Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.8%
  • Veröffentlicht 04.10.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:22

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid

Exploit
  • EPSS 1.93%
  • Veröffentlicht 04.10.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:22

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock

  • EPSS 94.49%
  • Veröffentlicht 04.10.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:01

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause...

  • EPSS 0.35%
  • Veröffentlicht 03.10.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:18

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwindi...

  • EPSS 3.51%
  • Veröffentlicht 03.10.2018 20:29:09
  • Zuletzt bearbeitet 21.11.2024 03:54:34

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.

Exploit
  • EPSS 0.39%
  • Veröffentlicht 01.10.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 02:40:12

Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse pro...

Exploit
  • EPSS 1.53%
  • Veröffentlicht 01.10.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 02:40:12

Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at an appropriate time during runtime.

  • EPSS 6.29%
  • Veröffentlicht 28.09.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:30

A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could use this flaw to provoke a denial of service.

Exploit
  • EPSS 2.35%
  • Veröffentlicht 28.09.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:54:38

CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.

  • EPSS 1.75%
  • Veröffentlicht 28.09.2018 00:29:02
  • Zuletzt bearbeitet 21.11.2024 03:53:00

In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that...