Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.28%
  • Veröffentlicht 20.06.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:07

glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like ad...

Exploit
  • EPSS 3.3%
  • Veröffentlicht 20.06.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:30

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

Exploit
  • EPSS 3.3%
  • Veröffentlicht 20.06.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:30

In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

Exploit
  • EPSS 2.14%
  • Veröffentlicht 20.06.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:30

There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.

Exploit
  • EPSS 7.29%
  • Veröffentlicht 20.06.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:13

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w...

  • EPSS 7.12%
  • Veröffentlicht 19.06.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:04

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

  • EPSS 5.16%
  • Veröffentlicht 19.06.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:05

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.

  • EPSS 1.5%
  • Veröffentlicht 19.06.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:26

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and vali...

  • EPSS 2.47%
  • Veröffentlicht 19.06.2018 05:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:27

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur.

Exploit
  • EPSS 5.29%
  • Veröffentlicht 18.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:05

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.