Debian Linux@7.0 Security Vulnerabilities and Issues — Debian Linux@7.0 CVE List

Lucene search

DebianDebian Linux7.0

8 matches found

CVE•added 2020/01/27 4:15 p.m.•160 views

CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error...

9.8CVSS9.3AI score0.01071EPSS

CVE•added 2020/01/27 4:15 p.m.•144 views

CVE-2015-0241

The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric...

8.8CVSS9.3AI score0.02204EPSS

CVE•added 2020/01/27 4:15 p.m.•140 views

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.

7.5CVSS7.3AI score0.00584EPSS

CVE•added 2020/01/27 4:15 p.m.•137 views

CVE-2014-8161

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.

4.3CVSS6.2AI score0.00372EPSS

CVE•added 2020/01/27 4:15 p.m.•128 views

CVE-2015-0242

Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibl...

8.8CVSS9.2AI score0.03269EPSS

CVE•added 2020/01/27 4:15 p.m.•125 views

CVE-2015-0243

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

8.8CVSS9.1AI score0.02357EPSS

CVE•added 2020/01/24 7:15 p.m.•106 views

CVE-2014-4172

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the (1) service parame...

9.8CVSS8.9AI score0.06742EPSS

CVE•added 2020/01/14 5:15 p.m.•98 views

CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.

7.8CVSS7.9AI score0.0091EPSS