Debian

Debian Linux

9921 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2024-44308

Warnung
  • EPSS 1.86%
  • Veröffentlicht 20.11.2024 00:15:17
  • Zuletzt bearbeitet 04.11.2025 15:22:03

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary cod...

6.1

CVE-2024-44309

Warnung
  • EPSS 0.58%
  • Veröffentlicht 20.11.2024 00:15:17
  • Zuletzt bearbeitet 04.11.2025 15:21:26

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1. Processing maliciously crafted web content...

7.8

CVE-2024-10224

Exploit
  • EPSS 0.33%
  • Veröffentlicht 19.11.2024 18:15:19
  • Zuletzt bearbeitet 03.11.2025 22:16:34

Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell commands by open()ing a "pesky pipe" (such as passing "commands|" as a filename) or b...

5.5

CVE-2024-50302

Warnung
  • EPSS 1.44%
  • Veröffentlicht 19.11.2024 02:16:32
  • Zuletzt bearbeitet 04.11.2025 14:36:30

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that i...

9.8

CVE-2024-52316

  • EPSS 1.85%
  • Veröffentlicht 18.11.2024 12:15:18
  • Zuletzt bearbeitet 07.11.2025 16:15:59

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly s...

4.2

CVE-2024-10978

  • EPSS 0.61%
  • Veröffentlicht 14.11.2024 13:15:04
  • Zuletzt bearbeitet 03.11.2025 22:16:36

Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. Th...

7.5

CVE-2024-52301

Warnung
  • EPSS 60.66%
  • Veröffentlicht 12.11.2024 20:15:14
  • Zuletzt bearbeitet 26.08.2025 02:37:14

Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The ...

9.8

CVE-2024-49369

  • EPSS 20.46%
  • Veröffentlicht 12.11.2024 17:15:08
  • Zuletzt bearbeitet 26.11.2025 13:01:15

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowin...

9.8

CVE-2024-52533

Exploit
  • EPSS 3.09%
  • Veröffentlicht 11.11.2024 23:15:05
  • Zuletzt bearbeitet 17.06.2025 01:23:56

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.

7.8

CVE-2024-46952

  • EPSS 0.05%
  • Veröffentlicht 10.11.2024 22:15:12
  • Zuletzt bearbeitet 14.11.2024 02:01:40

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).