Debian_linux - Vulncode-DB

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/WordPress/WordPress
• https://github.com/FFmpeg/FFmpeg
• https://github.com/krb5/krb5

More/Less (134)

• https://github.com/rdesktop/rdesktop
• https://github.com/neomutt/neomutt
• https://github.com/FasterXML/jackson-databind
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/redmine/redmine
• https://github.com/rubygems/rubygems
• https://github.com/dbry/WavPack
• https://github.com/bcgit/bc-java
• https://github.com/uclouvain/openjpeg
• https://github.com/kyz/libmspack
• https://github.com/mantisbt/mantisbt
• https://github.com/libgd/libgd
• https://github.com/gpac/gpac
• https://github.com/newsoft/libvncserver
• https://github.com/mdadams/jasper
• https://github.com/LibRaw/LibRaw
• https://github.com/ceph/ceph
• https://github.com/php/php-src
• https://github.com/uriparser/uriparser
• https://github.com/FreeRDP/FreeRDP
• https://github.com/verdammelt/tnef
• https://github.com/antirez/redis
• https://github.com/openssl/openssl
• https://github.com/ntp-project/ntp
• https://github.com/LibVNC/libvncserver
• https://github.com/inspircd/inspircd
• https://github.com/libgit2/libgit2
• https://github.com/Perl/perl5
• https://github.com/OTRS/otrs
• https://github.com/ARMmbed/mbedtls
• https://github.com/Yeraze/ytnef
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/libevent/libevent
• https://github.com/memcached/memcached
• https://github.com/openvswitch/ovs
• https://github.com/mm2/Little-CMS
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/szukw000/openjpeg
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/kamailio/kamailio
• https://github.com/vadz/libtiff
• https://github.com/curl/curl
• https://github.com/dovecot/core
• https://github.com/znc/znc
• https://github.com/horde/horde
• https://github.com/mono/mono
• https://github.com/haproxy/haproxy
• https://github.com/dom4j/dom4j
• https://github.com/ansible/ansible
• https://github.com/mapserver/mapserver
• https://github.com/apache/httpd
• https://github.com/stoth68000/media-tree
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/antlarr/audiofile
• https://github.com/shadow-maint/shadow
• https://github.com/codehaus-plexus/plexus-utils
• https://github.com/lxml/lxml
• https://github.com/GStreamer/gst-plugins-ugly
• https://github.com/erikd/libsndfile
• https://github.com/ruby/openssl
• https://github.com/python/cpython
• https://github.com/akrennmair/newsbeuter
• https://github.com/beanshell/beanshell
• https://github.com/paramiko/paramiko
• https://github.com/openssh/openssh-portable
• https://github.com/git/git
• https://github.com/openbsd/src
• git://git.openssl.org/openssl.git
• https://github.com/weechat/weechat
• https://github.com/cyu/rack-cors
• https://github.com/mysql/mysql-server
• https://github.com/Exim/exim
• https://github.com/GNOME/nautilus
• https://github.com/varnishcache/varnish-cache
• https://github.com/inverse-inc/sogo
• https://github.com/phusion/passenger
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/karelzak/util-linux
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/golang/go
• https://github.com/sleuthkit/sleuthkit
• https://github.com/zhutougg/c3p0
• https://github.com/flori/json
• https://github.com/symfony/symfony
• https://github.com/eldy/awstats
• https://github.com/jcupitt/libvips
• https://github.com/simplesamlphp/saml2
• https://github.com/DanBloomberg/leptonica
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/TeX-Live/texlive-source
• https://github.com/resiprocate/resiprocate
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/westes/flex
• https://github.com/mjg59/pupnp-code
• https://github.com/collectd/collectd
• https://github.com/django/django
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/jpirko/libndp
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/varnish/Varnish-Cache
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/file/file
• https://github.com/ellson/graphviz
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki
• https://github.com/jquery/jquery-ui

#Vulnerabilities

5223

Date	Id	Summary	Products	Score	Patch	Annotated
2009-08-06	CVE-2009-2625	XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.	Xerces2_java, Ubuntu_linux, Debian_linux, Fedora, Opensuse, Jdk, Primavera_p6_enterprise_project_portfolio_management, Primavera_web_services, Linux_enterprise_server	N/A
2016-02-15	CVE-2016-0742	The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.	Ubuntu_linux, Debian_linux, Nginx, Leap	7.5
2016-02-15	CVE-2016-0746	Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing.	Ubuntu_linux, Debian_linux, Nginx, Leap	9.8
2016-02-15	CVE-2016-0747	The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.	Ubuntu_linux, Debian_linux, Nginx, Leap	5.3
2018-11-07	CVE-2018-16843	nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.	Ubuntu_linux, Debian_linux, Nginx, Leap	7.5
2018-11-07	CVE-2018-16844	nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.	Ubuntu_linux, Debian_linux, Nginx	7.5
2018-11-07	CVE-2018-16845	nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an...	Ubuntu_linux, Debian_linux, Nginx, Leap	6.1
2020-04-28	CVE-2020-10663	The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.	Macos, Debian_linux, Fedora, Json, Leap	7.5
2020-05-13	CVE-2020-3327	A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.	Ubuntu_linux, Clam_antivirus, Debian_linux, Fedora	7.5
2020-12-14	CVE-2020-8284	A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.	Debian_linux, Fedora, Curl	3.7