Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-10-31 | CVE-2013-1951 | A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names. | Debian_linux, Mediawiki | N/A | ||
| 2019-10-31 | CVE-2013-1910 | yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | Yum, Debian_linux | N/A | ||
| 2019-10-29 | CVE-2011-1408 | ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. | Debian_linux, Ikiwiki | N/A | ||
| 2019-10-30 | CVE-2010-0749 | Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame. | Debian_linux, Transmission | N/A | ||
| 2019-10-30 | CVE-2010-0748 | Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link. | Debian_linux, Transmission | N/A | ||
| 2019-11-06 | CVE-2007-0899 | There is a possible heap overflow in libclamav/fsg.c before 0.100.0. | Clamav, Debian_linux | N/A | ||
| 2019-11-06 | CVE-2006-4245 | archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. | Archivemail, Debian_linux | N/A | ||
| 2019-11-04 | CVE-2005-4890 | There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. | Debian_linux, Shadow, Enterprise_linux, Sudo | N/A | ||
| 2016-11-02 | CVE-2016-8864 | named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. | Debian_linux, Bind, Data_ontap_edge, Solidfire, Steelstore_cloud_integrated_storage, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2020-02-24 | CVE-2015-9542 | add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary code execution might be possible, depending on the application, C library, compiler, and other factors. | Ubuntu_linux, Debian_linux, Pam_radius | N/A |