Total
8096 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1499 | 2 Banu, Debian | 2 Tinyproxy, Debian Linux | 2017-08-16 | 2.6 LOW | N/A |
| acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server. | |||||
| CVE-2010-0394 | 3 Debian, Edgewall Software, Nanosleep | 3 Debian Linux, Trac, Trac-git | 2017-08-16 | 6.8 MEDIUM | N/A |
| PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command. | |||||
| CVE-2009-1573 | 4 Branden Robinson, Debian, Redhat and 1 more | 4 Xvfb-run, Debian Linux, Fedora and 1 more | 2017-08-16 | 4.6 MEDIUM | N/A |
| xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments. | |||||
| CVE-2009-1962 | 2 Debian, Xfig | 2 Debian Linux, Xfig | 2017-08-16 | 4.4 MEDIUM | N/A |
| Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID. | |||||
| CVE-2008-4553 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2017-08-07 | 7.2 HIGH | N/A |
| qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories. | |||||
| CVE-2008-4908 | 2 Crossfire, Debian | 2 Crossfire, Debian Linux | 2017-08-07 | 3.3 LOW | N/A |
| maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-2008-1569 | 2 Debian, Policyd-weight | 2 Debian Linux, Policyd-weight | 2017-08-07 | 3.3 LOW | N/A |
| policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket. | |||||
| CVE-2008-0167 | 2 Debian, Gforge | 2 Debian Linux, Gforge | 2017-08-07 | 4.6 MEDIUM | N/A |
| The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances. | |||||
| CVE-2016-7044 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2017-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code. | |||||
| CVE-2016-7045 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2017-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string. | |||||
| CVE-2007-6220 | 2 Debian, Typespeed | 2 Debian Linux, Typespeed | 2017-07-28 | 5.0 MEDIUM | N/A |
| typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error. | |||||
| CVE-2007-5718 | 2 Debian, Vobcopy | 2 Debian Linux, Vobcopy | 2017-07-28 | 4.9 MEDIUM | N/A |
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | |||||
| CVE-2007-5827 | 2 Debian, Iscsitarget | 2 Debian Linux, Iscsitarget | 2017-07-28 | 2.1 LOW | N/A |
| iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords. | |||||
| CVE-2007-5795 | 2 Debian, Gnu | 2 Debian Linux, Emacs | 2017-07-28 | 6.3 MEDIUM | N/A |
| The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration. | |||||
| CVE-2007-2838 | 2 Debian, Gsambad | 2 Debian Linux, Gsambad | 2017-07-28 | 7.2 HIGH | N/A |
| The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file. | |||||
| CVE-2007-2029 | 2 Clam Anti-virus, Debian | 2 Clamav, Debian Linux | 2017-07-28 | 7.8 HIGH | N/A |
| File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file. | |||||
| CVE-2007-2835 | 2 Debian, Unicon-imc2 | 2 Debian Linux, Unicon-imc2 | 2017-07-28 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2007-2837 | 2 Debian, Fireflier | 2 Debian Linux, Fireflier | 2017-07-28 | 3.6 LOW | N/A |
| The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file. | |||||
| CVE-2007-1663 | 2 Debian, Ekg | 2 Debian Linux, Ekg | 2017-07-28 | 5.0 MEDIUM | N/A |
| Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service. | |||||
| CVE-2007-1664 | 2 Debian, Ekg | 2 Debian Linux, Ekg | 2017-07-28 | 5.0 MEDIUM | N/A |
| ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality. | |||||