Debian

Debian Linux

9208 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2019-16943

  • EPSS 1.84%
  • Veröffentlicht 01.10.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:23

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) ja...

3.3

CVE-2019-17055

  • EPSS 0.09%
  • Veröffentlicht 01.10.2019 14:15:51
  • Zuletzt bearbeitet 21.11.2024 04:31:36

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

3.3

CVE-2019-17052

  • EPSS 0.09%
  • Veröffentlicht 01.10.2019 14:15:40
  • Zuletzt bearbeitet 21.11.2024 04:31:36

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.

7.5

CVE-2019-16276

  • EPSS 10.83%
  • Veröffentlicht 30.09.2019 19:15:08
  • Zuletzt bearbeitet 21.11.2024 04:30:26

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

8.8

CVE-2019-16993

  • EPSS 0.22%
  • Veröffentlicht 30.09.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:30

In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack is possible if an attacker also manages to retrieve the session id of a re...

6.1

CVE-2019-16935

Exploit
  • EPSS 0.84%
  • Veröffentlicht 28.09.2019 02:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:23

The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_ti...

9.8

CVE-2019-16928

Warnung Exploit
  • EPSS 89.53%
  • Veröffentlicht 27.09.2019 21:15:10
  • Zuletzt bearbeitet 22.10.2025 00:16:36

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.

6.5

CVE-2019-9433

  • EPSS 6.76%
  • Veröffentlicht 27.09.2019 19:15:29
  • Zuletzt bearbeitet 21.11.2024 04:51:38

In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers...

7.1

CVE-2019-9371

  • EPSS 14.33%
  • Veröffentlicht 27.09.2019 19:15:24
  • Zuletzt bearbeitet 21.11.2024 04:51:31

In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: An...

6.5

CVE-2019-9325

  • EPSS 8.89%
  • Veröffentlicht 27.09.2019 19:15:21
  • Zuletzt bearbeitet 21.11.2024 04:51:25

In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: A...