Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.14%
  • Veröffentlicht 15.07.2021 15:15:08
  • Zuletzt bearbeitet 03.11.2025 22:15:48

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege esca...

  • EPSS 1.6%
  • Veröffentlicht 14.07.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:13:59

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x be...

  • EPSS 1.36%
  • Veröffentlicht 14.07.2021 13:15:08
  • Zuletzt bearbeitet 03.11.2025 20:15:45

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software runni...

  • EPSS 1.14%
  • Veröffentlicht 13.07.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 05:09:21

A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS).

  • EPSS 3.16%
  • Veröffentlicht 13.07.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:10:39

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

Exploit
  • EPSS 3.05%
  • Veröffentlicht 13.07.2021 13:15:09
  • Zuletzt bearbeitet 21.11.2024 06:06:16

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract inf...

  • EPSS 9.89%
  • Veröffentlicht 12.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 06:04:20

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9...

  • EPSS 75.35%
  • Veröffentlicht 12.07.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 06:08:10

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specific...

  • EPSS 0.69%
  • Veröffentlicht 09.07.2021 11:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privi...

  • EPSS 2.96%
  • Veröffentlicht 09.07.2021 11:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:52

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat f...