Debian

Debian Linux

9144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2021-40732

  • EPSS 0.12%
  • Veröffentlicht 13.10.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:24:39

XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interactio...

5.3

CVE-2021-42326

  • EPSS 0.51%
  • Veröffentlicht 12.10.2021 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:27:36

Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.

6.5

CVE-2021-3671

  • EPSS 1.14%
  • Veröffentlicht 12.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:07

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

3.7

CVE-2021-41136

  • EPSS 0.29%
  • Veröffentlicht 12.10.2021 16:15:07
  • Zuletzt bearbeitet 27.05.2025 16:15:21

Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request ...

7.5

CVE-2021-25634

  • EPSS 0.22%
  • Veröffentlicht 12.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

7.5

CVE-2021-42260

Exploit
  • EPSS 0.36%
  • Veröffentlicht 11.10.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:27:28

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

7.5

CVE-2021-25633

  • EPSS 0.29%
  • Veröffentlicht 11.10.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

4.3

CVE-2021-37967

  • EPSS 0.39%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

4.3

CVE-2021-37968

  • EPSS 0.52%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

7.8

CVE-2021-37969

  • EPSS 0.72%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file.