Filtered by vendor Debian
Subscribe
Total
9006 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | |||||
CVE-2005-2557 | 3 Debian, Gentoo, Mantis | 3 Debian Linux, Linux, Mantis | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. | |||||
CVE-2004-1175 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2024-02-28 | 7.5 HIGH | N/A |
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | |||||
CVE-2005-1527 | 3 Awstats, Canonical, Debian | 3 Awstats, Ubuntu Linux, Debian Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call. | |||||
CVE-2005-0102 | 2 Debian, Gnome | 2 Debian Linux, Evolution | 2024-02-28 | 7.2 HIGH | 9.8 CRITICAL |
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. | |||||
CVE-2005-2456 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array. | |||||
CVE-2005-3106 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-02-28 | 1.2 LOW | 4.7 MEDIUM |
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec. | |||||
CVE-2005-1920 | 2 Debian, Kde | 2 Debian Linux, Kde | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | |||||
CVE-2006-1564 | 1 Debian | 1 Debian Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
CVE-2006-1565 | 1 Debian | 1 Debian Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
CVE-2005-1513 | 3 Canonical, Debian, Qmail Project | 3 Ubuntu Linux, Debian Linux, Qmail | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request. | |||||
CVE-2006-1753 | 1 Debian | 1 Debian Linux | 2024-02-28 | 3.6 LOW | N/A |
A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
CVE-2005-0211 | 2 Debian, Squid-cache | 2 Debian Linux, Squid | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter. | |||||
CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 7 Linux, Debian Linux, Freebsd and 4 more | 2024-02-28 | 7.2 HIGH | N/A |
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||||
CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2024-02-28 | 2.1 LOW | N/A |
Trn allows local users to overwrite other users' files via symlinks. | |||||
CVE-2001-0125 | 3 Debian, Exmh, Mandrakesoft | 4 Debian Linux, Exmh, Mandrake Linux and 1 more | 2024-02-28 | 1.2 LOW | N/A |
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. | |||||
CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||||
CVE-2000-0315 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | |||||
CVE-2000-0366 | 1 Debian | 1 Debian Linux | 2024-02-28 | 2.1 LOW | N/A |
dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files. | |||||
CVE-2004-0455 | 2 Debian, Www-sql Project | 2 Debian Linux, Www-sql | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql. |