Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-13982

Exploit
  • EPSS 2.45%
  • Veröffentlicht 18.09.2018 21:29:02
  • Zuletzt bearbeitet 21.11.2024 03:48:22

Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory se...

9.8

CVE-2018-1000802

  • EPSS 27.45%
  • Veröffentlicht 18.09.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:23

Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service...

5.3

CVE-2017-15705

  • EPSS 1.77%
  • Veröffentlicht 17.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:15:02

A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain unclosed tags in emails that cause markup to be handled incorrectly leading to scan timeouts. In Apache SpamAssass...

9.8

CVE-2018-11780

  • EPSS 7.1%
  • Veröffentlicht 17.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:01

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.

7.8

CVE-2018-11781

  • EPSS 0.25%
  • Veröffentlicht 17.09.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:01

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.

8.8

CVE-2018-17100

  • EPSS 0.37%
  • Veröffentlicht 16.09.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:52

An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.

8.8

CVE-2018-17101

  • EPSS 0.53%
  • Veröffentlicht 16.09.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:52

An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.

6.1

CVE-2018-17082

Exploit
  • EPSS 8.24%
  • Veröffentlicht 16.09.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:50

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in s...

7.5

CVE-2018-12086

  • EPSS 25.73%
  • Veröffentlicht 14.09.2018 21:29:03
  • Zuletzt bearbeitet 21.11.2024 03:44:33

Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.

6.5

CVE-2018-17000

Exploit
  • EPSS 1.21%
  • Veröffentlicht 13.09.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:53:40

A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered...