Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-3438 |
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server. Published: November 12, 2019; 3:15:09 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2010-3359 |
If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account. Published: November 12, 2019; 2:15:10 PM -0500 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0: 4.4 MEDIUM |
CVE-2012-1572 |
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space Published: November 12, 2019; 12:15:10 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2011-3618 |
atop: symlink attack possible due to insecure tempfile handling Published: November 12, 2019; 10:15:10 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2011-2897 |
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw Published: November 12, 2019; 9:15:10 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2009-3614 |
liboping 1.3.2 allows users reading arbitrary files upon the local system. Published: November 08, 2019; 10:15:10 PM -0500 |
V4.0:(not available) V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2008-7291 |
gri before 2.12.18 generates temporary files in an insecure way. Published: November 07, 2019; 7:15:10 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-1809 |
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. Published: November 07, 2019; 6:15:10 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 6.4 MEDIUM |
CVE-2007-6745 |
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. Published: November 07, 2019; 6:15:10 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-1429 |
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. Published: November 07, 2019; 5:15:10 PM -0500 |
V4.0:(not available) V3.1: 6.3 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2007-5743 |
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. Published: November 07, 2019; 5:15:10 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
CVE-2013-1425 |
ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. Published: November 07, 2019; 4:15:10 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2019-3465 |
Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message. Published: November 07, 2019; 3:15:11 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2012-0051 |
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. Published: November 07, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.4 HIGH V2.0: 5.8 MEDIUM |
CVE-2012-0049 |
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. Published: November 07, 2019; 1:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-18804 |
DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. Published: November 07, 2019; 1:15:10 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2011-4625 |
simplesamlphp before 1.6.3 (squeeze) and before 1.8.2 (sid) incorrectly handles XML encryption which could allow remote attackers to decrypt or forge messages. Published: November 06, 2019; 10:15:10 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2007-0899 |
There is a possible heap overflow in libclamav/fsg.c before 0.100.0. Published: November 05, 2019; 11:15:10 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2006-4245 |
archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. Published: November 05, 2019; 10:15:10 PM -0500 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 6.8 MEDIUM |
CVE-2013-5123 |
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. Published: November 05, 2019; 5:15:10 PM -0500 |
V4.0:(not available) V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |