Debian

Debian Linux

9997 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.29%
  • Veröffentlicht 30.09.2005 10:05:00
  • Zuletzt bearbeitet 16.06.2026 22:16:15

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just per...

Exploit
  • EPSS 2.58%
  • Veröffentlicht 28.09.2005 21:03:00
  • Zuletzt bearbeitet 16.06.2026 22:15:12

Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE...

  • EPSS 0.45%
  • Veröffentlicht 26.09.2005 19:03:00
  • Zuletzt bearbeitet 16.06.2026 22:16:10

Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer ref...

  • EPSS 30.58%
  • Veröffentlicht 06.09.2005 23:03:00
  • Zuletzt bearbeitet 16.06.2026 22:15:29

ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass inten...

  • EPSS 0.36%
  • Veröffentlicht 30.08.2005 11:45:00
  • Zuletzt bearbeitet 16.06.2026 22:13:48

Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information.

  • EPSS 4.63%
  • Veröffentlicht 23.08.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:14:55

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointe...

  • EPSS 0.45%
  • Veröffentlicht 16.08.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:15:11

Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.

  • EPSS 2.67%
  • Veröffentlicht 15.08.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:12

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function...

  • EPSS 5.09%
  • Veröffentlicht 15.08.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:15:00

Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certai...

  • EPSS 8.39%
  • Veröffentlicht 05.08.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:45

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one...