Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-11-03 | CVE-2021-38502 | Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected authentication method was configured, the MITM could obtain the authentication credentials, too. This vulnerability affects Thunderbird < 91.2. | Debian_linux, Thunderbird | 5.9 | ||
2021-05-11 | CVE-2020-26147 | An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. | C\-65_firmware, C\-75_firmware, O\-90_firmware, W\-68_firmware, Debian_linux, Linux_kernel, Scalance_w1700_ieee_802\.11ac_firmware, Scalance_w700_ieee_802\.11n_firmware | 5.4 | ||
2017-05-19 | CVE-2017-9078 | The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled. | Debian_linux, Dropbear_ssh, H410c_firmware | 8.8 | ||
2022-06-13 | CVE-2022-32278 | XFCE 4.16 allows attackers to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server. | Debian_linux, Exo | 8.8 | ||
2022-06-27 | CVE-2022-31086 | LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnerability could lead to a Remote Code Execution if the /config/templates/pdf/ directory is accessible for remote users. This is not a default configuration of LAM. This issue has been fixed in version 8.0. There are no known workarounds for this issue. | Debian_linux, Ldap_account_manager | 8.8 | ||
2022-06-27 | CVE-2022-31088 | LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0. | Debian_linux, Ldap_account_manager | 5.3 | ||
2008-04-10 | CVE-2008-1721 | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | Ubuntu_linux, Debian_linux, Python | N/A | ||
2008-08-01 | CVE-2008-3142 | Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | Ubuntu_linux, Debian_linux, Python | N/A | ||
2012-10-17 | CVE-2012-3177 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server. | Ubuntu_linux, Debian_linux, Mariadb, Mysql, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
2015-01-21 | CVE-2015-0411 | Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption. | Ubuntu_linux, Debian_linux, Fedora, Mariadb, Communications_policy_management, Mysql, Solaris, Enterprise_linux | N/A |