Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 72.72%
  • Veröffentlicht 16.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:24:55

A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older ve...

  • EPSS 27.73%
  • Veröffentlicht 16.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:24:55

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to ...

  • EPSS 20.24%
  • Veröffentlicht 16.01.2019 20:29:00
  • Zuletzt bearbeitet 25.04.2025 23:15:15

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4...

  • EPSS 4.61%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:03

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged at...

  • EPSS 4.42%
  • Veröffentlicht 16.01.2019 19:30:35
  • Zuletzt bearbeitet 21.11.2024 04:41:04

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacke...

  • EPSS 3.37%
  • Veröffentlicht 16.01.2019 19:30:31
  • Zuletzt bearbeitet 21.11.2024 04:40:50

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker...

  • EPSS 2.05%
  • Veröffentlicht 16.01.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:01

URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.

  • EPSS 0.45%
  • Veröffentlicht 15.01.2019 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:32

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption.

  • EPSS 2.14%
  • Veröffentlicht 15.01.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:26

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.

  • EPSS 0.7%
  • Veröffentlicht 15.01.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:35

A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem ac...