Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-01-16 | CVE-2017-3142 | An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1,... | Debian_linux, Bind, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 3.7 | ||
2018-07-10 | CVE-2018-1129 | A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. | Ceph, Debian_linux, Leap, Ceph_storage, Ceph_storage_mon, Ceph_storage_osd, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
2019-08-27 | CVE-2019-13486 | In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c. | Debian_linux, Xymon | 9.8 | ||
2019-08-27 | CVE-2019-13485 | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c. | Debian_linux, Xymon | 9.8 | ||
2019-08-27 | CVE-2019-13484 | In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c. | Debian_linux, Xymon | 9.8 | ||
2019-08-27 | CVE-2019-13455 | In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. | Debian_linux, Xymon | 9.8 | ||
2019-08-27 | CVE-2019-13452 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. | Debian_linux, Xymon | 9.8 | ||
2019-08-27 | CVE-2019-13451 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. | Debian_linux, Xymon | 9.8 | ||
2019-08-27 | CVE-2019-13274 | In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. | Debian_linux, Xymon | 6.1 | ||
2019-08-15 | CVE-2019-11187 | Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided. | Debian_linux, Gosa | 9.8 |