Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.54%
  • Veröffentlicht 05.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:25

In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

  • EPSS 0.83%
  • Veröffentlicht 04.01.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:22:11

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 133559.

Exploit
  • EPSS 74.04%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 06.05.2025 15:15:51

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Exploit
  • EPSS 93.84%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 28.05.2026 19:16:25

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Exploit
  • EPSS 1.68%
  • Veröffentlicht 03.01.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:48

The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal attacks during the ZIP decompre...

  • EPSS 6.54%
  • Veröffentlicht 03.01.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:50

Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.

Exploit
  • EPSS 2.85%
  • Veröffentlicht 03.01.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:49

ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service.

  • EPSS 4.35%
  • Veröffentlicht 03.01.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:52

Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.

  • EPSS 52.84%
  • Veröffentlicht 03.01.2018 06:29:00
  • Zuletzt bearbeitet 03.01.2025 12:15:25

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other im...

  • EPSS 2.52%
  • Veröffentlicht 02.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:04:44

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password.