Debian

Debian Linux

9144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2021-42739

  • EPSS 0.03%
  • Veröffentlicht 20.10.2021 07:15:09
  • Zuletzt bearbeitet 21.11.2024 06:28:04

The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.

7.5

CVE-2021-37136

  • EPSS 0.25%
  • Veröffentlicht 19.10.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:14:42

The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an...

7.5

CVE-2021-37137

  • EPSS 0.64%
  • Veröffentlicht 19.10.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:14:43

The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well...

7.8

CVE-2021-30846

  • EPSS 0.85%
  • Veröffentlicht 19.10.2021 14:15:09
  • Zuletzt bearbeitet 21.11.2024 06:04:49

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 and iPadOS 15, watchOS 8. Processing maliciously crafted web content may lead to arbitrary code executi...

7.8

CVE-2021-3872

Exploit
  • EPSS 0.13%
  • Veröffentlicht 19.10.2021 13:15:11
  • Zuletzt bearbeitet 21.11.2024 06:22:41

vim is vulnerable to Heap-based Buffer Overflow

7.5

CVE-2021-41990

  • EPSS 1.93%
  • Veröffentlicht 18.10.2021 14:15:10
  • Zuletzt bearbeitet 21.11.2024 06:27:01

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution ...

7.5

CVE-2021-41991

  • EPSS 2.25%
  • Veröffentlicht 18.10.2021 14:15:10
  • Zuletzt bearbeitet 21.11.2024 06:27:02

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less...

7.5

CVE-2021-38562

  • EPSS 0.1%
  • Veröffentlicht 18.10.2021 09:15:08
  • Zuletzt bearbeitet 21.11.2024 06:17:27

Best Practical Request Tracker (RT) 4.2 before 4.2.17, 4.4 before 4.4.5, and 5.0 before 5.0.2 allows sensitive information disclosure via a timing attack against lib/RT/REST2/Middleware/Auth.pm.

7.8

CVE-2021-28021

Exploit
  • EPSS 0.21%
  • Veröffentlicht 15.10.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:58:58

Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.

7.5

CVE-2021-42340

  • EPSS 3%
  • Veröffentlicht 14.10.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:27:38

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for We...