Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.3%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or i...

  • EPSS 0.3%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.

  • EPSS 0.3%
  • Veröffentlicht 17.08.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:01:50

libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into op...

Exploit
  • EPSS 1.82%
  • Veröffentlicht 15.08.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:12:32

Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.

  • EPSS 0.16%
  • Veröffentlicht 11.08.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:42:41

In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio...

  • EPSS 1.7%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 08.09.2025 19:15:31

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

  • EPSS 1.59%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 20.10.2025 18:15:36

Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

  • EPSS 1.85%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 06:56:48

Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

  • EPSS 1.69%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 07:05:17

Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.

  • EPSS 1.89%
  • Veröffentlicht 10.08.2022 06:15:08
  • Zuletzt bearbeitet 21.11.2024 07:05:18

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.