Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-23943

  • EPSS 60.55%
  • Veröffentlicht 14.03.2022 11:15:09
  • Zuletzt bearbeitet 01.05.2025 15:37:55

Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

3.7

CVE-2021-36368

  • EPSS 0.4%
  • Veröffentlicht 13.03.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:13:36

An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the u...

5.6

CVE-2022-23960

  • EPSS 0.14%
  • Veröffentlicht 13.03.2022 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:49:32

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then,...

5.5

CVE-2022-26966

  • EPSS 0.03%
  • Veröffentlicht 12.03.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:54:52

An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.

9.8

CVE-2022-24754

  • EPSS 0.47%
  • Veröffentlicht 11.03.2022 20:15:08
  • Zuletzt bearbeitet 04.11.2025 16:15:47

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (...

5.5

CVE-2022-0924

Exploit
  • EPSS 0.08%
  • Veröffentlicht 11.03.2022 18:15:30
  • Zuletzt bearbeitet 21.11.2024 06:39:40

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.

5.5

CVE-2022-0909

Exploit
  • EPSS 0.2%
  • Veröffentlicht 11.03.2022 18:15:28
  • Zuletzt bearbeitet 21.11.2024 06:39:38

Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.

5.5

CVE-2022-0908

Exploit
  • EPSS 0.04%
  • Veröffentlicht 11.03.2022 18:15:27
  • Zuletzt bearbeitet 21.11.2024 06:39:38

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

5.5

CVE-2022-0907

Exploit
  • EPSS 0.21%
  • Veröffentlicht 11.03.2022 18:15:26
  • Zuletzt bearbeitet 21.11.2024 06:39:38

Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.

5.4

CVE-2022-26874

Exploit
  • EPSS 0.31%
  • Veröffentlicht 11.03.2022 07:15:08
  • Zuletzt bearbeitet 21.11.2024 06:54:43

lib/Horde/Mime/Viewer/Ooo.php in Horde Mime_Viewer before 2.2.4 allows XSS via an OpenOffice document, leading to account takeover in Horde Groupware Webmail Edition. This occurs after XSLT rendering.