Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-62600

  • EPSS 0.03%
  • Veröffentlicht 03.02.2026 19:16:14
  • Zuletzt bearbeitet 14.04.2026 16:16:31

eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within ...

7.5

CVE-2025-62599

  • EPSS 0.03%
  • Veröffentlicht 03.02.2026 17:54:49
  • Zuletzt bearbeitet 09.04.2026 18:16:41

eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within ...

7.5

CVE-2026-25061

Exploit
  • EPSS 0.07%
  • Veröffentlicht 29.01.2026 21:42:47
  • Zuletzt bearbeitet 25.02.2026 15:24:30

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can...

7.8

CVE-2026-24765

  • EPSS 0.16%
  • Veröffentlicht 27.01.2026 21:35:54
  • Zuletzt bearbeitet 03.03.2026 15:25:01

PHPUnit is a testing framework for PHP. A vulnerability has been discovered in versions prior to 12.5.8, 11.5.50, 10.5.62, 9.6.33, and 8.5.52 involving unsafe deserialization of code coverage data in PHPT test execution. The vulnerability exists in t...

9.8

CVE-2025-68670

Medienbericht
  • EPSS 0.16%
  • Veröffentlicht 27.01.2026 15:52:41
  • Zuletzt bearbeitet 06.02.2026 19:59:50

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exp...

9.8

CVE-2026-24061

Warnung Medienbericht Exploit
  • EPSS 91.12%
  • Veröffentlicht 21.01.2026 06:42:17
  • Zuletzt bearbeitet 11.02.2026 15:40:42

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

7.5

CVE-2026-23490

  • EPSS 0.03%
  • Veröffentlicht 16.01.2026 19:16:19
  • Zuletzt bearbeitet 13.03.2026 14:19:34

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

9.8

CVE-2025-68615

Medienbericht Exploit
  • EPSS 0.34%
  • Veröffentlicht 22.12.2025 23:55:30
  • Zuletzt bearbeitet 19.02.2026 16:09:15

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5...

5.5

CVE-2025-6966

Exploit
  • EPSS 0.04%
  • Veröffentlicht 05.12.2025 13:16:05
  • Zuletzt bearbeitet 07.01.2026 22:20:56

NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.

6.1

CVE-2025-63498

Exploit
  • EPSS 0.06%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 30.12.2025 17:32:50

alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the "userName" parameter.