Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-29581

Exploit
  • EPSS 0.39%
  • Veröffentlicht 17.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:20

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

9.1

CVE-2022-1586

  • EPSS 0.45%
  • Veröffentlicht 16.05.2022 21:15:07
  • Zuletzt bearbeitet 25.03.2025 19:39:30

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occu...

7.8

CVE-2022-1679

  • EPSS 0.05%
  • Veröffentlicht 16.05.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:14

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate the...

5.5

CVE-2022-21151

  • EPSS 0.05%
  • Veröffentlicht 12.05.2022 17:15:09
  • Zuletzt bearbeitet 05.05.2025 17:17:40

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

9.3

CVE-2022-1650

Exploit
  • EPSS 1.14%
  • Veröffentlicht 12.05.2022 11:15:07
  • Zuletzt bearbeitet 24.02.2026 20:18:34

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2.

7.5

CVE-2022-29885

  • EPSS 58.51%
  • Veröffentlicht 12.05.2022 08:15:07
  • Zuletzt bearbeitet 21.11.2024 06:59:54

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct....

7.8

CVE-2022-30594

Exploit
  • EPSS 0.02%
  • Veröffentlicht 12.05.2022 05:15:06
  • Zuletzt bearbeitet 21.11.2024 07:02:59

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

5.5

CVE-2022-1623

Exploit
  • EPSS 0.12%
  • Veröffentlicht 11.05.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:07

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

7.8

CVE-2022-1621

Exploit
  • EPSS 0.11%
  • Veröffentlicht 10.05.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:06

Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

7.5

CVE-2022-28739

  • EPSS 0.31%
  • Veröffentlicht 09.05.2022 18:15:08
  • Zuletzt bearbeitet 04.11.2025 16:15:48

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f.