Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.12%
  • Veröffentlicht 11.04.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 06:04:01

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.

Exploit
  • EPSS 1.21%
  • Veröffentlicht 09.04.2021 07:15:16
  • Zuletzt bearbeitet 21.11.2024 06:03:24

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.

Exploit
  • EPSS 1.56%
  • Veröffentlicht 09.04.2021 07:15:16
  • Zuletzt bearbeitet 21.11.2024 06:03:25

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's on...

Exploit
  • EPSS 1.23%
  • Veröffentlicht 09.04.2021 07:15:15
  • Zuletzt bearbeitet 21.11.2024 06:03:24

An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.

  • EPSS 2.3%
  • Veröffentlicht 08.04.2021 23:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:38

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing mali...

  • EPSS 0.93%
  • Veröffentlicht 08.04.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:47

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

  • EPSS 3.16%
  • Veröffentlicht 08.04.2021 05:15:13
  • Zuletzt bearbeitet 21.11.2024 05:44:16

A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is ...

  • EPSS 0.33%
  • Veröffentlicht 07.04.2021 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:14

An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.

  • EPSS 0.34%
  • Veröffentlicht 07.04.2021 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:14

An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be7...

  • EPSS 0.33%
  • Veröffentlicht 06.04.2021 19:15:14
  • Zuletzt bearbeitet 21.11.2024 06:00:08

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of clean...