Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.04%
  • Veröffentlicht 23.11.2018 05:29:03
  • Zuletzt bearbeitet 21.11.2024 03:57:59

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.

Exploit
  • EPSS 3.04%
  • Veröffentlicht 23.11.2018 05:29:03
  • Zuletzt bearbeitet 21.11.2024 03:57:59

psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.

Exploit
  • EPSS 2.96%
  • Veröffentlicht 22.11.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:54

An issue was discovered in libsndfile 1.0.28. There is a NULL pointer dereference in the function sf_write_int in sndfile.c, which will lead to a denial of service.

  • EPSS 7.83%
  • Veröffentlicht 21.11.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:52

An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.

Exploit
  • EPSS 5.2%
  • Veröffentlicht 17.11.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:39

Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.

  • EPSS 7.97%
  • Veröffentlicht 16.11.2018 18:29:01
  • Zuletzt bearbeitet 21.11.2024 03:52:40

An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.

  • EPSS 10.72%
  • Veröffentlicht 16.11.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:40

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may...

  • EPSS 2.21%
  • Veröffentlicht 16.11.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:41

PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.

Exploit
  • EPSS 3.42%
  • Veröffentlicht 15.11.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:45

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

  • EPSS 0.88%
  • Veröffentlicht 14.11.2018 15:29:02
  • Zuletzt bearbeitet 21.11.2024 04:10:01

XSS vulnerabilities in Interstitials in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension or open Developer Console to inject arbitrary scripts or HTML via a crafted HTML page.