Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-11-13 | CVE-2010-5108 | Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions. | Debian_linux, Trac | N/A | ||
2019-11-13 | CVE-2010-4664 | In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. | Consolekit, Debian_linux, Enterprise_linux | N/A | ||
2019-11-13 | CVE-2010-4654 | poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | Debian_linux, Poppler | N/A | ||
2019-11-13 | CVE-2012-4385 | letodms 3.3.6 has CSRF via change password | Debian_linux, Letodms | N/A | ||
2019-11-14 | CVE-2011-0544 | phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. | Debian_linux, Phpbb | N/A | ||
2019-11-13 | CVE-2010-4533 | offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies. | Debian_linux, Offlineimap | N/A | ||
2019-11-12 | CVE-2010-3359 | If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account. | Debian_linux, Gargoyle | N/A | ||
2019-11-13 | CVE-2012-4384 | letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar | Debian_linux, Letodms | N/A | ||
2019-11-12 | CVE-2011-3618 | atop: symlink attack possible due to insecure tempfile handling | Atop, Debian_linux | N/A | ||
2019-11-13 | CVE-2010-4532 | offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks. | Debian_linux, Offlineimap | N/A |