Debian

Debian Linux

9140 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-52533

Exploit
  • EPSS 2.46%
  • Published 11.11.2024 23:15:05
  • Last modified 17.06.2025 01:23:56

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

7.8

CVE-2024-46956

  • EPSS 0.36%
  • Published 10.11.2024 22:15:12
  • Last modified 14.11.2024 20:39:54

An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.

5.5

CVE-2024-46955

  • EPSS 0.06%
  • Published 10.11.2024 22:15:12
  • Last modified 14.11.2024 01:53:21

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

7.8

CVE-2024-46953

  • EPSS 0.08%
  • Published 10.11.2024 22:15:12
  • Last modified 14.11.2024 02:01:09

An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.

7.8

CVE-2024-46952

  • EPSS 0.03%
  • Published 10.11.2024 22:15:12
  • Last modified 14.11.2024 02:01:40

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).

7.8

CVE-2024-46951

  • EPSS 0.08%
  • Published 10.11.2024 21:15:14
  • Last modified 14.11.2024 02:13:25

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.

8.1

CVE-2024-41311

Exploit
  • EPSS 0.25%
  • Published 15.10.2024 21:15:10
  • Last modified 24.03.2025 14:41:38

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

9.8

CVE-2024-9680

Warning
  • EPSS 13.03%
  • Published 09.10.2024 13:15:12
  • Last modified 26.11.2024 19:53:56

An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ...

5.3

CVE-2024-8508

  • EPSS 0.83%
  • Published 03.10.2024 17:15:15
  • Last modified 17.12.2024 19:28:03

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend...

9.8

CVE-2024-47175

Exploit
  • EPSS 32.46%
  • Published 26.09.2024 22:15:04
  • Last modified 29.09.2025 13:42:33

CUPS is a standards-based, open-source printing system, and `libppd` can be used for legacy PPD file support. The `libppd` function `ppdCreatePPDFromIPP2` does not sanitize IPP attributes when creating the PPD buffer. When used in combination with ot...