Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.51%
  • Veröffentlicht 20.11.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:25

A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can ...

Exploit
  • EPSS 1.63%
  • Veröffentlicht 20.11.2020 16:15:15
  • Zuletzt bearbeitet 21.11.2024 05:09:18

Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.

  • EPSS 0.33%
  • Veröffentlicht 19.11.2020 19:15:11
  • Zuletzt bearbeitet 29.05.2026 18:16:27

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an i...

Exploit
  • EPSS 47.49%
  • Veröffentlicht 19.11.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:21

Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

Warnung Exploit
  • EPSS 84.55%
  • Veröffentlicht 19.11.2020 19:15:11
  • Zuletzt bearbeitet 07.11.2025 22:03:27

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

  • EPSS 30.92%
  • Veröffentlicht 19.11.2020 02:15:11
  • Zuletzt bearbeitet 21.11.2024 04:39:42

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).

  • EPSS 1.21%
  • Veröffentlicht 18.11.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 05:19:32

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously cra...

Exploit
  • EPSS 85%
  • Veröffentlicht 16.11.2020 21:15:12
  • Zuletzt bearbeitet 23.05.2025 16:54:19

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone...

  • EPSS 1.57%
  • Veröffentlicht 16.11.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:29

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while drop...

  • EPSS 46.44%
  • Veröffentlicht 16.11.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:29

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions un...