Filtered by vendor Debian
Subscribe
Total
10135 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2960 | 2 Debian, Gnu | 2 Debian Linux, Cfengine | 2025-04-03 | 2.1 LOW | N/A |
| cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. | |||||
| CVE-1999-0769 | 4 Caldera, Debian, Paul Vixie and 1 more | 4 Openlinux, Debian Linux, Vixie Cron and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | |||||
| CVE-2004-0179 | 3 Apache, Debian, Webdav | 5 Openoffice, Subversion, Debian Linux and 2 more | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. | |||||
| CVE-2001-1331 | 2 Debian, Progeny | 2 Debian Linux, Debian | 2025-04-03 | 1.2 LOW | N/A |
| mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks. | |||||
| CVE-1999-0939 | 1 Debian | 1 Debian Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| Denial of service in Debian IRC Epic/epic4 client via a long string. | |||||
| CVE-2004-1174 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | |||||
| CVE-2004-0434 | 2 Debian, Heimdal Project | 2 Debian Linux, Heimdal | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | |||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2025-04-03 | 2.1 LOW | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | |||||
| CVE-2005-1920 | 2 Debian, Kde | 2 Debian Linux, Kde | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | |||||
| CVE-2005-1268 | 3 Apache, Debian, Redhat | 5 Http Server, Debian Linux, Enterprise Linux Desktop and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. | |||||
| CVE-2000-1136 | 1 Debian | 1 Elvis Tiny | 2025-04-03 | 4.6 MEDIUM | N/A |
| elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2005-1921 | 5 Debian, Drupal, Gggeek and 2 more | 5 Debian Linux, Drupal, Phpxmlrpc and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
| Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement. | |||||
| CVE-2005-1111 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Cpio | 2025-04-03 | 3.7 LOW | 4.7 MEDIUM |
| Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | |||||
| CVE-2005-3111 | 1 Debian | 1 Backupninja | 2025-04-03 | 2.1 LOW | N/A |
| The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 7 Linux, Debian Linux, Freebsd and 4 more | 2025-04-03 | 7.2 HIGH | N/A |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||||
| CVE-2004-1000 | 1 Debian | 1 Lintian | 2025-04-03 | 2.1 LOW | N/A |
| lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack. | |||||
| CVE-2005-0102 | 2 Debian, Gnome | 2 Debian Linux, Evolution | 2025-04-03 | 7.2 HIGH | 9.8 CRITICAL |
| Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. | |||||
| CVE-2005-1260 | 4 Apple, Bzip, Canonical and 1 more | 4 Mac Os X, Bzip2, Ubuntu Linux and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | |||||
| CVE-2004-1175 | 6 Debian, Gentoo, Midnight Commander and 3 more | 8 Debian Linux, Linux, Midnight Commander and 5 more | 2025-04-03 | 7.5 HIGH | N/A |
| fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | |||||
| CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | |||||