Debian

Debian Linux

9922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2017-0926

Exploit
  • EPSS 0.32%
  • Veröffentlicht 21.03.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:03:54

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login.

5.5

CVE-2017-18241

  • EPSS 0.09%
  • Veröffentlicht 21.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:39

fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.

9.8

CVE-2018-8828

  • EPSS 3.29%
  • Veröffentlicht 20.03.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:24

A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_p...

7.8

CVE-2018-8822

  • EPSS 0.05%
  • Veröffentlicht 20.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:23

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...

5.5

CVE-2018-8754

  • EPSS 0.05%
  • Veröffentlicht 18.03.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:15

The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described i...

8.8

CVE-2018-8741

  • EPSS 1.74%
  • Veröffentlicht 17.03.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:15

A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php.

7.5

CVE-2018-8740

  • EPSS 12.62%
  • Veröffentlicht 17.03.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:14

In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.

7.2

CVE-2018-1068

  • EPSS 0.04%
  • Veröffentlicht 16.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

9.8

CVE-2018-7033

  • EPSS 0.37%
  • Veröffentlicht 15.03.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:11:32

SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD.

5.5

CVE-2017-18233

Exploit
  • EPSS 0.55%
  • Veröffentlicht 15.03.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:38

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.