Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.44%
  • Veröffentlicht 16.11.2009 19:30:01
  • Zuletzt bearbeitet 16.06.2026 23:12:39

The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.

Exploit
  • EPSS 87.26%
  • Veröffentlicht 09.11.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:11:50

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu...

  • EPSS 75.08%
  • Veröffentlicht 15.09.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:52

Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.

  • EPSS 13.36%
  • Veröffentlicht 13.09.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:03:51

Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors.

  • EPSS 8.57%
  • Veröffentlicht 08.09.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:10:55

The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a mal...

  • EPSS 12.56%
  • Veröffentlicht 08.09.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:10:55

The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as...

Exploit
  • EPSS 14.75%
  • Veröffentlicht 14.08.2009 15:16:27
  • Zuletzt bearbeitet 16.06.2026 23:10:01

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using ...

  • EPSS 1.79%
  • Veröffentlicht 11.08.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:24

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute...

  • EPSS 30.38%
  • Veröffentlicht 06.08.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:51

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop a...

Exploit
  • EPSS 4.38%
  • Veröffentlicht 05.08.2009 19:30:01
  • Zuletzt bearbeitet 16.06.2026 23:10:00

The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.