Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Debian Subscribe
Filtered by product Debian Linux
Total 8096 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-2557 3 Debian, Gentoo, Mantis 3 Debian Linux, Linux, Mantis 2017-07-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090.
CVE-2004-0964 2 Debian, Zinf 2 Debian Linux, Zinf 2017-07-10 10.0 HIGH N/A
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE-2004-0456 3 Debian, Gentoo, Pavuk 3 Debian Linux, Linux, Pavuk 2017-07-10 7.6 HIGH N/A
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
CVE-2004-0451 2 Debian, Sup 2 Debian Linux, Sup 2017-07-10 10.0 HIGH N/A
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
CVE-2004-0770 2 Debian, Dgen 2 Debian Linux, Emulator 2017-07-10 2.1 LOW N/A
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.
CVE-2004-0833 1 Debian 1 Debian Linux 2017-07-10 7.5 HIGH N/A
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
CVE-2004-0915 2 Debian, Viewcvs 2 Debian Linux, Viewcvs 2017-07-10 5.0 MEDIUM N/A
Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
CVE-2004-1009 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2017-07-10 5.0 MEDIUM N/A
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2004-0986 4 Debian, Linux, Redhat and 1 more 4 Debian Linux, Linux Kernel, Fedora Core and 1 more 2017-07-10 7.5 HIGH N/A
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
CVE-2004-0564 2 Debian, Roaring Penguin 2 Debian Linux, Pppoe 2017-07-10 2.1 LOW N/A
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings.
CVE-2004-0994 2 Debian, Zgv 3 Debian Linux, Xzgv Image Viewer, Zgv Image Viewer 2017-07-10 10.0 HIGH N/A
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
CVE-2004-0996 4 Cscope, Debian, Gentoo and 1 more 4 Cscope, Debian Linux, Linux and 1 more 2017-07-10 2.1 LOW N/A
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2004-1004 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2017-07-10 7.5 HIGH N/A
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-1005 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2017-07-10 7.5 HIGH N/A
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
CVE-2004-1174 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2017-07-10 5.0 MEDIUM N/A
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
CVE-2004-1176 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2017-07-10 7.5 HIGH N/A
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-1340 1 Debian 1 Debian Linux 2017-07-10 2.1 LOW N/A
Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
CVE-2004-1051 5 Debian, Mandrakesoft, Todd Miller and 2 more 7 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 4 more 2017-07-10 7.2 HIGH N/A
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
CVE-2004-1052 3 Bnc, Debian, Gentoo 3 Bnc, Debian Linux, Linux 2017-07-10 10.0 HIGH N/A
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
CVE-2004-0579 2 Debian, William Deich 2 Debian Linux, Super 2017-07-10 7.2 HIGH N/A
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.