Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-0778

Warnung
  • EPSS 7.39%
  • Veröffentlicht 15.03.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:39:22

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed ...

8.8

CVE-2021-43304

Exploit
  • EPSS 0.15%
  • Veröffentlicht 14.03.2022 23:15:08
  • Zuletzt bearbeitet 25.06.2025 20:49:29

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, cop...

8.8

CVE-2021-43305

Exploit
  • EPSS 0.28%
  • Veröffentlicht 14.03.2022 23:15:08
  • Zuletzt bearbeitet 25.06.2025 20:49:29

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, cop...

8.1

CVE-2021-42387

Exploit
  • EPSS 0.32%
  • Veröffentlicht 14.03.2022 23:15:07
  • Zuletzt bearbeitet 25.06.2025 20:49:29

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is read from the compressed data. The offset is later used in th...

8.1

CVE-2021-42388

Exploit
  • EPSS 0.37%
  • Veröffentlicht 14.03.2022 23:15:07
  • Zuletzt bearbeitet 25.06.2025 20:49:29

Heap out-of-bounds read in Clickhouse's LZ4 compression codec when parsing a malicious query. As part of the LZ4::decompressImpl() loop, a 16-bit unsigned user-supplied value ('offset') is read from the compressed data. The offset is later used in th...

7.8

CVE-2022-0943

Exploit
  • EPSS 0.22%
  • Veröffentlicht 14.03.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:39:42

Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

7.8

CVE-2022-20001

  • EPSS 0.28%
  • Veröffentlicht 14.03.2022 19:15:11
  • Zuletzt bearbeitet 21.11.2024 06:41:55

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When us...

7.5

CVE-2022-22719

  • EPSS 29.31%
  • Veröffentlicht 14.03.2022 11:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:18

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

9.8

CVE-2022-22720

  • EPSS 27.46%
  • Veröffentlicht 14.03.2022 11:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:18

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

9.1

CVE-2022-22721

  • EPSS 13.16%
  • Veröffentlicht 14.03.2022 11:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:19

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.