Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-2291

  • EPSS 0.3%
  • Veröffentlicht 16.04.2025 18:16:04
  • Zuletzt bearbeitet 08.12.2025 18:32:49

Password can be used past expiry in PgBouncer due to auth_query not taking into account Postgres its VALID UNTIL value, which allows an attacker to log in with an already expired password

5.5

CVE-2025-23138

  • EPSS 0.12%
  • Veröffentlicht 16.04.2025 14:13:17
  • Zuletzt bearbeitet 04.11.2025 17:00:09

In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe...

5.5

CVE-2025-22119

  • EPSS 0.11%
  • Veröffentlicht 16.04.2025 14:13:04
  • Zuletzt bearbeitet 17.03.2026 14:26:08

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphy_work before allocating rfkill fails syzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1] After rfkill allocation fails, the wiphy r...

5.5

CVE-2025-22042

  • EPSS 0.1%
  • Veröffentlicht 16.04.2025 14:12:03
  • Zuletzt bearbeitet 06.04.2026 13:44:14

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add bounds check for create lease context Add missing bounds check for create lease context.

8.8

CVE-2025-22040

  • EPSS 0.18%
  • Veröffentlicht 16.04.2025 14:11:57
  • Zuletzt bearbeitet 06.04.2026 14:29:37

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup and ksmbd_sessions_deregister. The session can be freed before the conn...

3.8

CVE-2025-32728

  • EPSS 0.31%
  • Veröffentlicht 10.04.2025 00:00:00
  • Zuletzt bearbeitet 22.05.2025 16:51:54

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

5.5

CVE-2025-29769

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.04.2025 20:15:21
  • Zuletzt bearbeitet 09.10.2025 13:41:29

libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known intern...

7.4

CVE-2025-3155

Exploit
  • EPSS 1.01%
  • Veröffentlicht 03.04.2025 14:15:46
  • Zuletzt bearbeitet 12.08.2025 21:15:30

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

7.1

CVE-2025-21950

  • EPSS 0.01%
  • Veröffentlicht 01.04.2025 16:15:26
  • Zuletzt bearbeitet 22.01.2026 20:57:23

In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_s...

7.8

CVE-2023-52935

  • EPSS 0.01%
  • Veröffentlicht 27.03.2025 16:37:15
  • Zuletzt bearbeitet 25.11.2025 17:28:44

In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix ->anon_vma race If an ->anon_vma is attached to the VMA, collapse_and_free_pmd() requires it to be locked. Page table traversal is allowed under any one of the ...