Debian

Debian Linux

9944 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-21605

  • EPSS 0.36%
  • Veröffentlicht 23.04.2025 15:38:11
  • Zuletzt bearbeitet 10.02.2026 18:16:13

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, t...

7.5

CVE-2025-43965

  • EPSS 0.23%
  • Veröffentlicht 23.04.2025 00:00:00
  • Zuletzt bearbeitet 31.12.2025 15:41:59

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used.

5.5

CVE-2025-38637

  • EPSS 0.1%
  • Veröffentlicht 18.04.2025 07:01:34
  • Zuletzt bearbeitet 06.11.2025 21:35:04

In the Linux kernel, the following vulnerability has been resolved: net_sched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBP...

5.5

CVE-2025-38575

  • EPSS 0.11%
  • Veröffentlicht 18.04.2025 07:01:33
  • Zuletzt bearbeitet 17.03.2026 14:31:53

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aead_request_free to match aead_request_alloc Use aead_request_free() instead of kfree() to properly free memory allocated by aead_request_alloc(). This ensures sensitiv...

10

CVE-2025-32433

Warnung Medienbericht Exploit
  • EPSS 50.31%
  • Veröffentlicht 16.04.2025 21:34:37
  • Zuletzt bearbeitet 04.11.2025 14:49:05

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in S...

9.8

CVE-2025-2291

  • EPSS 0.3%
  • Veröffentlicht 16.04.2025 18:16:04
  • Zuletzt bearbeitet 08.12.2025 18:32:49

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

5.5

CVE-2025-23138

  • EPSS 0.12%
  • Veröffentlicht 16.04.2025 14:13:17
  • Zuletzt bearbeitet 04.11.2025 17:00:09

In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe...

5.5

CVE-2025-22119

  • EPSS 0.1%
  • Veröffentlicht 16.04.2025 14:13:04
  • Zuletzt bearbeitet 17.03.2026 14:26:08

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphy_work before allocating rfkill fails syzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1] After rfkill allocation fails, the wiphy r...

5.5

CVE-2025-22042

  • EPSS 0.09%
  • Veröffentlicht 16.04.2025 14:12:03
  • Zuletzt bearbeitet 13.02.2026 15:58:50

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add bounds check for create lease context Add missing bounds check for create lease context.

3.8

CVE-2025-32728

  • EPSS 0.27%
  • Veröffentlicht 10.04.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 16:51:54

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.