Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-1712

  • EPSS 0.11%
  • Veröffentlicht 31.03.2020 17:15:26
  • Zuletzt bearbeitet 21.11.2024 05:11:13

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially...

9.8

CVE-2020-10595

  • EPSS 7.3%
  • Veröffentlicht 31.03.2020 13:15:13
  • Zuletzt bearbeitet 21.11.2024 04:55:39

pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an at...

8.8

CVE-2020-11111

  • EPSS 2.08%
  • Veröffentlicht 31.03.2020 05:15:13
  • Zuletzt bearbeitet 21.11.2024 04:56:48

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).

8.8

CVE-2020-11112

  • EPSS 6.77%
  • Veröffentlicht 31.03.2020 05:15:13
  • Zuletzt bearbeitet 29.04.2026 18:58:57

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).

8.8

CVE-2020-11113

  • EPSS 60.71%
  • Veröffentlicht 31.03.2020 05:15:13
  • Zuletzt bearbeitet 29.04.2026 20:05:54

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).

6.5

CVE-2020-10955

  • EPSS 0.18%
  • Veröffentlicht 27.03.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:26

GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders.

4.3

CVE-2020-1770

  • EPSS 0.36%
  • Veröffentlicht 27.03.2020 13:15:15
  • Zuletzt bearbeitet 21.11.2024 05:11:21

Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions.

7.5

CVE-2020-1772

  • EPSS 0.45%
  • Veröffentlicht 27.03.2020 13:15:15
  • Zuletzt bearbeitet 21.11.2024 05:11:21

It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and pri...

8.8

CVE-2020-10969

  • EPSS 1.04%
  • Veröffentlicht 26.03.2020 13:15:13
  • Zuletzt bearbeitet 21.11.2024 04:56:28

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.

8.8

CVE-2020-10968

  • EPSS 3.82%
  • Veröffentlicht 26.03.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:28

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).