Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.39%
  • Veröffentlicht 06.05.2016 17:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.

Warnung
  • EPSS 97.49%
  • Veröffentlicht 05.05.2016 18:59:03
  • Zuletzt bearbeitet 21.04.2026 19:14:46

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "I...

  • EPSS 89.06%
  • Veröffentlicht 05.05.2016 01:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against...

  • EPSS 39.65%
  • Veröffentlicht 05.05.2016 01:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

  • EPSS 0.63%
  • Veröffentlicht 01.05.2016 01:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted...

  • EPSS 4.69%
  • Veröffentlicht 30.04.2016 17:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

  • EPSS 0.56%
  • Veröffentlicht 27.04.2016 17:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted appli...

  • EPSS 6.34%
  • Veröffentlicht 26.04.2016 14:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitra...

Exploit
  • EPSS 36.97%
  • Veröffentlicht 26.04.2016 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflo...

  • EPSS 3.52%
  • Veröffentlicht 25.04.2016 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a header line terminated by a \r (carriage return) character in conjunction...