Debian

Debian Linux

9921 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-37891

Exploit
  • EPSS 0.26%
  • Veröffentlicht 17.06.2024 20:15:13
  • Zuletzt bearbeitet 06.01.2026 16:52:28

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* usin...

6.7

CVE-2024-35235

Exploit
  • EPSS 3.1%
  • Veröffentlicht 11.06.2024 15:16:07
  • Zuletzt bearbeitet 26.09.2025 23:51:23

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be ...

8.6

CVE-2024-5696

  • EPSS 2.07%
  • Veröffentlicht 11.06.2024 13:15:51
  • Zuletzt bearbeitet 06.11.2025 22:25:36

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

4.3

CVE-2024-5690

  • EPSS 3.72%
  • Veröffentlicht 11.06.2024 13:15:50
  • Zuletzt bearbeitet 26.03.2025 14:15:31

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

7.8

CVE-2024-36971

Warnung
  • EPSS 0.5%
  • Veröffentlicht 10.06.2024 09:15:09
  • Zuletzt bearbeitet 05.11.2025 19:19:56

In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we ...

6.1

CVE-2024-37383

Warnung
  • EPSS 66.36%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 31.10.2025 12:48:27

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.

6.1

CVE-2024-37384

  • EPSS 0.33%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 01.05.2025 19:51:01

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

8.1

CVE-2024-5629

  • EPSS 0.09%
  • Veröffentlicht 05.06.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:48:02

An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.

9.1

CVE-2024-5197

Exploit
  • EPSS 0.35%
  • Veröffentlicht 03.06.2024 14:15:09
  • Zuletzt bearbeitet 22.07.2025 18:17:56

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of t...

7.1

CVE-2024-36960

  • EPSS 0.01%
  • Veröffentlicht 03.06.2024 08:15:09
  • Zuletzt bearbeitet 01.04.2025 18:36:15

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was...