Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2021-35472

Exploit
  • EPSS 0.37%
  • Veröffentlicht 30.07.2021 14:15:17
  • Zuletzt bearbeitet 21.11.2024 06:12:20

An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two dif...

7

CVE-2021-31799

  • EPSS 0.35%
  • Veröffentlicht 30.07.2021 14:15:16
  • Zuletzt bearbeitet 21.11.2024 06:06:14

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.

7.5

CVE-2021-32558

Exploit
  • EPSS 2.88%
  • Veröffentlicht 30.07.2021 14:15:16
  • Zuletzt bearbeitet 21.11.2024 06:07:16

An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported med...

7.1

CVE-2021-32610

  • EPSS 2.95%
  • Veröffentlicht 30.07.2021 14:15:16
  • Zuletzt bearbeitet 21.11.2024 06:07:22

In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.

7.5

CVE-2021-31292

Exploit
  • EPSS 0.55%
  • Veröffentlicht 26.07.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:05:24

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.

5.9

CVE-2021-32686

  • EPSS 2.03%
  • Veröffentlicht 23.07.2021 22:15:08
  • Zuletzt bearbeitet 04.11.2025 16:15:42

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL soc...

7.5

CVE-2021-32785

  • EPSS 0.26%
  • Veröffentlicht 22.07.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:44

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are co...

7.5

CVE-2021-35063

  • EPSS 1.08%
  • Veröffentlicht 22.07.2021 18:15:23
  • Zuletzt bearbeitet 21.11.2024 06:11:46

Suricata before 5.0.7 and 6.x before 6.0.3 has a "critical evasion."

9.1

CVE-2021-35942

  • EPSS 1.11%
  • Veröffentlicht 22.07.2021 18:15:23
  • Zuletzt bearbeitet 13.02.2026 21:16:11

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of in...

7.5

CVE-2021-36222

  • EPSS 9.23%
  • Veröffentlicht 22.07.2021 18:15:23
  • Zuletzt bearbeitet 21.11.2024 06:13:20

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return valu...