Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 8.52%
  • Veröffentlicht 29.11.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via ...

  • EPSS 11.18%
  • Veröffentlicht 29.11.2017 18:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character.

  • EPSS 9.88%
  • Veröffentlicht 27.11.2017 22:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.

  • EPSS 21.41%
  • Veröffentlicht 27.11.2017 22:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.

  • EPSS 5.98%
  • Veröffentlicht 27.11.2017 10:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1622...

  • EPSS 2.61%
  • Veröffentlicht 27.11.2017 10:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In Pivotal Spring-LDAP versions 1.3.0 - 2.3.1, when connected to some LDAP servers, when no additional attributes are bound, and when using LDAP BindAuthenticator with org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy a...

Medienbericht Exploit
  • EPSS 46.71%
  • Veröffentlicht 25.11.2017 17:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

Exploit
  • EPSS 63.32%
  • Veröffentlicht 25.11.2017 17:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character sig...

Exploit
  • EPSS 2.15%
  • Veröffentlicht 24.11.2017 10:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM...

  • EPSS 0.41%
  • Veröffentlicht 23.11.2017 06:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possib...