.09.2022 14:15:12
  • Zuletzt bearbeitet 05.05.2025 17:18:16

When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service...

  • EPSS 1.19%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:47

A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and ...

  • EPSS 2.02%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 03.11.2025 20:15:56

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.

  • EPSS 1.95%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 03.11.2025 20:15:56

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.

  • EPSS 5.79%
  • Veröffentlicht 22.09.2022 15:15:09
  • Zuletzt bearbeitet 03.11.2025 20:15:57

Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.