Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2022-26364

Exploit
  • EPSS 0.11%
  • Veröffentlicht 09.06.2022 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:53:50

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a reg...

6.9

CVE-2022-26362

  • EPSS 0.05%
  • Veröffentlicht 09.06.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:53:49

x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable...

7.2

CVE-2022-26363

  • EPSS 0.08%
  • Veröffentlicht 09.06.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:53:50

x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a reg...

7.8

CVE-2022-2000

Exploit
  • EPSS 0.33%
  • Veröffentlicht 09.06.2022 16:15:08
  • Zuletzt bearbeitet 03.11.2025 21:15:51

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

9.8

CVE-2022-31031

  • EPSS 0.72%
  • Veröffentlicht 09.06.2022 16:15:08
  • Zuletzt bearbeitet 04.11.2025 16:15:49

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability a...

7.8

CVE-2022-31214

  • EPSS 0.07%
  • Veröffentlicht 09.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 07:04:08

A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linu...

5.5

CVE-2022-31030

  • EPSS 0.16%
  • Veröffentlicht 09.06.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:44

containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can...

9

CVE-2019-9971

Exploit
  • EPSS 0.32%
  • Veröffentlicht 07.06.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:52:42

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpd...

9

CVE-2019-9972

Exploit
  • EPSS 0.55%
  • Veröffentlicht 07.06.2022 18:15:10
  • Zuletzt bearbeitet 21.11.2024 04:52:42

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of "<space><space> followed by <shift><enter>" mishandling.

7.8

CVE-2022-32250

Exploit
  • EPSS 1.24%
  • Veröffentlicht 02.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 07:06:01

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.