Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-43804

  • EPSS 0.3%
  • Veröffentlicht 22.12.2021 18:15:07
  • Zuletzt bearbeitet 04.11.2025 16:15:45

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length,...

7

CVE-2021-44733

Exploit
  • EPSS 0.26%
  • Veröffentlicht 22.12.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:28

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

8.2

CVE-2021-44224

  • EPSS 10.96%
  • Veröffentlicht 20.12.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:30:37

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix D...

9.8

CVE-2021-44790

Exploit
  • EPSS 87.09%
  • Veröffentlicht 20.12.2021 12:15:07
  • Zuletzt bearbeitet 01.05.2025 15:38:06

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This...

9.8

CVE-2021-44732

Exploit
  • EPSS 0.93%
  • Veröffentlicht 20.12.2021 08:15:06
  • Zuletzt bearbeitet 03.11.2025 20:15:51

Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.

5.9

CVE-2021-45105

Warnung
  • EPSS 70.43%
  • Veröffentlicht 18.12.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:31:58

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...

9.8

CVE-2021-23450

Exploit
  • EPSS 2.41%
  • Veröffentlicht 17.12.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:51:46

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.

7.8

CVE-2021-4008

  • EPSS 0.07%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:42

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as wel...

7.8

CVE-2021-4009

  • EPSS 0.09%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:43

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity a...

7.8

CVE-2021-4010

  • EPSS 0.08%
  • Veröffentlicht 17.12.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 06:36:43

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well a...