Product:

Debian_linux

(Debian)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/WordPress/WordPress
https://github.com/FFmpeg/FFmpeg
https://github.com/krb5/krb5
https://github.com/rdesktop/rdesktop
https://github.com/neomutt/neomutt
https://github.com/FasterXML/jackson-databind
https://github.com/the-tcpdump-group/tcpdump
https://github.com/redmine/redmine
https://github.com/rubygems/rubygems
https://github.com/dbry/WavPack
https://github.com/uclouvain/openjpeg
https://github.com/bcgit/bc-java
https://github.com/mantisbt/mantisbt
https://github.com/libgd/libgd
https://github.com/kyz/libmspack
https://github.com/gpac/gpac
https://github.com/newsoft/libvncserver
https://github.com/mdadams/jasper
https://github.com/LibRaw/LibRaw
https://github.com/ceph/ceph
https://github.com/php/php-src
https://github.com/uriparser/uriparser
https://github.com/FreeRDP/FreeRDP
https://github.com/verdammelt/tnef
https://github.com/ntp-project/ntp
https://github.com/LibVNC/libvncserver
https://github.com/inspircd/inspircd
https://github.com/libgit2/libgit2
https://github.com/Perl/perl5
https://github.com/OTRS/otrs
https://github.com/antirez/redis
https://github.com/ARMmbed/mbedtls
https://github.com/openssl/openssl
https://github.com/Yeraze/ytnef
https://github.com/python-pillow/Pillow
https://github.com/perl5-dbi/DBD-mysql
https://github.com/libevent/libevent
https://github.com/openvswitch/ovs
https://github.com/SpiderLabs/ModSecurity
https://github.com/szukw000/openjpeg
https://github.com/mm2/Little-CMS
https://github.com/memcached/memcached
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/kamailio/kamailio
https://github.com/vadz/libtiff
https://github.com/curl/curl
https://github.com/dovecot/core
https://github.com/znc/znc
https://github.com/horde/horde
https://github.com/mono/mono
https://github.com/antlarr/audiofile
https://github.com/apache/httpd
https://github.com/shadow-maint/shadow
https://github.com/ansible/ansible
https://github.com/codehaus-plexus/plexus-utils
https://github.com/lxml/lxml
https://github.com/GStreamer/gst-plugins-ugly
https://github.com/erikd/libsndfile
https://github.com/ruby/openssl
https://github.com/python/cpython
https://github.com/akrennmair/newsbeuter
https://github.com/beanshell/beanshell
https://github.com/paramiko/paramiko
https://github.com/ImageMagick/ImageMagick6
https://github.com/openssh/openssh-portable
https://github.com/git/git
https://github.com/openbsd/src
• git://git.openssl.org/openssl.git
https://github.com/dom4j/dom4j
https://github.com/weechat/weechat
https://github.com/cyu/rack-cors
https://github.com/mysql/mysql-server
https://github.com/Exim/exim
https://github.com/GNOME/nautilus
https://github.com/varnishcache/varnish-cache
https://github.com/inverse-inc/sogo
https://github.com/phusion/passenger
https://github.com/codehaus-plexus/plexus-archiver
https://github.com/karelzak/util-linux
https://git.kernel.org/pub/scm/git/git.git
https://github.com/apple/cups
https://github.com/shadowsocks/shadowsocks-libev
https://github.com/simplesamlphp/simplesamlphp
https://github.com/GNOME/evince
https://github.com/torproject/tor
https://github.com/derickr/timelib
https://github.com/libarchive/libarchive
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/golang/go
https://github.com/sleuthkit/sleuthkit
https://github.com/zhutougg/c3p0
https://github.com/flori/json
https://github.com/symfony/symfony
https://github.com/eldy/awstats
https://github.com/jcupitt/libvips
https://github.com/simplesamlphp/saml2
https://github.com/DanBloomberg/leptonica
https://github.com/anymail/django-anymail
https://github.com/mpv-player/mpv
https://github.com/TeX-Live/texlive-source
https://github.com/resiprocate/resiprocate
https://github.com/vim-syntastic/syntastic
https://github.com/gosa-project/gosa-core
https://github.com/Cisco-Talos/clamav-devel
https://github.com/GNOME/librsvg
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/mapserver/mapserver
https://github.com/splitbrain/dokuwiki
https://github.com/heimdal/heimdal
https://github.com/openstack/swauth
https://github.com/bottlepy/bottle
https://github.com/charybdis-ircd/charybdis
https://github.com/westes/flex
https://github.com/mjg59/pupnp-code
https://github.com/collectd/collectd
https://github.com/django/django
https://git.videolan.org/git/vlc.git
https://github.com/atheme/atheme
https://github.com/jpirko/libndp
https://github.com/fragglet/lhasa
https://github.com/neovim/neovim
https://github.com/Quagga/quagga
https://github.com/rohe/pysaml2
https://github.com/varnish/Varnish-Cache
https://github.com/PHPMailer/PHPMailer
https://github.com/Automattic/Genericons
https://github.com/jmacd/xdelta-devel
https://github.com/file/file
https://github.com/ellson/graphviz
https://github.com/axkibe/lsyncd
https://github.com/quassel/quassel
https://github.com/yarolig/didiwiki
https://github.com/jquery/jquery-ui
#Vulnerabilities 4892
Date Id Summary Products Score Patch Annotated
2019-11-27 CVE-2011-2523 vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. Debian_linux, Vsftpd 9.8
2021-03-05 CVE-2021-28038 An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. Debian_linux, Linux_kernel, Xen 6.5
2021-03-07 CVE-2021-27365 An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message. Debian_linux, Linux_kernel 7.8
2021-03-07 CVE-2021-27363 An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is... Debian_linux, Linux_kernel 4.4
2021-03-07 CVE-2021-27364 An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. Debian_linux, Linux_kernel 7.1
2021-01-27 CVE-2021-26117 The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password. Activemq, Activemq_artemis, Debian_linux, Oncommand_workflow_automation 7.5
2021-03-30 CVE-2021-21409 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a... Debian_linux, Netty 5.9
2021-03-19 CVE-2020-25097 An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by the security controls. This occurs for certain uri_whitespace configuration settings. Debian_linux, Squid 8.6
2021-01-18 CVE-2020-36193 Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. Debian_linux, Drupal, Fedora, Archive_tar 7.5
2021-03-20 CVE-2020-27171 An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d. Debian_linux, Fedora, Linux_kernel 6.0