Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-3671

  • EPSS 1.48%
  • Veröffentlicht 12.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:07

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.

3.7

CVE-2021-41136

  • EPSS 0.29%
  • Veröffentlicht 12.10.2021 16:15:07
  • Zuletzt bearbeitet 27.05.2025 16:15:21

Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request ...

7.5

CVE-2021-25634

  • EPSS 0.47%
  • Veröffentlicht 12.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

7.5

CVE-2021-42260

Exploit
  • EPSS 1.07%
  • Veröffentlicht 11.10.2021 20:15:07
  • Zuletzt bearbeitet 04.11.2025 19:15:40

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

7.5

CVE-2021-25633

  • EPSS 0.61%
  • Veröffentlicht 11.10.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 05:55:11

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulner...

4.3

CVE-2021-37967

  • EPSS 0.82%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

4.3

CVE-2021-37968

  • EPSS 0.52%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

7.8

CVE-2021-37969

  • EPSS 0.72%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Inappropriate implementation in Google Updater in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to perform local privilege escalation via a crafted file.

8.8

CVE-2021-37970

Exploit
  • EPSS 2.5%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Use after free in File System API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

4.3

CVE-2021-37971

Exploit
  • EPSS 0.22%
  • Veröffentlicht 08.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:16:09

Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.