Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2004-07-07 | CVE-2004-0434 | k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. | Debian_linux, Heimdal | 9.8 | ||
2019-07-15 | CVE-2019-1010006 | Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. | Ubuntu_linux, Debian_linux, Evince, Leap | 7.8 | ||
2021-02-24 | CVE-2020-11987 | Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. | Batik, Debian_linux, Fedora, Agile_engineering_data_management, Banking_apis, Banking_digital_experience, Communications_application_session_controller, Communications_metasolv_solution, Communications_offline_mediation_controller, Enterprise_repository, Flexcube_universal_banking, Fusion_middleware_mapviewer, Instantis_enterprisetrack, Insurance_policy_administration, Product_lifecycle_analytics, Retail_back_office, Retail_central_office, Retail_order_broker, Retail_order_management_system_cloud_service, Retail_point\-Of\-Service, Retail_returns_management, Weblogic_server | 8.2 | ||
2018-03-01 | CVE-2018-7550 | The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | Ubuntu_linux, Debian_linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.8 | ||
2001-03-12 | CVE-2001-0136 | Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed. | Linux, Debian_linux, Mandrake_linux, Proftpd | N/A | ||
2004-09-28 | CVE-2004-0689 | KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | Debian_linux, Kde | 7.1 | ||
2005-05-02 | CVE-2005-1111 | Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | Ubuntu_linux, Debian_linux, Cpio | 4.7 | ||
2005-07-06 | CVE-2005-1916 | linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. | Debian_linux, Ekg | 5.5 | ||
2005-10-12 | CVE-2005-3181 | The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a memory leak that allows attackers to cause a denial of service (memory consumption). | Ubuntu_linux, Debian_linux, Linux_kernel, Linux | N/A | ||
2010-01-08 | CVE-2010-0012 | Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file. | Debian_linux, Opensuse, Transmission | 8.8 |