Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DebianDebian Linux

9125 matches found

CVE
CVEadded 2019/11/13 7:15 p.m.39 views

CVE-2010-4533

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.

9.8CVSS9.4AI score0.00276EPSS
CVE
CVEadded 2019/11/13 11:15 p.m.39 views

CVE-2010-5108

Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.

7.5CVSS7.4AI score0.00311EPSS
CVE
CVEadded 2019/11/25 6:15 p.m.39 views

CVE-2012-6639

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

9CVSS8.6AI score0.01199EPSS
CVE
CVEadded 2019/11/07 9:15 p.m.39 views

CVE-2013-1425

ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions.

5.5CVSS5.5AI score0.00097EPSS
CVE
CVEadded 2017/12/14 4:29 p.m.39 views

CVE-2017-17527

delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code ...

8.8CVSS8.5AI score0.00545EPSS
CVE
CVEadded 2018/03/09 7:29 p.m.39 views

CVE-2018-7998

In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race conditi...

7.5CVSS7.2AI score0.00338EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.38 views

CVE-2001-0738

LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.

5CVSS6.4AI score0.0082EPSS
CVE
CVEadded 2019/11/13 10:15 p.m.38 views

CVE-2010-4817

pithos before 0.3.5 allows overwrite of arbitrary files via symlinks.

5.5CVSS5.6AI score0.00249EPSS
CVE
CVEadded 2019/11/07 6:15 p.m.38 views

CVE-2012-0051

Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.

7.4CVSS7.4AI score0.01355EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.37 views

CVE-1999-1411

The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.

7.5CVSS7.3AI score0.00859EPSS
CVE
CVEadded 2006/03/31 11:6 a.m.37 views

CVE-2006-1566

Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.

4.6CVSS6.6AI score0.00117EPSS
CVE
CVEadded 2019/11/14 1:15 a.m.37 views

CVE-2011-1070

v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.

7.8CVSS7.5AI score0.00132EPSS
CVE
CVEadded 2017/04/13 2:59 p.m.37 views

CVE-2012-6697

InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop).

7.5CVSS8.1AI score0.01098EPSS
CVE
CVEadded 2019/11/15 3:15 p.m.37 views

CVE-2013-4584

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections

5.9CVSS5.7AI score0.00579EPSS
CVE
CVEadded 2018/03/08 6:29 p.m.37 views

CVE-2018-7869

There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack.

7.5CVSS7.3AI score0.00635EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.36 views

CVE-1999-1048

Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.

4.6CVSS7.8AI score0.00087EPSS
CVE
CVEadded 2006/04/13 10:2 a.m.36 views

CVE-2006-1772

debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which...

7.2CVSS6.4AI score0.00052EPSS
CVE
CVEadded 2019/11/13 5:15 p.m.36 views

CVE-2012-4385

letodms 3.3.6 has CSRF via change password

6.5CVSS6.6AI score0.00226EPSS
CVE
CVEadded 2018/03/08 6:29 p.m.36 views

CVE-2018-7874

An invalid memory address dereference was discovered in strlenext in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.

6.5CVSS7AI score0.00551EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.35 views

CVE-1999-1276

fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.

7.2CVSS7.3AI score0.00046EPSS
CVE
CVEadded 2006/03/24 2:2 a.m.35 views

CVE-2006-1376

The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption).

2.1CVSS6.2AI score0.00047EPSS
CVE
CVEadded 2019/10/29 7:15 p.m.35 views

CVE-2011-4931

gpw generates shorter passwords than required

7.5CVSS7.5AI score0.00363EPSS
CVE
CVEadded 2023/08/11 2:15 p.m.35 views

CVE-2023-39948

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the BadParamException thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain...

7.5CVSS7.4AI score0.00095EPSS
CVE
CVEadded 2019/11/07 11:15 p.m.34 views

CVE-2013-1809

Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.

7.5CVSS7.5AI score0.01701EPSS
CVE
CVEadded 2017/03/06 2:59 a.m.31 views

CVE-2017-6498

An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.

5.5CVSS5.4AI score0.00276EPSS
Total number of security vulnerabilities9125