Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.51%
  • Veröffentlicht 17.09.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:39:41

An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.

  • EPSS 0.6%
  • Veröffentlicht 16.09.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:09

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.

  • EPSS 1.31%
  • Veröffentlicht 16.09.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:03:09

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

  • EPSS 0.58%
  • Veröffentlicht 16.09.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:03:09

An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.

  • EPSS 0.31%
  • Veröffentlicht 16.09.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:03

A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates...

  • EPSS 0.42%
  • Veröffentlicht 15.09.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:03:08

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, o...

  • EPSS 0.36%
  • Veröffentlicht 15.09.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:02:59

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The high...

  • EPSS 3.22%
  • Veröffentlicht 15.09.2020 10:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:41

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 ...

Exploit
  • EPSS 2.34%
  • Veröffentlicht 14.09.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:15:27

An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG h...

  • EPSS 0.31%
  • Veröffentlicht 13.09.2020 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:17:51

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.