Debian

Debian Linux

9944 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2024-37371

  • EPSS 2.61%
  • Veröffentlicht 28.06.2024 23:15:11
  • Zuletzt bearbeitet 03.11.2025 21:16:13

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

7.8

CVE-2024-38588

  • EPSS 0.01%
  • Veröffentlicht 19.06.2024 14:15:18
  • Zuletzt bearbeitet 23.12.2025 15:03:56

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix possible use-after-free issue in ftrace_location() KASAN reports a bug: BUG: KASAN: use-after-free in ftrace_location+0x90/0x120 Read of size 8 at addr ffff888141d...

6.5

CVE-2024-37891

Exploit
  • EPSS 0.26%
  • Veröffentlicht 17.06.2024 20:15:13
  • Zuletzt bearbeitet 06.01.2026 16:52:28

urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header is only sent to the configured proxy, as expected. However, when sending HTTP requests *without* usin...

6.7

CVE-2024-35235

Exploit
  • EPSS 3.1%
  • Veröffentlicht 11.06.2024 15:16:07
  • Zuletzt bearbeitet 26.09.2025 23:51:23

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the cupsd server with a Listen configuration item pointing to a symbolic link, the cupsd process can be ...

8.6

CVE-2024-5696

  • EPSS 2.07%
  • Veröffentlicht 11.06.2024 13:15:51
  • Zuletzt bearbeitet 06.11.2025 22:25:36

By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

4.3

CVE-2024-5690

  • EPSS 3.72%
  • Veröffentlicht 11.06.2024 13:15:50
  • Zuletzt bearbeitet 26.03.2025 14:15:31

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

7.8

CVE-2024-36971

Warnung
  • EPSS 0.49%
  • Veröffentlicht 10.06.2024 09:15:09
  • Zuletzt bearbeitet 05.11.2025 19:19:56

In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we ...

6.1

CVE-2024-37383

Warnung
  • EPSS 64.03%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 31.10.2025 12:48:27

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes.

6.1

CVE-2024-37384

  • EPSS 0.33%
  • Veröffentlicht 07.06.2024 04:15:30
  • Zuletzt bearbeitet 01.05.2025 19:51:01

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

8.1

CVE-2024-5629

  • EPSS 0.09%
  • Veröffentlicht 05.06.2024 15:15:12
  • Zuletzt bearbeitet 21.11.2024 09:48:02

An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.