Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 9010 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-4347 1 Debian 2 Debian Linux, Kernel-patch-vserver 2024-02-28 5.0 MEDIUM N/A
The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver.
CVE-2005-0625 1 Debian 1 Reportbug 2024-02-28 2.1 LOW N/A
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.
CVE-2005-2459 2 Debian, Linux 2 Debian Linux, Linux Kernel 2024-02-28 5.0 MEDIUM N/A
The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458.
CVE-2004-0996 4 Cscope, Debian, Gentoo and 1 more 4 Cscope, Debian Linux, Linux and 1 more 2024-02-28 2.1 LOW N/A
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-1004 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2024-02-28 7.5 HIGH N/A
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-0994 2 Debian, Zgv 3 Debian Linux, Xzgv Image Viewer, Zgv Image Viewer 2024-02-28 10.0 HIGH N/A
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
CVE-2006-1566 1 Debian 1 Debian Linux 2024-02-28 4.6 MEDIUM N/A
Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.
CVE-2005-2960 2 Debian, Gnu 2 Debian Linux, Cfengine 2024-02-28 2.1 LOW N/A
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
CVE-2004-1174 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2024-02-28 5.0 MEDIUM N/A
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
CVE-2006-0042 2 Apache, Debian 2 Libapreq2, Debian Linux 2024-02-28 5.0 MEDIUM N/A
Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial of service (CPU consumption) via unknown attack vectors that result in quadratic computational complexity.
CVE-2004-0964 2 Debian, Zinf 2 Debian Linux, Zinf 2024-02-28 10.0 HIGH N/A
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE-2005-4536 1 Debian 1 Libmail-audit-perl 2024-02-28 2.1 LOW N/A
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
CVE-2004-0888 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2024-02-28 10.0 HIGH N/A
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVE-2005-0005 6 Debian, Gentoo, Graphicsmagick and 3 more 6 Debian Linux, Linux, Graphicsmagick and 3 more 2024-02-28 7.5 HIGH N/A
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
CVE-2005-1689 3 Apple, Debian, Mit 4 Mac Os X, Mac Os X Server, Debian Linux and 1 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
CVE-2004-1014 4 Debian, Mandrakesoft, Nfs and 1 more 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2024-02-28 5.0 MEDIUM N/A
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
CVE-2006-2661 3 Canonical, Debian, Freetype 3 Ubuntu Linux, Debian Linux, Freetype 2024-02-28 5.0 MEDIUM N/A
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
CVE-2005-2498 2 Debian, Gggeek 2 Debian Linux, Phpxmlrpc 2024-02-28 7.5 HIGH N/A
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
CVE-2005-0073 1 Debian 1 Sympa 2024-02-28 4.6 MEDIUM N/A
Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code.
CVE-2004-0981 4 Debian, Gentoo, Imagemagick and 1 more 4 Debian Linux, Linux, Imagemagick and 1 more 2024-02-28 10.0 HIGH N/A
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.