Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-27 | CVE-2019-13452 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13451 | In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. | Debian_linux, Xymon | 9.8 | ||
| 2019-08-27 | CVE-2019-13274 | In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. | Debian_linux, Xymon | 6.1 | ||
| 2019-08-15 | CVE-2019-11187 | Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided. | Debian_linux, Gosa | 9.8 | ||
| 2018-11-16 | CVE-2018-16395 | An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be... | Ubuntu_linux, Debian_linux, Enterprise_linux, Openssl, Ruby | 9.8 | ||
| 2019-06-28 | CVE-2019-13031 | LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule. | Debian_linux, Lemonldap\:\: | 8.1 | ||
| 2018-10-09 | CVE-2018-18088 | OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c | Debian_linux, Openjpeg | 6.5 | ||
| 2018-11-06 | CVE-2018-9422 | In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstream kernel. | Debian_linux, Android | 7.8 | ||
| 2018-03-01 | CVE-2018-7584 | In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. | Ubuntu_linux, Debian_linux, Php | 9.8 | ||
| 2018-01-16 | CVE-2018-5712 | An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. | Ubuntu_linux, Debian_linux, Php | 6.1 |