Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-3863

  • EPSS 9.76%
  • Veröffentlicht 25.03.2019 18:29:01
  • Zuletzt bearbeitet 19.12.2025 04:15:59

A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by th...

5.5

CVE-2019-10018

Exploit
  • EPSS 0.64%
  • Veröffentlicht 25.03.2019 00:29:05
  • Zuletzt bearbeitet 21.11.2024 04:18:13

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.

8.8

CVE-2019-9956

Exploit
  • EPSS 0.79%
  • Veröffentlicht 24.03.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:40

In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.

9.1

CVE-2019-9948

Exploit
  • EPSS 0.92%
  • Veröffentlicht 23.03.2019 18:29:02
  • Zuletzt bearbeitet 21.11.2024 04:52:39

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call...

4.3

CVE-2019-9942

  • EPSS 0.32%
  • Veröffentlicht 23.03.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:38

A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place.

7.8

CVE-2019-9924

  • EPSS 0.33%
  • Veröffentlicht 22.03.2019 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:35

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.

9.3

CVE-2019-3855

  • EPSS 10.01%
  • Veröffentlicht 21.03.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:43

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh...

9.1

CVE-2019-3858

  • EPSS 2.19%
  • Veröffentlicht 21.03.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:43

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client mem...

6.5

CVE-2019-9903

Exploit
  • EPSS 0.76%
  • Veröffentlicht 21.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:52:32

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

7.5

CVE-2019-9894

  • EPSS 0.92%
  • Veröffentlicht 21.03.2019 16:01:17
  • Zuletzt bearbeitet 21.11.2024 04:52:31

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.