Debian

Debian Linux

9952 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2020-7247

Warnung Exploit
  • EPSS 94.08%
  • Veröffentlicht 29.01.2020 16:15:12
  • Zuletzt bearbeitet 07.11.2025 22:02:55

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This ...

9.8

CVE-2015-8011

  • EPSS 4.15%
  • Veröffentlicht 28.01.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 02:37:50

Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and ...

8.8

CVE-2020-8112

Exploit
  • EPSS 1.79%
  • Veröffentlicht 28.01.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:38:19

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.

9.8

CVE-2020-8086

  • EPSS 0.67%
  • Veröffentlicht 28.01.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:38:16

The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username ...

5.5

CVE-2020-0549

  • EPSS 0.09%
  • Veröffentlicht 28.01.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 04:53:43

Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

7.5

CVE-2020-7238

Exploit
  • EPSS 1.5%
  • Veröffentlicht 27.01.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:53

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

4.3

CVE-2014-8161

  • EPSS 0.71%
  • Veröffentlicht 27.01.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 02:18:41

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.

8.8

CVE-2015-0241

  • EPSS 6.3%
  • Veröffentlicht 27.01.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 02:22:38

The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1)...

8.8

CVE-2015-0242

  • EPSS 3.38%
  • Veröffentlicht 27.01.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 02:22:38

Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users...

8.8

CVE-2015-0243

  • EPSS 6.71%
  • Veröffentlicht 27.01.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 02:22:38

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute...