Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-15598

Exploit
  • EPSS 3.79%
  • Veröffentlicht 06.10.2020 14:15:12
  • Zuletzt bearbeitet 03.07.2025 20:59:18

Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. NOTE: The discoverer reports "Trustwave has signaled they are disputing our claims." The CVE suggests that there is a security issue with how ModSecurity handles ...

5.5

CVE-2020-25641

  • EPSS 0.06%
  • Veröffentlicht 06.10.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:18

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a ...

7.5

CVE-2020-25643

  • EPSS 0.42%
  • Veröffentlicht 06.10.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:19

A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial...

5.5

CVE-2020-26571

  • EPSS 0.04%
  • Veröffentlicht 06.10.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:20:06

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.

5.5

CVE-2020-26572

  • EPSS 0.05%
  • Veröffentlicht 06.10.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:20:06

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.

5.5

CVE-2020-26570

  • EPSS 0.05%
  • Veröffentlicht 06.10.2020 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:20:06

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

5.7

CVE-2019-14558

  • EPSS 0.12%
  • Veröffentlicht 05.10.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:26:57

Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent ac...

6.5

CVE-2020-7069

  • EPSS 8.35%
  • Veröffentlicht 02.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:36

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and inc...

5.3

CVE-2020-7070

Exploit
  • EPSS 26.09%
  • Veröffentlicht 02.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:37

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode ...

5.5

CVE-2020-26519

  • EPSS 0.77%
  • Veröffentlicht 02.10.2020 06:15:12
  • Zuletzt bearbeitet 21.11.2024 05:19:59

Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.