CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-1323

Malware in sbrugna...

5.9CVSS5.7AI score0.00132EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2012-0251

Malware in sbrugna...

4.3CVSS6.1AI score0.00118EPSS

Exploits0References7

Prion•added 2018/08/21 12:29 a.m.•22 views

Design/Logic Flaw

The mirror:// method implementation in Advanced Package Tool APT 1.6.x before 1.6.4 and 1.7.x before 1.7.0alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail...

4.3CVSS5.7AI score0.00132EPSS

Exploits0References4Affected Software2

NVD•added 2018/08/21 12:29 a.m.•11 views

CVE-2018-0501

5.9CVSS5.7AI score0.00132EPSS

Exploits0References4

OSV•added 2018/08/21 12:29 a.m.•2 views

DEBIAN-CVE-2018-0501

5.9CVSS6.9AI score0.00132EPSS

Exploits0References1

Debian CVE•added 2018/08/21 12:0 a.m.•34 views

CVE-2018-0501

5.9CVSS5.8AI score0.00132EPSS

Exploits0

OSV•added 2018/08/20 12:0 a.m.•1 views

UBUNTU-CVE-2018-0501

5.9CVSS6.2AI score0.00132EPSS

Exploits0References4

Prion•added 2017/12/05 4:29 p.m.•18 views

Design/Logic Flaw

The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection...

4.3CVSS6.8AI score0.05955EPSS

Exploits2References6Affected Software2

Cvelist•added 2017/12/05 4:0 p.m.•23 views

CVE-2016-1252

5.9AI score0.05955EPSS

Exploits2References6

CVE•added 2017/12/05 4:0 p.m.•143 views

CVE-2016-1252

CVE-2016-1252 affects the apt package in Debian (Jessie before 1.0.9.8.4) and in Ubuntu (14.04 LTS before 1.0.1ubuntu2.17, 16.04 LTS before 1.2.15ubuntu0.2, 16.10 before 1.3.2ubuntu0.1; Debian unstable before 1.4~beta2). It permits MITM attackers to bypass repository-signing protection by exploit...

5.9CVSS5.7AI score0.05955EPSS

Exploits2References6Affected Software1

Exploit DB•added 2016/12/14 12:0 a.m.•73 views

APT - Repository Signing Bypass via Memory Allocation Failure

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1020 == Vulnerability == When apt-get updates a repository that uses an InRelease file clearsigned Release files, this file is processed as follows: First, the InRelease file is downloaded to disk. In a subprocess running the gpgv...

7.4AI score

Exploits0

Debian•added 2016/12/13 5:12 p.m.•33 views

[SECURITY] [DSA 3733-1] apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3733-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 13, 2016 https://www.debian.org/security/faq -...

5.9CVSS5.4AI score0.05955EPSS

Exploits2

OSV•added 2014/04/15 11:55 p.m.•2 views

DEBIAN-CVE-2012-0214

The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool APT 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user fro...

4.3CVSS6.8AI score0.00118EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by