Debian

Debian Linux

9928 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2020-10942

Exploit
  • EPSS 0.07%
  • Veröffentlicht 24.03.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:25

In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.

7.5

CVE-2020-6071

Exploit
  • EPSS 0.61%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:02

An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, le...

9.8

CVE-2020-6072

Exploit
  • EPSS 2.2%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:02

An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rr_decode function's return value is not checked, leading to a double free that...

7.5

CVE-2020-6073

Exploit
  • EPSS 1.41%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:02

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a d...

7.5

CVE-2020-6077

Exploit
  • EPSS 0.77%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:02

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages, the implementation does not properly keep track of the available data in the message, possibly lead...

7.5

CVE-2020-6078

Exploit
  • EPSS 1.41%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:03

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdns_recv, the return value of the mdns_read_header function is not checked, leading to an uninit...

7.5

CVE-2020-6079

Exploit
  • EPSS 1.2%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:03

An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service ...

7.5

CVE-2020-6080

Exploit
  • EPSS 1.08%
  • Veröffentlicht 24.03.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:35:03

An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service ...

5.9

CVE-2020-10941

  • EPSS 0.71%
  • Veröffentlicht 24.03.2020 20:15:14
  • Zuletzt bearbeitet 21.11.2024 04:56:25

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.

9.8

CVE-2020-10938

  • EPSS 1.68%
  • Veröffentlicht 24.03.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:24

GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.