Debian

Debian Linux

9952 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2015-1855

  • EPSS 2.72%
  • Veröffentlicht 29.11.2019 21:15:10
  • Zuletzt bearbeitet 21.11.2024 02:26:16

verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multi...

10

CVE-2019-14901

  • EPSS 5.47%
  • Veröffentlicht 29.11.2019 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:38

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary co...

9.8

CVE-2019-14897

  • EPSS 0.35%
  • Veröffentlicht 29.11.2019 15:15:10
  • Zuletzt bearbeitet 21.11.2024 04:27:38

A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allow...

9.8

CVE-2019-14895

  • EPSS 0.83%
  • Veröffentlicht 29.11.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:37

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote device...

4.4

CVE-2019-19318

Exploit
  • EPSS 0.35%
  • Veröffentlicht 28.11.2019 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:34

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

5.3

CVE-2011-2515

  • EPSS 0.17%
  • Veröffentlicht 27.11.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 01:28:26

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.

10

CVE-2011-2523

Exploit
  • EPSS 94.27%
  • Veröffentlicht 27.11.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 01:28:27

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.

5.3

CVE-2011-2207

Exploit
  • EPSS 1.45%
  • Veröffentlicht 27.11.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 01:27:49

dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.

6.5

CVE-2013-2625

  • EPSS 0.18%
  • Veröffentlicht 27.11.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 01:52:03

An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified

3.3

CVE-2012-6655

Exploit
  • EPSS 0.02%
  • Veröffentlicht 27.11.2019 18:15:11
  • Zuletzt bearbeitet 21.11.2024 01:46:37

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.