Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.32%
  • Veröffentlicht 27.05.2015 10:59:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but t...

  • EPSS 0.38%
  • Veröffentlicht 27.05.2015 10:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiti...

  • EPSS 10.11%
  • Veröffentlicht 27.05.2015 10:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of serv...

  • EPSS 0.41%
  • Veröffentlicht 27.05.2015 10:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the...

Exploit
  • EPSS 3.05%
  • Veröffentlicht 27.05.2015 10:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value ...

  • EPSS 99.86%
  • Veröffentlicht 21.05.2015 00:59:00
  • Zuletzt bearbeitet 27.05.2026 17:16:21

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie...

  • EPSS 7.86%
  • Veröffentlicht 20.05.2015 10:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • EPSS 1.18%
  • Veröffentlicht 20.05.2015 10:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in Google Chrome before 43.0.2357.65 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted data that is improperly handled by the Bookmarks feature.

  • EPSS 0.99%
  • Veröffentlicht 20.05.2015 10:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Spellcheck API implementation in Google Chrome before 43.0.2357.65 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecifie...

  • EPSS 1.58%
  • Veröffentlicht 20.05.2015 10:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

platform/fonts/shaping/HarfBuzzShaper.cpp in Blink, as used in Google Chrome before 43.0.2357.65, does not initialize a certain width field, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via craf...