Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.18%
  • Veröffentlicht 14.02.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:30

In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.

  • EPSS 3.32%
  • Veröffentlicht 13.02.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:20

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification w...

  • EPSS 4.88%
  • Veröffentlicht 13.02.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:20

ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within ...

  • EPSS 0.65%
  • Veröffentlicht 12.02.2018 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:11:26

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.

  • EPSS 2.24%
  • Veröffentlicht 09.02.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:39:30

GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers thro...

Exploit
  • EPSS 1.72%
  • Veröffentlicht 09.02.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:39:31

Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.

  • EPSS 8.08%
  • Veröffentlicht 09.02.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:27

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This att...

  • EPSS 3.9%
  • Veröffentlicht 09.02.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:27

Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear...

  • EPSS 13.15%
  • Veröffentlicht 09.02.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:39:27

The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the pro...

  • EPSS 0.49%
  • Veröffentlicht 09.02.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:04

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when t...