Filtered by vendor Debian
Subscribe
Total
8236 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0511 | 1 Debian | 1 Debian Linux | 2017-10-09 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request. | |||||
CVE-2000-0510 | 1 Debian | 1 Debian Linux | 2017-10-09 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request. | |||||
CVE-2000-0513 | 1 Debian | 1 Debian Linux | 2017-10-09 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password. | |||||
CVE-2000-0512 | 1 Debian | 1 Debian Linux | 2017-10-09 | 5.0 MEDIUM | N/A |
CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2017-10-09 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-1999-1048 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2017-10-09 | 4.6 MEDIUM | N/A |
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. | |||||
CVE-2000-1135 | 1 Debian | 1 Debian Linux | 2017-10-09 | 4.6 MEDIUM | N/A |
fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. | |||||
CVE-2000-1136 | 1 Debian | 1 Elvis Tiny | 2017-10-09 | 4.6 MEDIUM | N/A |
elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack. | |||||
CVE-1999-1276 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2017-10-09 | 7.2 HIGH | N/A |
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. | |||||
CVE-2001-0069 | 1 Debian | 1 Debian Linux | 2017-10-09 | 2.1 LOW | N/A |
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0111 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2017-10-09 | 7.2 HIGH | N/A |
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | |||||
CVE-2009-1341 | 1 Debian | 1 Libdbd-pg-perl | 2017-09-28 | 5.0 MEDIUM | N/A |
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns. | |||||
CVE-2008-3234 | 2 Debian, Openbsd | 2 Debian Linux, Openssh | 2017-09-28 | 6.5 MEDIUM | N/A |
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username. | |||||
CVE-2007-3919 | 2 Debian, Xensource Inc | 2 Debian Linux, Xen | 2017-09-28 | 6.0 MEDIUM | N/A |
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | |||||
CVE-2015-1330 | 2 Canonical, Debian | 2 Ubuntu Linux, Unattended-upgrades | 2017-09-21 | 6.8 MEDIUM | N/A |
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors. | |||||
CVE-2015-5143 | 4 Canonical, Debian, Djangoproject and 1 more | 4 Ubuntu Linux, Debian Linux, Django and 1 more | 2017-09-21 | 7.8 HIGH | N/A |
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys. | |||||
CVE-2015-5144 | 4 Canonical, Debian, Djangoproject and 1 more | 4 Ubuntu Linux, Debian Linux, Django and 1 more | 2017-09-21 | 4.3 MEDIUM | N/A |
Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an (1) email message to the EmailValidator, a (2) URL to the URLValidator, or unspecified vectors to the (3) validate_ipv4_address or (4) validate_slug validator. | |||||
CVE-2015-5400 | 3 Debian, Fedoraproject, Squid-cache | 3 Debian Linux, Fedora, Squid | 2017-09-21 | 6.8 MEDIUM | N/A |
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request. | |||||
CVE-2015-2749 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2017-09-21 | 5.8 MEDIUM | 6.1 MEDIUM |
Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter. | |||||
CVE-2015-5623 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2017-09-20 | 4.0 MEDIUM | N/A |
WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscriber role, as demonstrated by a post-quickdraft-save action to wp-admin/post.php. |