Debian_linux - Vulncode-DB

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/WordPress/WordPress
• https://github.com/rdesktop/rdesktop
• https://github.com/neomutt/neomutt

More/Less (127)

• https://github.com/FFmpeg/FFmpeg
• https://github.com/FasterXML/jackson-databind
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/redmine/redmine
• https://github.com/rubygems/rubygems
• https://github.com/dbry/WavPack
• https://github.com/bcgit/bc-java
• https://github.com/krb5/krb5
• https://github.com/libgd/libgd
• https://github.com/kyz/libmspack
• https://github.com/gpac/gpac
• https://github.com/mantisbt/mantisbt
• https://github.com/newsoft/libvncserver
• https://github.com/LibRaw/LibRaw
• https://github.com/ceph/ceph
• https://github.com/php/php-src
• https://github.com/uriparser/uriparser
• https://github.com/FreeRDP/FreeRDP
• https://github.com/verdammelt/tnef
• https://github.com/LibVNC/libvncserver
• https://github.com/inspircd/inspircd
• https://github.com/libgit2/libgit2
• https://github.com/Perl/perl5
• https://github.com/OTRS/otrs
• https://github.com/antirez/redis
• https://github.com/ARMmbed/mbedtls
• https://github.com/mdadams/jasper
• https://github.com/openssl/openssl
• https://github.com/Yeraze/ytnef
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/libevent/libevent
• https://github.com/ntp-project/ntp
• https://github.com/szukw000/openjpeg
• https://github.com/uclouvain/openjpeg
• https://github.com/mm2/Little-CMS
• https://github.com/memcached/memcached
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/kamailio/kamailio
• https://github.com/vadz/libtiff
• https://github.com/curl/curl
• https://github.com/dovecot/core
• https://github.com/znc/znc
• https://github.com/horde/horde
• https://github.com/mono/mono
• https://github.com/lxml/lxml
• https://github.com/GStreamer/gst-plugins-ugly
• https://github.com/erikd/libsndfile
• https://github.com/ruby/openssl
• https://github.com/python/cpython
• https://github.com/akrennmair/newsbeuter
• https://github.com/beanshell/beanshell
• https://github.com/libyal/libevt
• https://github.com/paramiko/paramiko
• https://github.com/apache/httpd
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/openssh/openssh-portable
• https://github.com/git/git
• https://github.com/openbsd/src
• git://git.openssl.org/openssl.git
• https://github.com/dom4j/dom4j
• https://github.com/weechat/weechat
• https://github.com/cyu/rack-cors
• https://github.com/mysql/mysql-server
• https://github.com/Exim/exim
• https://github.com/GNOME/nautilus
• https://github.com/varnishcache/varnish-cache
• https://github.com/inverse-inc/sogo
• https://github.com/phusion/passenger
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/karelzak/util-linux
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/golang/go
• https://github.com/sleuthkit/sleuthkit
• https://github.com/zhutougg/c3p0
• https://github.com/flori/json
• https://github.com/symfony/symfony
• https://github.com/eldy/awstats
• https://github.com/jcupitt/libvips
• https://github.com/simplesamlphp/saml2
• https://github.com/DanBloomberg/leptonica
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/TeX-Live/texlive-source
• https://github.com/resiprocate/resiprocate
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/mapserver/mapserver
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/westes/flex
• https://github.com/mjg59/pupnp-code
• https://github.com/collectd/collectd
• https://github.com/django/django
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/jpirko/libndp
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/varnish/Varnish-Cache
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/file/file
• https://github.com/ellson/graphviz
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki
• https://github.com/jquery/jquery-ui

#Vulnerabilities

4341

Date	Id	Summary	Products	Score	Patch	Annotated
2020-11-04	CVE-2020-8037	The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.	Debian_linux, Tcpdump	7.5
2020-09-09	CVE-2020-25219	url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.	Debian_linux, Libproxy	7.5
2020-09-04	CVE-2020-24977	GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.	Debian_linux, Fedora, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Hci_h410c_firmware, Inventory_collect_tool, Manageability_software_development_kit, Snapdrive, Leap, Libxml2	6.5
2018-12-02	CVE-2018-19787	An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.	Ubuntu_linux, Debian_linux, Lxml	6.1
2020-06-11	CVE-2020-0198	In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941	Debian_linux, Android	7.5
2020-11-10	CVE-2020-25074	The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.	Debian_linux, Moinmoin	9.8
2020-11-18	CVE-2020-28367	Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.	Debian_linux, Fedora, Go	7.5
2019-08-20	CVE-2019-10086	In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.	Commons_beanutils, Debian_linux	7.3
2015-04-01	CVE-2015-2808	The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.	Ubuntu_linux, Debian_linux, Sparc_enterprise_m3000_firmware, Sparc_enterprise_m4000_firmware, Sparc_enterprise_m5000_firmware, Sparc_enterprise_m8000_firmware, Sparc_enterprise_m9000_firmware, 9700_firmware, E6000_firmware, E9000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_9000_firmware, Oceanstor_cse_firmware, Oceanstor_hvs85t_firmware, Oceanstor_replicationdirector, Oceanstor_s2600t_firmware, Oceanstor_s5500t_firmware, Oceanstor_s5600t_firmware, Oceanstor_s5800t_firmware, Oceanstor_s6800t_firmware, Oceanstor_vis6600t_firmware, Policy_center, Quidway_s9300_firmware, S12700_firmware, S2700_firmware, S2750_firmware, S3700_firmware, S5700ei_firmware, S5700hi_firmware, S5700li_firmware, S5700s\-Li_firmware, S5700si_firmware, S5710ei_firmware, S5710hi_firmware, S5720ei_firmware, S5720hi_firmware, S6700_firmware, S7700_firmware, Smc2\.0, Te60_firmware, Ultravr, Cognos_metrics_manager, Opensuse, Communications_application_session_controller, Communications_policy_management, Http_server, Integrated_lights_out_manager_firmware, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Satellite, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Manager	N/A
2019-02-17	CVE-2016-10742	Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.	Debian_linux, Zabbix	6.1