Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.66%
  • Veröffentlicht 31.10.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:32

It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8.4, as shipped with Red Hat Gluster Storage, was vulnerable to a format string attack. A remote, authenticated attacker could use this flaw to cause remot...

  • EPSS 2.75%
  • Veröffentlicht 31.10.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:30

The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could ex...

  • EPSS 2.77%
  • Veröffentlicht 31.10.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:30

The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. A remote authenticated attacker could exploit this to cause a denial of ser...

  • EPSS 2.63%
  • Veröffentlicht 31.10.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:31

The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on t...

  • EPSS 2.17%
  • Veröffentlicht 31.10.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:31

The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly cal...

  • EPSS 2.1%
  • Veröffentlicht 31.10.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service.

  • EPSS 5.78%
  • Veröffentlicht 31.10.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:25

Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.

Exploit
  • EPSS 1.37%
  • Veröffentlicht 31.10.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:56:47

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function ras_putdatastd in ras/ras_enc.c.

  • EPSS 0.91%
  • Veröffentlicht 30.10.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:48

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

Exploit
  • EPSS 1.06%
  • Veröffentlicht 30.10.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:38

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain f...