Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-31618

  • EPSS 11%
  • Veröffentlicht 15.06.2021 09:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:02

Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is se...

5.5

CVE-2021-34693

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.06.2021 22:15:20
  • Zuletzt bearbeitet 21.11.2024 06:10:57

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

3.1

CVE-2021-22898

Exploit
  • EPSS 0.13%
  • Veröffentlicht 11.06.2021 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:50:52

curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NE...

5.9

CVE-2021-22895

Exploit
  • EPSS 0.36%
  • Veröffentlicht 11.06.2021 16:15:10
  • Zuletzt bearbeitet 21.11.2024 05:50:51

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

5.5

CVE-2021-27345

Exploit
  • EPSS 0.47%
  • Veröffentlicht 10.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:57:49

A null pointer dereference was discovered in ucompthread in stream.c in Irzip 0.631 which allows attackers to cause a denial of service (DOS) via a crafted compressed file.

5.5

CVE-2021-27347

Exploit
  • EPSS 0.39%
  • Veröffentlicht 10.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:57:49

Use after free in lzma_decompress_buf function in stream.c in Irzip 0.631 allows attackers to cause Denial of Service (DoS) via a crafted compressed file.

5.5

CVE-2020-25467

Exploit
  • EPSS 0.64%
  • Veröffentlicht 10.06.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 05:18:00

A null pointer dereference was discovered lzo_decompress_buf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service (DOS) via a crafted compressed file.

7.5

CVE-2020-13950

  • EPSS 21.54%
  • Veröffentlicht 10.06.2021 07:15:07
  • Zuletzt bearbeitet 21.11.2024 05:02:13

Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

7.3

CVE-2020-35452

  • EPSS 10.7%
  • Veröffentlicht 10.06.2021 07:15:07
  • Zuletzt bearbeitet 21.11.2024 05:27:18

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particula...

7.5

CVE-2021-26690

  • EPSS 70.38%
  • Veröffentlicht 10.06.2021 07:15:07
  • Zuletzt bearbeitet 21.11.2024 05:56:40

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service