Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2018-04-13 | CVE-2017-0369 | Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it. | Debian_linux, Mediawiki | 6.5 | ||
2018-04-13 | CVE-2017-0367 | Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure. | Debian_linux, Mediawiki | 8.8 | ||
2018-04-13 | CVE-2017-0358 | Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. | Debian_linux, Ntfs\-3g | 7.8 | ||
2018-06-19 | CVE-2018-12565 | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur. | Debian_linux, Lava | N/A | ||
2017-12-15 | CVE-2017-17405 | Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following the pipe character is executed. The default value of localfile is File.basename(remotefile), so malicious FTP servers could cause arbitrary command execution. | Debian_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Ruby | 8.8 | ||
2019-02-05 | CVE-2018-8800 | rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution. | Debian_linux, Rdesktop | 9.8 | ||
2019-02-05 | CVE-2018-8799 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault). | Debian_linux, Rdesktop | 7.5 | ||
2019-02-05 | CVE-2018-8798 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak. | Debian_linux, Rdesktop | 7.5 | ||
2019-02-05 | CVE-2018-8797 | rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. | Debian_linux, Rdesktop | 9.8 | ||
2019-02-05 | CVE-2018-8796 | rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault). | Debian_linux, Rdesktop | 7.5 |