Debian_linux - Vulncode-DB

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/WordPress/WordPress
• https://github.com/rdesktop/rdesktop
• https://github.com/FFmpeg/FFmpeg
• https://github.com/neomutt/neomutt

More/Less (119)

• https://github.com/FasterXML/jackson-databind
• https://github.com/ImageMagick/ImageMagick
• https://github.com/redmine/redmine
• https://github.com/rubygems/rubygems
• https://github.com/dbry/WavPack
• https://github.com/bcgit/bc-java
• https://github.com/krb5/krb5
• https://github.com/kyz/libmspack
• https://github.com/libgd/libgd
• https://github.com/gpac/gpac
• https://github.com/mantisbt/mantisbt
• https://github.com/newsoft/libvncserver
• https://github.com/ceph/ceph
• https://github.com/uriparser/uriparser
• https://github.com/FreeRDP/FreeRDP
• https://github.com/LibRaw/LibRaw
• https://github.com/verdammelt/tnef
• https://github.com/LibVNC/libvncserver
• https://github.com/libgit2/libgit2
• https://github.com/mdadams/jasper
• https://github.com/openssl/openssl
• https://github.com/OTRS/otrs
• https://github.com/Perl/perl5
• https://github.com/php/php-src
• https://github.com/antirez/redis
• https://github.com/Yeraze/ytnef
• https://github.com/ARMmbed/mbedtls
• https://github.com/inspircd/inspircd
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/libevent/libevent
• https://github.com/ntp-project/ntp
• https://github.com/curl/curl
• https://github.com/dovecot/core
• https://github.com/szukw000/openjpeg
• https://github.com/memcached/memcached
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/kamailio/kamailio
• https://github.com/mm2/Little-CMS
• https://github.com/znc/znc
• https://github.com/uclouvain/openjpeg
• https://github.com/vadz/libtiff
• https://github.com/horde/horde
• https://github.com/mono/mono
• https://github.com/varnishcache/varnish-cache
• https://github.com/inverse-inc/sogo
• https://github.com/phusion/passenger
• https://github.com/openssh/openssh-portable
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/karelzak/util-linux
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/beanshell/beanshell
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://github.com/openbsd/src
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/dom4j/dom4j
• https://github.com/golang/go
• https://github.com/sleuthkit/sleuthkit
• https://github.com/zhutougg/c3p0
• https://github.com/flori/json
• https://github.com/symfony/symfony
• https://github.com/akrennmair/newsbeuter
• https://github.com/eldy/awstats
• https://github.com/libyal/libevt
• https://github.com/jcupitt/libvips
• https://github.com/paramiko/paramiko
• https://github.com/simplesamlphp/saml2
• https://github.com/DanBloomberg/leptonica
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/python/cpython
• https://github.com/lxml/lxml
• https://github.com/git/git
• https://github.com/TeX-Live/texlive-source
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/resiprocate/resiprocate
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/apache/httpd
• https://github.com/weechat/weechat
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/mapserver/mapserver
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/westes/flex
• https://github.com/mjg59/pupnp-code
• https://github.com/collectd/collectd
• https://github.com/django/django
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/jpirko/libndp
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/mysql/mysql-server
• https://github.com/varnish/Varnish-Cache
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/file/file
• https://github.com/ellson/graphviz
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki
• https://github.com/jquery/jquery-ui

#Vulnerabilities

3522

Date	ID	Summary	Products	Score
2019-08-15	CVE-2019-12854	Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.	Debian_linux, Fedora, Squid	7.5
2018-03-27	CVE-2018-8048	In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.	Debian_linux, Loofah	6.1
2017-11-16	CVE-2017-8807	vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sensitive information from process memory because a VFP_GetStorage buffer is larger than intended in certain circumstances involving -sfile Stevedore transient objects.	Debian_linux, Varnish	N/A
2019-11-20	CVE-2019-3466	The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.	Ubuntu_linux, Debian_linux, Postgresql\-Common	N/A
2019-11-19	CVE-2016-1000236	Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.	Cookie\-Signature, Debian_linux	N/A
2019-11-20	CVE-2015-3167	contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.	Ubuntu_linux, Debian_linux, Postgresql	N/A
2019-11-20	CVE-2015-3166	The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.	Ubuntu_linux, Debian_linux, Postgresql	N/A
2019-11-20	CVE-2015-1606	The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.	Debian_linux, Gnupg	N/A
2019-11-20	CVE-2012-6136	tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.	Debian_linux, Fedora, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Tuned	N/A
2019-11-19	CVE-2012-0843	uzbl: Information disclosure via world-readable cookies storage file	Debian_linux, Uzbl	N/A

Product: Debian_linux (Debian)

Product:
Debian_linux
(Debian)