Debian

Debian Linux

9941 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-24061

Warnung Medienbericht Exploit
  • EPSS 75.62%
  • Veröffentlicht 21.01.2026 06:42:17
  • Zuletzt bearbeitet 11.02.2026 15:40:42

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

7.5

CVE-2026-23490

  • EPSS 0.02%
  • Veröffentlicht 16.01.2026 19:16:19
  • Zuletzt bearbeitet 13.03.2026 14:19:34

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

9.8

CVE-2025-68615

Medienbericht Exploit
  • EPSS 0.23%
  • Veröffentlicht 22.12.2025 23:55:30
  • Zuletzt bearbeitet 19.02.2026 16:09:15

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5...

5.5

CVE-2025-6966

Exploit
  • EPSS 0.02%
  • Veröffentlicht 05.12.2025 13:16:05
  • Zuletzt bearbeitet 07.01.2026 22:20:56

NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.

6.1

CVE-2025-63498

Exploit
  • EPSS 0.07%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 30.12.2025 17:32:50

alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the "userName" parameter.

7.8

CVE-2025-64512

Exploit
  • EPSS 0.09%
  • Veröffentlicht 10.11.2025 21:58:37
  • Zuletzt bearbeitet 08.01.2026 22:16:02

Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious ...

7.8

CVE-2025-10934

Medienbericht
  • EPSS 0.13%
  • Veröffentlicht 29.10.2025 20:15:35
  • Zuletzt bearbeitet 04.11.2025 13:12:43

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...

7.8

CVE-2025-10922

Medienbericht
  • EPSS 0.08%
  • Veröffentlicht 29.10.2025 19:29:42
  • Zuletzt bearbeitet 04.11.2025 13:15:06

GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...

7.8

CVE-2025-10921

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 29.10.2025 19:29:39
  • Zuletzt bearbeitet 04.11.2025 17:08:46

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...

5.5

CVE-2025-39923

  • EPSS 0.03%
  • Veröffentlicht 01.10.2025 08:15:35
  • Zuletzt bearbeitet 20.01.2026 15:45:52

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees When we don't have a clock specified in the device tree, we have no way to ensure the BAM is on. This is often ...