Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-32436

Exploit
  • EPSS 3.04%
  • Veröffentlicht 10.03.2022 17:42:14
  • Zuletzt bearbeitet 21.11.2024 06:07:02

An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors.

4.4

CVE-2022-24349

  • EPSS 0.21%
  • Veröffentlicht 09.03.2022 20:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:56

An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of t...

4.4

CVE-2022-24917

  • EPSS 0.3%
  • Veröffentlicht 09.03.2022 20:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:57

An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficu...

4.4

CVE-2022-24919

  • EPSS 0.3%
  • Veröffentlicht 09.03.2022 20:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:57

An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult...

7.5

CVE-2022-24713

  • EPSS 9.85%
  • Veröffentlicht 08.03.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:50:55

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mi...

7.4

CVE-2022-26505

  • EPSS 0.19%
  • Veröffentlicht 06.03.2022 07:15:07
  • Zuletzt bearbeitet 21.11.2024 06:54:04

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.

9.8

CVE-2022-26495

Exploit
  • EPSS 0.22%
  • Veröffentlicht 06.03.2022 06:15:07
  • Zuletzt bearbeitet 21.11.2024 06:54:03

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling...

9.8

CVE-2022-26496

Exploit
  • EPSS 0.47%
  • Veröffentlicht 06.03.2022 06:15:07
  • Zuletzt bearbeitet 21.11.2024 06:54:03

In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.

7.8

CVE-2022-26490

  • EPSS 0.12%
  • Veröffentlicht 06.03.2022 04:15:07
  • Zuletzt bearbeitet 25.06.2025 21:01:34

st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

7.5

CVE-2022-24921

  • EPSS 0.02%
  • Veröffentlicht 05.03.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:51:23

regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.