Debian

Debian Linux

9979 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2014-0446

  • EPSS 5.91%
  • Veröffentlicht 16.04.2014 00:55:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

10

CVE-2014-0429

  • EPSS 11.22%
  • Veröffentlicht 16.04.2014 00:55:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

6.4

CVE-2014-0138

  • EPSS 0.92%
  • Veröffentlicht 15.04.2014 14:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connec...

5

CVE-2013-5705

Exploit
  • EPSS 0.84%
  • Veröffentlicht 15.04.2014 10:55:11
  • Zuletzt bearbeitet 06.05.2026 22:30:45

apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header.

6.9

CVE-2014-2851

Exploit
  • EPSS 0.3%
  • Veröffentlicht 14.04.2014 23:55:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverag...

5

CVE-2014-0159

  • EPSS 1.39%
  • Veröffentlicht 14.04.2014 15:09:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument.

7.5

CVE-2014-1716

  • EPSS 1.07%
  • Veröffentlicht 09.04.2014 10:56:51
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in the Runtime_SetPrototype function in runtime.cc in Google V8, as used in Google Chrome before 34.0.1847.116, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Univ...

7.5

CVE-2014-0160

Warnung Exploit
  • EPSS 94.46%
  • Veröffentlicht 07.04.2014 22:55:03
  • Zuletzt bearbeitet 21.04.2026 20:07:16

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer ov...

4.3

CVE-2014-2326

Exploit
  • EPSS 1.27%
  • Veröffentlicht 27.03.2014 16:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5

CVE-2013-7345

Exploit
  • EPSS 1.13%
  • Veröffentlicht 24.03.2014 16:31:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a cra...