Debian

Debian Linux

9144 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-25863

Exploit
  • EPSS 0.25%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:18:55

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.

7.5

CVE-2020-26575

  • EPSS 2.23%
  • Veröffentlicht 06.10.2020 15:15:15
  • Zuletzt bearbeitet 21.11.2024 05:20:06

In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.

7.5

CVE-2020-15598

Exploit
  • EPSS 3.79%
  • Veröffentlicht 06.10.2020 14:15:12
  • Zuletzt bearbeitet 03.07.2025 20:59:18

Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. NOTE: The discoverer reports "Trustwave has signaled they are disputing our claims." The CVE suggests that there is a security issue with how ModSecurity handles ...

5.5

CVE-2020-25641

  • EPSS 0.06%
  • Veröffentlicht 06.10.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:18

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a ...

7.5

CVE-2020-25643

  • EPSS 0.39%
  • Veröffentlicht 06.10.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:19

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial...

5.5

CVE-2020-26571

  • EPSS 0.04%
  • Veröffentlicht 06.10.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:20:06

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.

5.5

CVE-2020-26572

  • EPSS 0.05%
  • Veröffentlicht 06.10.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:20:06

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.

5.5

CVE-2020-26570

  • EPSS 0.05%
  • Veröffentlicht 06.10.2020 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:06

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

5.7

CVE-2019-14558

  • EPSS 0.12%
  • Veröffentlicht 05.10.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:26:57

Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent ac...

6.5

CVE-2020-7069

  • EPSS 7.83%
  • Veröffentlicht 02.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:36

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and inc...