Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.74%
  • Veröffentlicht 30.03.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:19:40

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

Exploit
  • EPSS 4.09%
  • Veröffentlicht 30.03.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:19:40

In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.

  • EPSS 12.36%
  • Veröffentlicht 28.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:31

In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.

  • EPSS 1.18%
  • Veröffentlicht 28.03.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:16

In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.

  • EPSS 1.76%
  • Veröffentlicht 27.03.2019 20:29:02
  • Zuletzt bearbeitet 21.11.2024 03:32:23

In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vulnerability was found in the Mosquitto library which could lead to crashes for those applications using the library.

Warnung Exploit
  • EPSS 98.51%
  • Veröffentlicht 27.03.2019 14:29:01
  • Zuletzt bearbeitet 30.10.2025 20:40:11

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.

Exploit
  • EPSS 8.67%
  • Veröffentlicht 27.03.2019 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:44:54

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.

Exploit
  • EPSS 92.14%
  • Veröffentlicht 27.03.2019 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:44:54

A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals t...

  • EPSS 12.41%
  • Veröffentlicht 26.03.2019 18:29:01
  • Zuletzt bearbeitet 21.11.2024 04:46:26

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) ...

  • EPSS 2.64%
  • Veröffentlicht 25.03.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:39

It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains i...