Debian

Debian Linux

9998 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.29%
  • Veröffentlicht 28.08.2017 19:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use-after-free vulnerability in the DestroyImage function in image.c in ImageMagick before 7.0.6-6 allows remote attackers to cause a denial of service via a crafted file.

  • EPSS 4.1%
  • Veröffentlicht 24.08.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash...

  • EPSS 1.8%
  • Veröffentlicht 24.08.2017 16:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In PyJWT 1.5.0 and below the `invalid_strings` check in `HMACAlgorithm.prepare_key` does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string `-----BEGIN RSA P...

  • EPSS 0.45%
  • Veröffentlicht 24.08.2017 14:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.

  • EPSS 0.31%
  • Veröffentlicht 24.08.2017 14:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling...

  • EPSS 0.44%
  • Veröffentlicht 24.08.2017 14:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.

Exploit
  • EPSS 5.97%
  • Veröffentlicht 24.08.2017 14:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."

  • EPSS 0.39%
  • Veröffentlicht 23.08.2017 16:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.

Exploit
  • EPSS 87.54%
  • Veröffentlicht 23.08.2017 14:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace looku...

  • EPSS 6.4%
  • Veröffentlicht 23.08.2017 14:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its t...