Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2019-3880

  • EPSS 3.39%
  • Veröffentlicht 09.04.2019 16:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:47

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation...

7.5

CVE-2019-10895

Exploit
  • EPSS 12.45%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

7.5

CVE-2019-10896

Exploit
  • EPSS 11.89%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

7.5

CVE-2019-10899

Exploit
  • EPSS 12.66%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

7.5

CVE-2019-10901

Exploit
  • EPSS 14.37%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

7.5

CVE-2019-10903

Exploit
  • EPSS 12.66%
  • Veröffentlicht 09.04.2019 04:29:01
  • Zuletzt bearbeitet 21.11.2024 04:20:05

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

7.5

CVE-2019-10894

Exploit
  • EPSS 12.66%
  • Veröffentlicht 09.04.2019 04:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:04

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

5.4

CVE-2019-11025

Exploit
  • EPSS 0.64%
  • Veröffentlicht 08.04.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:23

In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.

7.8

CVE-2019-0211

Warnung Exploit
  • EPSS 89.57%
  • Veröffentlicht 08.04.2019 22:29:00
  • Zuletzt bearbeitet 27.10.2025 17:37:51

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with...

7.5

CVE-2019-0217

  • EPSS 43.02%
  • Veröffentlicht 08.04.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:30

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio...