Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-0318

Exploit
  • EPSS 0.2%
  • Veröffentlicht 21.01.2022 12:15:10
  • Zuletzt bearbeitet 21.11.2024 06:38:22

Heap-based Buffer Overflow in vim/vim prior to 8.2.

7.8

CVE-2021-45417

Exploit
  • EPSS 0.04%
  • Veröffentlicht 20.01.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:32:10

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.

5.5

CVE-2022-21704

  • EPSS 0.14%
  • Veröffentlicht 19.01.2022 23:15:08
  • Zuletzt bearbeitet 21.11.2024 06:45:16

log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files contain sensitive inform...

8.8

CVE-2022-21699

Exploit
  • EPSS 1.38%
  • Veröffentlicht 19.01.2022 22:15:09
  • Zuletzt bearbeitet 21.11.2024 06:45:15

IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved...

5.4

CVE-2021-23225

  • EPSS 0.49%
  • Veröffentlicht 19.01.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 05:51:24

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.

9.8

CVE-2021-33912

Exploit
  • EPSS 1.35%
  • Veröffentlicht 19.01.2022 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:09:45

libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect spr...

10

CVE-2022-23221

Exploit
  • EPSS 26.57%
  • Veröffentlicht 19.01.2022 17:15:09
  • Zuletzt bearbeitet 05.05.2025 17:17:56

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.

5

CVE-2022-21349

  • EPSS 0.12%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:28

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily expl...

5

CVE-2022-21360

  • EPSS 0.11%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:30

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 a...

5

CVE-2022-21365

  • EPSS 0.11%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:31

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 a...