Debian_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/WordPress/WordPress
• https://github.com/FFmpeg/FFmpeg
• https://github.com/rdesktop/rdesktop

More/Less (143)

• https://github.com/krb5/krb5
• https://github.com/neomutt/neomutt
• https://github.com/FasterXML/jackson-databind
• https://github.com/file/file
• https://github.com/php/php-src
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/redmine/redmine
• https://github.com/dbry/WavPack
• https://github.com/rubygems/rubygems
• https://github.com/bcgit/bc-java
• https://github.com/uclouvain/openjpeg
• https://github.com/libgd/libgd
• https://github.com/kyz/libmspack
• https://github.com/mantisbt/mantisbt
• https://github.com/gpac/gpac
• https://github.com/newsoft/libvncserver
• https://github.com/madler/zlib
• https://github.com/libgit2/libgit2
• https://github.com/mdadams/jasper
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mruby/mruby
• https://github.com/uriparser/uriparser
• https://github.com/LibRaw/LibRaw
• https://github.com/ceph/ceph
• https://github.com/verdammelt/tnef
• https://github.com/libevent/libevent
• https://github.com/antirez/redis
• https://github.com/Yeraze/ytnef
• https://github.com/Perl/perl5
• https://github.com/ntp-project/ntp
• https://github.com/openssl/openssl
• https://github.com/LibVNC/libvncserver
• https://github.com/ARMmbed/mbedtls
• https://github.com/inspircd/inspircd
• https://github.com/OTRS/otrs
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/apache/httpd
• https://github.com/mm2/Little-CMS
• https://github.com/curl/curl
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/jquery/jquery-ui
• https://github.com/openbsd/src
• https://github.com/szukw000/openjpeg
• https://github.com/mysql/mysql-server
• https://github.com/memcached/memcached
• https://github.com/openvswitch/ovs
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/kamailio/kamailio
• https://github.com/vadz/libtiff
• https://github.com/dovecot/core
• https://github.com/znc/znc
• https://github.com/horde/horde
• https://github.com/mono/mono
• git://git.openssl.org/openssl.git
• https://github.com/esnet/iperf
• https://github.com/haproxy/haproxy
• https://github.com/codehaus-plexus/plexus-utils
• https://github.com/ellson/graphviz
• https://github.com/dajobe/raptor
• https://github.com/DanBloomberg/leptonica
• https://github.com/django/django
• https://github.com/collectd/collectd
• https://github.com/weechat/weechat
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/akrennmair/newsbeuter
• https://github.com/dom4j/dom4j
• https://github.com/sleuthkit/sleuthkit
• https://github.com/python/cpython
• https://github.com/zhutougg/c3p0
• https://github.com/golang/go
• https://github.com/westes/flex
• https://github.com/jcupitt/libvips
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/jpirko/libndp
• https://github.com/inverse-inc/sogo
• https://github.com/varnish/Varnish-Cache
• https://github.com/varnishcache/varnish-cache
• https://github.com/paramiko/paramiko
• https://github.com/resiprocate/resiprocate
• https://github.com/nih-at/libzip
• https://github.com/twigphp/Twig
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/vim/vim
• https://github.com/smarty-php/smarty
• https://github.com/symfony/symfony
• https://github.com/ansible/ansible
• https://github.com/mapserver/mapserver
• https://github.com/stoth68000/media-tree
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/antlarr/audiofile
• https://github.com/shadow-maint/shadow
• https://github.com/lxml/lxml
• https://github.com/GStreamer/gst-plugins-ugly
• https://github.com/erikd/libsndfile
• https://github.com/ruby/openssl
• https://github.com/beanshell/beanshell
• https://github.com/git/git
• https://github.com/cyu/rack-cors
• https://github.com/Exim/exim
• https://github.com/GNOME/nautilus
• https://github.com/phusion/passenger
• https://github.com/karelzak/util-linux
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/flori/json
• https://github.com/eldy/awstats
• https://github.com/simplesamlphp/saml2
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/TeX-Live/texlive-source
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/mjg59/pupnp-code
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki

#Vulnerabilities

9122

Date	Id	Summary	Products	Score	Patch	Annotated
2018-12-14	CVE-2018-20147	In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.	Debian_linux, Wordpress	6.5
2018-11-26	CVE-2018-19539	An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.	Debian_linux, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server	6.5
2018-11-23	CVE-2018-19490	An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.	Debian_linux, Gnuplot, Leap	7.8
2018-11-08	CVE-2018-19115	keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.	Debian_linux, Keepalived, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	9.8
2019-02-28	CVE-2018-18498	A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. This leads to a possible out-of-bounds write. This vulnerability affects Thunderbird < 60.4, Firefox ESR < 60.4, and Firefox < 64.	Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Thunderbird, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation	9.8
2018-10-30	CVE-2018-18281	Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.	Ubuntu_linux, Debian_linux, Linux_kernel	7.8
2018-10-09	CVE-2018-17962	Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.	Ubuntu_linux, Debian_linux, Linux, Qemu, Linux, Linux_enterprise_server	7.5
2014-01-16	CVE-2013-6643	The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows attackers to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.	Debian_linux, Chrome, Opensuse	N/A
2012-02-01	CVE-2012-0449	Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document.	Debian_linux, Firefox, Seamonkey, Thunderbird, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A
2012-02-01	CVE-2012-0444	Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file.	Ubuntu_linux, Debian_linux, Firefox, Seamonkey, Thunderbird, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit	N/A