Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.18%
  • Veröffentlicht 20.01.2021 16:15:14
  • Zuletzt bearbeitet 04.11.2025 20:15:57

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak...

  • EPSS 1.31%
  • Veröffentlicht 19.01.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:12

SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.

  • EPSS 1.67%
  • Veröffentlicht 19.01.2021 20:15:12
  • Zuletzt bearbeitet 20.03.2025 17:01:20

SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.

  • EPSS 7.48%
  • Veröffentlicht 19.01.2021 17:15:13
  • Zuletzt bearbeitet 27.08.2025 21:15:36

A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

  • EPSS 2.8%
  • Veröffentlicht 19.01.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:04

rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email me...

  • EPSS 2.42%
  • Veröffentlicht 19.01.2021 07:15:13
  • Zuletzt bearbeitet 21.11.2024 06:21:04

fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirecto...

Exploit
  • EPSS 23.29%
  • Veröffentlicht 19.01.2021 06:15:12
  • Zuletzt bearbeitet 18.12.2025 15:15:48

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to ...

Warnung
  • EPSS 70.6%
  • Veröffentlicht 18.01.2021 20:15:12
  • Zuletzt bearbeitet 07.11.2025 22:03:02

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

Exploit
  • EPSS 1.84%
  • Veröffentlicht 18.01.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:51

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation o...

  • EPSS 0.57%
  • Veröffentlicht 14.01.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:47:53

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the `flatpak-portal` service that can allow sandboxed applications to execute arbitrary code on the host system (a sandbox es...