Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.3%
  • Veröffentlicht 20.07.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 05:49:45

Crash in DNP dissector in Wireshark 3.4.0 to 3.4.6 and 3.2.0 to 3.2.14 allows denial of service via packet injection or crafted capture file

  • EPSS 0.55%
  • Veröffentlicht 20.07.2021 07:15:07
  • Zuletzt bearbeitet 21.11.2024 04:39:50

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).

Exploit
  • EPSS 1.58%
  • Veröffentlicht 19.07.2021 17:15:11
  • Zuletzt bearbeitet 03.12.2025 16:15:53

An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.

  • EPSS 1.26%
  • Veröffentlicht 19.07.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:28

An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.

  • EPSS 1.2%
  • Veröffentlicht 19.07.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:28

An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator.

  • EPSS 0.34%
  • Veröffentlicht 19.07.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:28

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.

Exploit
  • EPSS 0.91%
  • Veröffentlicht 19.07.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:28

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.

  • EPSS 1.69%
  • Veröffentlicht 19.07.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:29:28

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

Exploit
  • EPSS 1.26%
  • Veröffentlicht 18.07.2021 04:15:08
  • Zuletzt bearbeitet 21.11.2024 06:14:04

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss ...

Exploit
  • EPSS 1.8%
  • Veröffentlicht 15.07.2021 16:15:09
  • Zuletzt bearbeitet 03.11.2025 22:15:48

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions prior to 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga...