Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Medienbericht
  • EPSS 1.32%
  • Veröffentlicht 27.01.2026 15:52:41
  • Zuletzt bearbeitet 06.02.2026 19:59:50

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exp...

Warnung Medienbericht Exploit
  • EPSS 98.87%
  • Veröffentlicht 21.01.2026 06:42:17
  • Zuletzt bearbeitet 11.02.2026 15:40:42

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

  • EPSS 0.68%
  • Veröffentlicht 16.01.2026 19:16:19
  • Zuletzt bearbeitet 30.06.2026 03:17:31

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

Medienbericht Exploit
  • EPSS 42.69%
  • Veröffentlicht 22.12.2025 23:55:30
  • Zuletzt bearbeitet 19.02.2026 16:09:15

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5...

Exploit
  • EPSS 0.13%
  • Veröffentlicht 05.12.2025 13:16:05
  • Zuletzt bearbeitet 07.01.2026 22:20:56

NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.

Exploit
  • EPSS 0.24%
  • Veröffentlicht 24.11.2025 00:00:00
  • Zuletzt bearbeitet 30.12.2025 17:32:50

alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the "userName" parameter.

Exploit
  • EPSS 0.31%
  • Veröffentlicht 10.11.2025 21:58:37
  • Zuletzt bearbeitet 08.01.2026 22:16:02

Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious ...

  • EPSS 0.27%
  • Veröffentlicht 30.10.2025 05:19:40
  • Zuletzt bearbeitet 01.07.2026 15:13:56

A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can c...

  • EPSS 0.28%
  • Veröffentlicht 30.10.2025 05:15:39
  • Zuletzt bearbeitet 01.07.2026 15:17:04

A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation m...

Medienbericht
  • EPSS 0.45%
  • Veröffentlicht 29.10.2025 20:15:35
  • Zuletzt bearbeitet 04.11.2025 13:12:43

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...