Filtered by vendor Debian
Subscribe
Total
8991 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1564 | 1 Debian | 1 Debian Linux | 2017-07-20 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. | |||||
| CVE-2006-1376 | 1 Debian | 1 Debian Linux | 2017-07-20 | 2.1 LOW | N/A |
| The installation of Debian GNU/Linux 3.1r1 from the network install CD creates /var/log/debian-installer/cdebconf with world writable permissions, which allows local users to cause a denial of service (disk consumption). | |||||
| CVE-2006-0050 | 1 Debian | 1 Debian Linux | 2017-07-20 | 1.2 LOW | N/A |
| snmptrapfmt in Debian 3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary log file. | |||||
| CVE-2005-4536 | 1 Debian | 1 Libmail-audit-perl | 2017-07-20 | 2.1 LOW | N/A |
| Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file. | |||||
| CVE-2004-1175 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2017-07-19 | 7.5 HIGH | N/A |
| fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | |||||
| CVE-2005-3111 | 1 Debian | 1 Backupninja | 2017-07-11 | 2.1 LOW | N/A |
| The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2017-07-11 | 2.1 LOW | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | |||||
| CVE-2005-2557 | 3 Debian, Gentoo, Mantis | 3 Debian Linux, Linux, Mantis | 2017-07-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. | |||||
| CVE-2005-1854 | 1 Debian | 1 Apt-cacher | 2017-07-11 | 7.5 HIGH | N/A |
| Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. | |||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2017-07-11 | 2.1 LOW | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | |||||
| CVE-2005-0624 | 1 Debian | 1 Reportbug | 2017-07-11 | 2.1 LOW | N/A |
| reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords. | |||||
| CVE-2005-0159 | 1 Debian | 2 Debian Linux, Toolchain-source | 2017-07-11 | 4.6 MEDIUM | N/A |
| The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-0076 | 1 Debian | 1 Debian Linux | 2017-07-11 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. | |||||
| CVE-2004-1340 | 1 Debian | 1 Debian Linux | 2017-07-11 | 2.1 LOW | N/A |
| Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. | |||||
| CVE-2004-1336 | 2 Debian, Gentoo | 2 Tetex-bin, Linux | 2017-07-11 | 2.1 LOW | N/A |
| The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2004-1176 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2017-07-11 | 7.5 HIGH | N/A |
| Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2004-1174 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | |||||
| CVE-2004-1095 | 2 Debian, Zgv | 3 Debian Linux, Xzgv Image Viewer, Zgv Image Viewer | 2017-07-11 | 10.0 HIGH | N/A |
| Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct. | |||||
| CVE-2004-1093 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | |||||
| CVE-2004-1092 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2017-07-11 | 5.0 MEDIUM | N/A |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. | |||||