Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 7.47%
  • Veröffentlicht 16.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:51:55

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while...

  • EPSS 3.2%
  • Veröffentlicht 16.02.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:38

Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text.

  • EPSS 4.08%
  • Veröffentlicht 15.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:37

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

Exploit
  • EPSS 2.99%
  • Veröffentlicht 15.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:37

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corrupti...

Exploit
  • EPSS 35.96%
  • Veröffentlicht 15.02.2021 13:15:12
  • Zuletzt bearbeitet 17.12.2025 22:15:55

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector c...

Exploit
  • EPSS 2.98%
  • Veröffentlicht 15.02.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:37

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL be...

  • EPSS 3.18%
  • Veröffentlicht 15.02.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:48:51

In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer a...

Exploit
  • EPSS 4.94%
  • Veröffentlicht 14.02.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:04

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled...

Exploit
  • EPSS 64.15%
  • Veröffentlicht 14.02.2021 03:15:12
  • Zuletzt bearbeitet 21.11.2024 05:57:36

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to s...

Warnung Exploit
  • EPSS 90.07%
  • Veröffentlicht 11.02.2021 21:15:13
  • Zuletzt bearbeitet 24.10.2025 14:48:35

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected....