Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 6.66%
  • Veröffentlicht 02.02.2009 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:55

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL p...

  • EPSS 0.5%
  • Veröffentlicht 28.01.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:45

drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size...

  • EPSS 0.5%
  • Veröffentlicht 26.01.2009 15:30:04
  • Zuletzt bearbeitet 16.06.2026 23:04:37

fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, l...

  • EPSS 9.44%
  • Veröffentlicht 22.01.2009 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:35

The System extension Install tool in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for attackers to crack the key.

  • EPSS 2.56%
  • Veröffentlicht 15.01.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:01:12

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with k...

  • EPSS 0.42%
  • Veröffentlicht 15.01.2009 17:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:07

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which ...

  • EPSS 0.54%
  • Veröffentlicht 29.12.2008 15:24:23
  • Zuletzt bearbeitet 16.06.2026 22:58:01

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap over...

  • EPSS 0.4%
  • Veröffentlicht 22.12.2008 15:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:50

Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attemp...

  • EPSS 3.2%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:08

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via ve...

  • EPSS 2.09%
  • Veröffentlicht 17.12.2008 23:30:00
  • Zuletzt bearbeitet 16.06.2026 23:00:25

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-contr...