Debian Linux Security Vulnerabilities and Issues — Debian Linux CVE List

Lucene search

DebianDebian Linux

9 matches found

CVE•added 2013/10/17 11:55 p.m.•235 views

CVE-2013-4365

Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors.

7.5CVSS7AI score0.08245EPSS

CVE•added 2013/10/16 3:55 p.m.•112 views

CVE-2013-3839

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4CVSS4.1AI score0.00823EPSS

CVE•added 2013/10/17 12:55 a.m.•107 views

CVE-2013-4389

Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message.

4.3CVSS6.5AI score0.01333EPSS

CVE•added 2013/10/03 9:55 p.m.•83 views

CVE-2013-4327

systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.

6.9CVSS6.2AI score0.00042EPSS

CVE•added 2013/10/16 8:55 p.m.•79 views

CVE-2013-2927

Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to submissi...

6.8CVSS7AI score0.02705EPSS

CVE•added 2013/10/16 5:55 p.m.•78 views

CVE-2013-5807

Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.

4.9CVSS4.8AI score0.00338EPSS

CVE•added 2013/10/02 10:35 a.m.•66 views

CVE-2013-2919

Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

7.5CVSS7AI score0.02329EPSS

CVE•added 2013/10/28 10:55 p.m.•61 views

CVE-2013-4391

Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.

7.5CVSS8AI score0.037EPSS

CVE•added 2013/10/28 10:55 p.m.•54 views

CVE-2013-4394

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors invo...

5.9CVSS6.3AI score0.00109EPSS