Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-37148

  • EPSS 1.01%
  • Veröffentlicht 03.11.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:14:43

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.

7.5

CVE-2021-37149

  • EPSS 1.01%
  • Veröffentlicht 03.11.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:14:43

Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.

8.1

CVE-2021-38161

  • EPSS 1.17%
  • Veröffentlicht 03.11.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:31

Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.

7.5

CVE-2021-37147

  • EPSS 0.66%
  • Veröffentlicht 03.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:14:43

Improper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.

8.8

CVE-2021-38496

  • EPSS 1.49%
  • Veröffentlicht 03.11.2021 01:15:07
  • Zuletzt bearbeitet 21.11.2024 06:17:14

During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, ...

8.8

CVE-2021-38500

  • EPSS 1.49%
  • Veröffentlicht 03.11.2021 01:15:07
  • Zuletzt bearbeitet 21.11.2024 06:17:15

Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T...

5.9

CVE-2021-38502

  • EPSS 0.46%
  • Veröffentlicht 03.11.2021 01:15:07
  • Zuletzt bearbeitet 21.11.2024 06:17:15

Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen b...

9.6

CVE-2021-37981

  • EPSS 1.45%
  • Veröffentlicht 02.11.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:11

Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

8.8

CVE-2021-37982

  • EPSS 1.13%
  • Veröffentlicht 02.11.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:11

Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2021-37983

  • EPSS 1.31%
  • Veröffentlicht 02.11.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:11

Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.