Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.29%
  • Veröffentlicht 31.07.2009 19:00:01
  • Zuletzt bearbeitet 16.06.2026 23:07:54

The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of a...

Medienbericht
  • EPSS 5.74%
  • Veröffentlicht 30.07.2009 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:09:22

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certif...

  • EPSS 0.44%
  • Veröffentlicht 16.07.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:18

The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to l...

Exploit
  • EPSS 17.11%
  • Veröffentlicht 10.07.2009 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:17

The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).

  • EPSS 16.16%
  • Veröffentlicht 05.07.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:17

The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which al...

  • EPSS 0.4%
  • Veröffentlicht 01.07.2009 13:00:01
  • Zuletzt bearbeitet 16.06.2026 23:09:08

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang)...

Exploit
  • EPSS 4.61%
  • Veröffentlicht 25.06.2009 01:30:01
  • Zuletzt bearbeitet 16.06.2026 23:08:17

The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vecto...

Exploit
  • EPSS 4.33%
  • Veröffentlicht 12.06.2009 21:30:00
  • Zuletzt bearbeitet 16.06.2026 23:08:09

Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading,...

Exploit
  • EPSS 19.63%
  • Veröffentlicht 09.06.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:10

The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler re...

Exploit
  • EPSS 52.99%
  • Veröffentlicht 08.06.2009 01:00:00
  • Zuletzt bearbeitet 16.06.2026 23:08:25

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via ...