Filtered by vendor Debian
Subscribe
Total
10144 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
|
|||||
| CVE-2004-1076 | 2 Atari800, Debian | 2 Atari800, Debian Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
|
|||||
| CVE-2005-1268 | 3 Apache, Debian, Redhat | 5 Http Server, Debian Linux, Enterprise Linux Desktop and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
|
|||||
| CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
|
|||||
| CVE-2001-0069 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
|
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2000-0607 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
|
|||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
|
|||||
| CVE-1999-0986 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
|
|||||
| CVE-2004-0772 | 3 Debian, Mit, Openpkg | 3 Debian Linux, Kerberos 5, Openpkg | 2025-04-03 | 7.5 HIGH | 9.8 CRITICAL |
|
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
|
|||||
| CVE-2003-0214 | 1 Debian | 1 Mime-support | 2025-04-03 | 4.6 MEDIUM | N/A |
|
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-2002-1395 | 1 Debian | 1 Internet Message | 2025-04-03 | 2.1 LOW | N/A |
|
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.
|
|||||
| CVE-1999-0373 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.
|
|||||
| CVE-2005-3181 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption).
|
|||||
| CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
|
|||||
| CVE-2006-3747 | 3 Apache, Canonical, Debian | 3 Http Server, Ubuntu Linux, Debian Linux | 2025-04-03 | 7.6 HIGH | N/A |
|
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
|
|||||
| CVE-2003-0618 | 2 Debian, Perl | 2 Debian Linux, Suidperl | 2025-04-03 | 2.1 LOW | N/A |
|
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
|
|||||
| CVE-2006-1772 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the mnogosearch-common/database_admin_pass record, which allows local users to view the password.
|
|||||
| CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
|
|||||
| CVE-2004-0835 | 3 Debian, Mysql, Oracle | 3 Debian Linux, Mysql, Mysql | 2025-04-03 | 7.5 HIGH | N/A |
|
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
|
|||||
| CVE-2006-1174 | 1 Debian | 1 Shadow | 2025-04-03 | 3.7 LOW | N/A |
|
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
|
|||||
| CVE-1999-0804 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Linux and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
|
|||||
| CVE-2006-1565 | 1 Debian | 1 Debian Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.
|
|||||
| CVE-2005-1916 | 2 Debian, Ekg Project | 2 Debian Linux, Ekg | 2025-04-03 | 2.1 LOW | 5.5 MEDIUM |
|
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files.
|
|||||
| CVE-2006-1844 | 1 Debian | 2 Base-config, Shadow | 2025-04-03 | 2.1 LOW | N/A |
|
The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
|
|||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow of rlogin program using TERM environmental variable.
|
|||||
| CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
|
|||||
| CVE-2006-2016 | 2 Debian, Phpldapadmin Project | 2 Debian Linux, Phpldapadmin | 2025-04-03 | 2.6 LOW | N/A |
|
Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php.
|
|||||
| CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2025-04-03 | 2.1 LOW | N/A |
|
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
|
|||||
| CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
|
|||||
| CVE-2004-1336 | 2 Debian, Gentoo | 2 Tetex-bin, Linux | 2025-04-03 | 2.1 LOW | N/A |
|
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
|
|||||
| CVE-2006-0050 | 1 Debian | 1 Debian Linux | 2025-04-03 | 1.2 LOW | N/A |
|
snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file.
|
|||||
| CVE-2005-1152 | 1 Debian | 1 Qpopper | 2025-04-03 | 2.1 LOW | N/A |
|
popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to create files with group or world-writable permissions.
|
|||||
| CVE-2001-0416 | 3 Debian, Immunix, Mandrakesoft | 3 Sgml-tools, Immunix, Mandrake Linux | 2025-04-03 | 2.1 LOW | N/A |
|
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
|
|||||
| CVE-2004-0643 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
|
|||||
| CVE-2005-2459 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.
|
|||||
| CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
|
nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.
|
|||||
| CVE-2001-0755 | 1 Debian | 1 Debian Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
|
|||||
| CVE-1999-1330 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
|
|||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2025-04-03 | 2.1 LOW | N/A |
|
Trn allows local users to overwrite other users' files via symlinks.
|
|||||