Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 16.56%
  • Veröffentlicht 02.03.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:39:14

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service cond...

Exploit
  • EPSS 1.24%
  • Veröffentlicht 02.03.2022 04:15:06
  • Zuletzt bearbeitet 21.11.2024 06:38:57

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.

Exploit
  • EPSS 2.6%
  • Veröffentlicht 01.03.2022 23:15:08
  • Zuletzt bearbeitet 21.11.2024 06:50:56

image_processing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the `#apply` method from image_processing to apply a series of operations that are coming from unsanitized user input allows th...

  • EPSS 6.01%
  • Veröffentlicht 26.02.2022 05:15:08
  • Zuletzt bearbeitet 05.05.2025 17:17:56

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

  • EPSS 21.51%
  • Veröffentlicht 24.02.2022 19:15:10
  • Zuletzt bearbeitet 21.11.2024 06:45:30

Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, whi...

Exploit
  • EPSS 1.89%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:55

A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which ...

  • EPSS 0.3%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:57

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a ...

  • EPSS 0.36%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due ...

  • EPSS 0.31%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:11

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or bl...

Exploit
  • EPSS 10.36%
  • Veröffentlicht 24.02.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:10

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an inje...