Debian Linux Security Vulnerabilities and Issues — Debian Linux CVE List

Lucene search

DebianDebian Linux

20 matches found

CVE•added 2013/07/20 3:37 a.m.•513 views

CVE-2013-2070

http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a si...

5.8CVSS6.2AI score0.92312EPSS

CVE•added 2013/07/17 1:41 p.m.•103 views

CVE-2013-3812

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

3.5CVSS5AI score0.00786EPSS

CVE•added 2013/07/17 1:41 p.m.•101 views

CVE-2013-3802

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.

4CVSS4.3AI score0.0047EPSS

CVE•added 2013/07/17 1:41 p.m.•98 views

CVE-2013-3783

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.

4CVSS5AI score0.00836EPSS

CVE•added 2013/07/17 1:41 p.m.•93 views

CVE-2013-3793

4CVSS4.9AI score0.00803EPSS

CVE•added 2013/07/17 1:41 p.m.•93 views

CVE-2013-3804

4CVSS4.3AI score0.00651EPSS

CVE•added 2013/07/31 1:20 p.m.•77 views

CVE-2013-2882

Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."

7.5CVSS9.3AI score0.01386EPSS

CVE•added 2013/07/31 1:20 p.m.•76 views

CVE-2013-2881

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

5.8CVSS6.1AI score0.0037EPSS

CVE•added 2013/07/31 1:20 p.m.•74 views

CVE-2013-2885

Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to not properly considering focus during the processing of JavaScript events in the presence of a multiple-fields inpu...

7.5CVSS6.9AI score0.01382EPSS

CVE•added 2013/07/10 10:55 a.m.•72 views

CVE-2013-2878

Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the handling of text.

5CVSS6.1AI score0.00734EPSS

CVE•added 2013/07/31 1:20 p.m.•70 views

CVE-2013-2886

Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS6.8AI score0.00395EPSS

CVE•added 2013/07/31 1:20 p.m.•69 views

CVE-2013-2884

Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper tracking of which document owns an Attr object.

7.5CVSS7AI score0.00887EPSS

CVE•added 2013/07/10 10:55 a.m.•67 views

CVE-2013-2867

Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site.

7.5CVSS6.2AI score0.00656EPSS

CVE•added 2013/07/10 10:55 a.m.•65 views

CVE-2013-2870

Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute arbitrary code via crafted response traffic after a URL request.

9.3CVSS7.2AI score0.01324EPSS

CVE•added 2013/07/10 10:55 a.m.•63 views

CVE-2013-2869

Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted JPEG2000 image.

4.3CVSS6AI score0.00686EPSS

CVE•added 2013/07/10 10:55 a.m.•61 views

CVE-2013-2873

Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP status code during the loading of resources.

7.5CVSS7.2AI score0.00887EPSS

CVE•added 2013/07/10 10:55 a.m.•60 views

CVE-2013-2876

browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions, which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial p...

5CVSS5.4AI score0.00354EPSS

CVE•added 2013/07/10 10:55 a.m.•60 views

CVE-2013-2879

Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site.

5.8CVSS6AI score0.00474EPSS

CVE•added 2013/07/31 1:20 p.m.•60 views

CVE-2013-2883

Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to deleting the registration of a MutationObserver object.

7.5CVSS7AI score0.00887EPSS

CVE•added 2013/07/10 10:55 a.m.•59 views

CVE-2013-2868

common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors.

5CVSS6.1AI score0.00384EPSS