Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-6275 |
Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php. Published: November 05, 2019; 2:15:10 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-6461 |
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits Published: November 05, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-6460 |
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents Published: November 05, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-1000002 |
gdm3 3.14.2 and possibly later has an information leak before screen lock Published: November 05, 2019; 9:15:13 AM -0500 |
V4.0:(not available) V3.1: 2.4 LOW V2.0: 2.1 LOW |
CVE-2013-6365 |
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions Published: November 05, 2019; 9:15:13 AM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 2.6 LOW |
CVE-2013-6364 |
Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book Published: November 05, 2019; 9:15:13 AM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-5333 |
Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file. Published: November 04, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-5332 |
The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. Published: November 04, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2013-4251 |
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. Published: November 04, 2019; 3:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2005-4890 |
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. Published: November 04, 2019; 2:15:10 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2013-4168 |
Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. Published: November 01, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-2255 |
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. Published: November 01, 2019; 3:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2005-2351 |
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files. Published: November 01, 2019; 3:15:10 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2013-3718 |
evince is missing a check on number of pages which can lead to a segmentation fault Published: November 01, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-2739 |
MiniDLNA has heap-based buffer overflow Published: November 01, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-2600 |
MiniUPnPd has information disclosure use of snprintf() Published: November 01, 2019; 8:15:10 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-6123 |
Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack." Published: October 31, 2019; 5:15:11 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2013-2024 |
OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0. Published: October 31, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 9.0 HIGH |
CVE-2013-2012 |
autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory. Published: October 31, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0: 4.4 MEDIUM |
CVE-2013-1951 |
A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names. Published: October 31, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |