VYPR

Vendor CVEs

Debian

All CVEs

3,338 total · sorted by risk
  • CVE-2007-5718Oct 30, 2007
    risk 0.00cvss epss 0.00

    vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.

  • CVE-2007-5207Oct 4, 2007
    risk 0.00cvss epss 0.00

    guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.

  • CVE-2007-5191Oct 4, 2007
    risk 0.00cvss epss 0.00

    mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.

  • CVE-2007-5193Oct 4, 2007
    risk 0.00cvss epss 0.02

    The default configuration for twiki 4.1.2 on Debian GNU/Linux, and possibly other operating systems, specifies the work area directory (cfg{RCS}{WorkAreaDir}) under the web document root, which might allow remote attackers to obtain sensitive information when .htaccess…

  • CVE-2007-3912Sep 10, 2007
    risk 0.00cvss epss 0.00

    checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.

  • CVE-2007-4739Sep 6, 2007
    risk 0.00cvss epss 0.02

    reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file by signing it with an unknown key, related to the update command.

  • CVE-2007-4657Sep 4, 2007
    risk 0.00cvss epss 0.03

    Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an…

  • CVE-2007-3998Sep 4, 2007
    risk 0.00cvss epss 0.03

    The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated…

  • CVE-2007-3713Jul 11, 2007
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might overlap…

  • CVE-2007-1664Jun 27, 2007
    risk 0.00cvss epss 0.02

    ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.

  • CVE-2007-1665Jun 27, 2007
    risk 0.00cvss epss 0.02

    Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.

  • CVE-2007-2443Jun 26, 2007
    risk 0.00cvss epss 0.03

    Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.

  • CVE-2007-2833Jun 21, 2007
    risk 0.00cvss epss 0.02

    Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.

  • CVE-2007-3278Jun 19, 2007
    risk 0.00cvss epss 0.01

    PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the…

  • CVE-2007-2875Jun 11, 2007
    risk 0.00cvss epss 0.00

    Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.

  • CVE-2007-2691May 16, 2007
    risk 0.00cvss epss 0.03

    MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

  • CVE-2007-2650May 14, 2007
    risk 0.00cvss epss 0.03

    The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.

  • CVE-2007-2444May 14, 2007
    risk 0.00cvss epss 0.01

    Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

  • CVE-2007-1864May 9, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

  • CVE-2007-1320May 2, 2007
    risk 0.00cvss epss 0.00

    Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark…

  • CVE-2007-1366May 2, 2007
    risk 0.00cvss epss 0.00

    QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.

  • CVE-2007-1322May 2, 2007
    risk 0.00cvss epss 0.00

    QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.

  • CVE-2007-2138Apr 24, 2007
    risk 0.00cvss epss 0.03

    Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function…

  • CVE-2007-2172Apr 22, 2007
    risk 0.00cvss epss 0.00

    A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, IPv4) functions.

  • CVE-2007-1887Apr 6, 2007
    risk 0.00cvss epss 0.05

    Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the…

  • CVE-2007-1667Mar 24, 2007
    risk 0.00cvss epss 0.05

    Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images…

  • CVE-2007-0994Mar 6, 2007
    risk 0.00cvss epss 0.03

    A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or…

  • CVE-2006-7094Mar 2, 2007
    risk 0.00cvss epss 0.03

    ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack…

  • CVE-2007-0778Feb 26, 2007
    risk 0.00cvss epss 0.03

    The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further…

  • CVE-2006-6501Dec 20, 2006
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.

  • CVE-2006-6503Dec 20, 2006
    risk 0.00cvss epss 0.04

    Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.

  • CVE-2006-6499Dec 20, 2006
    risk 0.00cvss epss 0.04

    The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced, which allows remote attackers to cause a denial of service…

  • CVE-2006-6614Dec 18, 2006
    risk 0.00cvss epss 0.00

    The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and…

  • CVE-2006-5873Dec 12, 2006
    risk 0.00cvss epss 0.02

    Buffer overflow in the cluster_process_heartbeat function in cluster.c in layer 2 tunneling protocol network server (l2tpns) before 2.1.21 allows remote attackers to cause a denial of service via a large heartbeat packet.

  • CVE-2006-5868Nov 22, 2006
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.

  • CVE-2006-4248Oct 31, 2006
    risk 0.00cvss epss 0.00

    thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.

  • CVE-2006-5170Oct 10, 2006
    risk 0.00cvss epss 0.04

    pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to…

  • CVE-2006-4482Aug 31, 2006
    risk 0.00cvss epss 0.04

    Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.

  • CVE-2006-4093Aug 21, 2006
    risk 0.00cvss epss 0.00

    Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

  • CVE-2006-3123Aug 7, 2006
    risk 0.00cvss epss 0.00

    Multiple integer overflows in the (1) dodecrypt and (2) doencrypt functions in cfs_fh.c in cfsd in Matt Blaze Cryptographic File System (CFS) 1.4.1 before Debian GNU/Linux package 1.4.1-17 allow local users to cause a denial of service (daemon crash) by appending data to a file…

  • CVE-2006-2935Jul 5, 2006
    risk 0.00cvss epss 0.01

    The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer…

  • CVE-2006-1174May 28, 2006
    risk 0.00cvss epss 0.00

    useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read…

  • CVE-2006-2542May 23, 2006
    risk 0.00cvss epss 0.00

    xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumption).

  • CVE-2006-2443May 18, 2006
    risk 0.00cvss epss 0.00

    The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local users to obtain sensitive information such as the username and password for the KnowledgeTree database.

  • CVE-2006-1844Apr 19, 2006
    risk 0.00cvss epss 0.00

    The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.

  • CVE-2006-1753Apr 18, 2006
    risk 0.00cvss epss 0.00

    A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.

  • CVE-2006-1530Apr 14, 2006
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient…

  • CVE-2006-1531Apr 14, 2006
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient…

  • CVE-2006-1772Apr 13, 2006
    risk 0.00cvss epss 0.00

    debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the cleartext database administrator password in the…

  • CVE-2006-1565Mar 31, 2006
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory.

Page 63 of 67