Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.2%
  • Veröffentlicht 09.03.2022 20:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:57

An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficu...

  • EPSS 1.2%
  • Veröffentlicht 09.03.2022 20:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:57

An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult...

  • EPSS 14.46%
  • Veröffentlicht 08.03.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:50:55

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mi...

  • EPSS 1.58%
  • Veröffentlicht 06.03.2022 07:15:07
  • Zuletzt bearbeitet 21.11.2024 06:54:04

A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files.

Exploit
  • EPSS 2.74%
  • Veröffentlicht 06.03.2022 06:15:07
  • Zuletzt bearbeitet 21.11.2024 06:54:03

In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling...

Exploit
  • EPSS 3.47%
  • Veröffentlicht 06.03.2022 06:15:07
  • Zuletzt bearbeitet 21.11.2024 06:54:03

In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.

  • EPSS 0.43%
  • Veröffentlicht 06.03.2022 04:15:07
  • Zuletzt bearbeitet 25.06.2025 21:01:34

st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

  • EPSS 3.26%
  • Veröffentlicht 05.03.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:51:23

regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression.

  • EPSS 0.88%
  • Veröffentlicht 04.03.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:18

A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerabilit...

  • EPSS 0.9%
  • Veröffentlicht 04.03.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:18

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerabilit...