Vendor CVEs
Debian
All CVEs
3,338 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4099 | 0.00 | — | 0.02 | Sep 18, 2008 | PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. | |||
| CVE-2008-4098 | 0.00 | — | 0.02 | Sep 18, 2008 | MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables… | |||
| CVE-2008-3913 | 0.00 | — | 0.03 | Sep 11, 2008 | Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic". | |||
| CVE-2008-3912 | 0.00 | — | 0.03 | Sep 11, 2008 | libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. | |||
| CVE-2008-3928 | 0.00 | — | 0.00 | Sep 4, 2008 | test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||
| CVE-2008-3930 | 0.00 | — | 0.00 | Sep 4, 2008 | migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||
| CVE-2008-1945 | 0.00 | — | 0.00 | Aug 8, 2008 | QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to… | |||
| CVE-2008-3535 | 0.00 | — | 0.01 | Aug 8, 2008 | Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by… | |||
| CVE-2008-3534 | 0.00 | — | 0.01 | Aug 8, 2008 | The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv… | |||
| CVE-2008-3272 | 0.00 | — | 0.00 | Aug 8, 2008 | The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which… | |||
| CVE-2008-3142 | 0.00 | — | 0.04 | Aug 1, 2008 | Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related… | |||
| CVE-2008-3330 | 0.00 | — | 0.01 | Jul 27, 2008 | Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote attackers to inject arbitrary web script or HTML via the contact name. | |||
| CVE-2008-3325 | 0.00 | — | 0.01 | Jul 25, 2008 | Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page. | |||
| CVE-2008-3216 | 0.00 | — | 0.00 | Jul 18, 2008 | The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2008-2826 | 0.00 | — | 0.00 | Jul 2, 2008 | Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via… | |||
| CVE-2008-2662 | 0.00 | — | 0.04 | Jun 24, 2008 | Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via… | |||
| CVE-2008-2663 | 0.00 | — | 0.04 | Jun 24, 2008 | Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a… | |||
| CVE-2008-2725 | 0.00 | — | 0.04 | Jun 24, 2008 | Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via… | |||
| CVE-2008-2664 | 0.00 | — | 0.04 | Jun 24, 2008 | The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue… | |||
| CVE-2008-2726 | 0.00 | — | 0.04 | Jun 24, 2008 | Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory… | |||
| CVE-2008-2828 | 0.00 | — | 0.05 | Jun 23, 2008 | Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field. | |||
| CVE-2008-2137 | 0.00 | — | 0.00 | May 29, 2008 | The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap… | |||
| CVE-2008-2136 | 0.00 | — | 0.05 | May 16, 2008 | Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related… | |||
| CVE-2008-2079 | 0.00 | — | 0.03 | May 5, 2008 | MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL… | |||
| CVE-2008-1375 | 0.00 | — | 0.00 | May 2, 2008 | Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. | |||
| CVE-2008-1994 | 0.00 | — | 0.00 | Apr 27, 2008 | Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via (1) a long HOME environment variable or (2) a large number of terminal columns. | |||
| CVE-2008-1901 | 0.00 | — | 0.00 | Apr 22, 2008 | aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. | |||
| CVE-2008-1902 | 0.00 | — | 0.01 | Apr 22, 2008 | The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote attackers to remove or modify packages via an apt:// URL. | |||
| CVE-2008-1877 | 0.00 | — | 0.00 | Apr 17, 2008 | tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges. | |||
| CVE-2008-1771 | 0.00 | — | 0.04 | Apr 16, 2008 | Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length. | |||
| CVE-2008-1721 | 0.00 | — | 0.23 | Apr 10, 2008 | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | |||
| CVE-2008-1531 | 0.00 | — | 0.03 | Mar 27, 2008 | The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which… | |||
| CVE-2008-1417 | 0.00 | — | 0.00 | Mar 20, 2008 | The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file. | |||
| CVE-2008-0930 | 0.00 | — | 0.00 | Mar 4, 2008 | w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | |||
| CVE-2008-0931 | 0.00 | — | 0.00 | Mar 4, 2008 | w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file. | |||
| CVE-2007-6415 | 0.00 | — | 0.04 | Jan 25, 2008 | scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options. | |||
| CVE-2007-6427 | 0.00 | — | 0.04 | Jan 18, 2008 | The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. | |||
| CVE-2008-0302 | 0.00 | — | 0.01 | Jan 17, 2008 | Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory. | |||
| CVE-2007-6284 | 0.00 | — | 0.03 | Jan 12, 2008 | The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences. | |||
| CVE-2007-6601 | 0.00 | — | 0.02 | Jan 9, 2008 | The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists… | |||
| CVE-2007-4772 | 0.00 | — | 0.04 | Jan 9, 2008 | The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression. | |||
| CVE-2007-6599 | 0.00 | — | 0.02 | Jan 4, 2008 | Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to… | |||
| CVE-2007-6610 | 0.00 | — | 0.02 | Jan 3, 2008 | unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third… | |||
| CVE-2007-6353 | 0.00 | — | 0.05 | Dec 20, 2007 | Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | |||
| CVE-2007-6418 | 0.00 | — | 0.00 | Dec 18, 2007 | The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments. | |||
| CVE-2007-6206 | 0.00 | — | 0.00 | Dec 4, 2007 | The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain… | |||
| CVE-2007-6170 | 0.00 | — | 0.03 | Nov 30, 2007 | SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2)… | |||
| CVE-2007-5730 | 0.00 | — | 0.01 | Oct 30, 2007 | Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to… | |||
| CVE-2007-5729 | 0.00 | — | 0.01 | Oct 30, 2007 | The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some… | |||
| CVE-2007-1321 | 0.00 | — | 0.00 | Oct 30, 2007 | Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE:… |
- CVE-2008-4099Sep 18, 2008risk 0.00cvss —epss 0.02
PyDNS (aka python-dns) before 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447.
- CVE-2008-4098Sep 18, 2008risk 0.00cvss —epss 0.02
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables…
- CVE-2008-3913Sep 11, 2008risk 0.00cvss —epss 0.03
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
- CVE-2008-3912Sep 11, 2008risk 0.00cvss —epss 0.03
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
- CVE-2008-3928Sep 4, 2008risk 0.00cvss —epss 0.00
test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file.
- CVE-2008-3930Sep 4, 2008risk 0.00cvss —epss 0.00
migrate_aliases.sh in Citadel Server 7.37 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
- CVE-2008-1945Aug 8, 2008risk 0.00cvss —epss 0.00
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to…
- CVE-2008-3535Aug 8, 2008risk 0.00cvss —epss 0.01
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by…
- CVE-2008-3534Aug 8, 2008risk 0.00cvss —epss 0.01
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv…
- CVE-2008-3272Aug 8, 2008risk 0.00cvss —epss 0.00
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which…
- CVE-2008-3142Aug 1, 2008risk 0.00cvss —epss 0.04
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related…
- CVE-2008-3330Jul 27, 2008risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in services/obrowser/index.php in Horde 3.2 and Turba 2.2 allows remote attackers to inject arbitrary web script or HTML via the contact name.
- CVE-2008-3325Jul 25, 2008risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page.
- CVE-2008-3216Jul 18, 2008risk 0.00cvss —epss 0.00
The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2008-2826Jul 2, 2008risk 0.00cvss —epss 0.00
Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via…
- CVE-2008-2662Jun 24, 2008risk 0.00cvss —epss 0.04
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via…
- CVE-2008-2663Jun 24, 2008risk 0.00cvss —epss 0.04
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a…
- CVE-2008-2725Jun 24, 2008risk 0.00cvss —epss 0.04
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via…
- CVE-2008-2664Jun 24, 2008risk 0.00cvss —epss 0.04
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue…
- CVE-2008-2726Jun 24, 2008risk 0.00cvss —epss 0.04
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory…
- CVE-2008-2828Jun 23, 2008risk 0.00cvss —epss 0.05
Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field.
- CVE-2008-2137May 29, 2008risk 0.00cvss —epss 0.00
The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap…
- CVE-2008-2136May 16, 2008risk 0.00cvss —epss 0.05
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related…
- CVE-2008-2079May 5, 2008risk 0.00cvss —epss 0.03
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL…
- CVE-2008-1375May 2, 2008risk 0.00cvss —epss 0.00
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
- CVE-2008-1994Apr 27, 2008risk 0.00cvss —epss 0.00
Multiple stack-based buffer overflows in (a) acon.c, (b) menu.c, and (c) child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via (1) a long HOME environment variable or (2) a large number of terminal columns.
- CVE-2008-1901Apr 22, 2008risk 0.00cvss —epss 0.00
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file.
- CVE-2008-1902Apr 22, 2008risk 0.00cvss —epss 0.01
The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote attackers to remove or modify packages via an apt:// URL.
- CVE-2008-1877Apr 17, 2008risk 0.00cvss —epss 0.00
tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges.
- CVE-2008-1771Apr 16, 2008risk 0.00cvss —epss 0.04
Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a large Content-Length.
- CVE-2008-1721Apr 10, 2008risk 0.00cvss —epss 0.23
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
- CVE-2008-1531Mar 27, 2008risk 0.00cvss —epss 0.03
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which…
- CVE-2008-1417Mar 20, 2008risk 0.00cvss —epss 0.00
The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file.
- CVE-2008-0930Mar 4, 2008risk 0.00cvss —epss 0.00
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information.
- CVE-2008-0931Mar 4, 2008risk 0.00cvss —epss 0.00
w_export.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions (0666) for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file.
- CVE-2007-6415Jan 25, 2008risk 0.00cvss —epss 0.04
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.
- CVE-2007-6427Jan 18, 2008risk 0.00cvss —epss 0.04
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
- CVE-2008-0302Jan 17, 2008risk 0.00cvss —epss 0.01
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
- CVE-2007-6284Jan 12, 2008risk 0.00cvss —epss 0.03
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
- CVE-2007-6601Jan 9, 2008risk 0.00cvss —epss 0.02
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists…
- CVE-2007-4772Jan 9, 2008risk 0.00cvss —epss 0.04
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
- CVE-2007-6599Jan 4, 2008risk 0.00cvss —epss 0.02
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to…
- CVE-2007-6610Jan 3, 2008risk 0.00cvss —epss 0.02
unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third…
- CVE-2007-6353Dec 20, 2007risk 0.00cvss —epss 0.05
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
- CVE-2007-6418Dec 18, 2007risk 0.00cvss —epss 0.00
The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
- CVE-2007-6206Dec 4, 2007risk 0.00cvss —epss 0.00
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain…
- CVE-2007-6170Nov 30, 2007risk 0.00cvss —epss 0.03
SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2)…
- CVE-2007-5730Oct 30, 2007risk 0.00cvss —epss 0.01
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to…
- CVE-2007-5729Oct 30, 2007risk 0.00cvss —epss 0.01
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some…
- CVE-2007-1321Oct 30, 2007risk 0.00cvss —epss 0.00
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE:…
Page 62 of 67