Debian_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/WordPress/WordPress
• https://github.com/FFmpeg/FFmpeg
• https://github.com/rdesktop/rdesktop

More/Less (143)

• https://github.com/krb5/krb5
• https://github.com/neomutt/neomutt
• https://github.com/FasterXML/jackson-databind
• https://github.com/file/file
• https://github.com/php/php-src
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/redmine/redmine
• https://github.com/dbry/WavPack
• https://github.com/rubygems/rubygems
• https://github.com/bcgit/bc-java
• https://github.com/uclouvain/openjpeg
• https://github.com/libgd/libgd
• https://github.com/kyz/libmspack
• https://github.com/mantisbt/mantisbt
• https://github.com/gpac/gpac
• https://github.com/newsoft/libvncserver
• https://github.com/madler/zlib
• https://github.com/libgit2/libgit2
• https://github.com/mdadams/jasper
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mruby/mruby
• https://github.com/uriparser/uriparser
• https://github.com/LibRaw/LibRaw
• https://github.com/ceph/ceph
• https://github.com/verdammelt/tnef
• https://github.com/libevent/libevent
• https://github.com/antirez/redis
• https://github.com/Yeraze/ytnef
• https://github.com/Perl/perl5
• https://github.com/ntp-project/ntp
• https://github.com/openssl/openssl
• https://github.com/LibVNC/libvncserver
• https://github.com/ARMmbed/mbedtls
• https://github.com/inspircd/inspircd
• https://github.com/OTRS/otrs
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/apache/httpd
• https://github.com/mm2/Little-CMS
• https://github.com/curl/curl
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/jquery/jquery-ui
• https://github.com/openbsd/src
• https://github.com/szukw000/openjpeg
• https://github.com/mysql/mysql-server
• https://github.com/memcached/memcached
• https://github.com/openvswitch/ovs
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/kamailio/kamailio
• https://github.com/vadz/libtiff
• https://github.com/dovecot/core
• https://github.com/znc/znc
• https://github.com/horde/horde
• https://github.com/mono/mono
• git://git.openssl.org/openssl.git
• https://github.com/esnet/iperf
• https://github.com/haproxy/haproxy
• https://github.com/codehaus-plexus/plexus-utils
• https://github.com/ellson/graphviz
• https://github.com/dajobe/raptor
• https://github.com/DanBloomberg/leptonica
• https://github.com/django/django
• https://github.com/collectd/collectd
• https://github.com/weechat/weechat
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/akrennmair/newsbeuter
• https://github.com/dom4j/dom4j
• https://github.com/sleuthkit/sleuthkit
• https://github.com/python/cpython
• https://github.com/zhutougg/c3p0
• https://github.com/golang/go
• https://github.com/westes/flex
• https://github.com/jcupitt/libvips
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/jpirko/libndp
• https://github.com/inverse-inc/sogo
• https://github.com/varnish/Varnish-Cache
• https://github.com/varnishcache/varnish-cache
• https://github.com/paramiko/paramiko
• https://github.com/resiprocate/resiprocate
• https://github.com/nih-at/libzip
• https://github.com/twigphp/Twig
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/vim/vim
• https://github.com/smarty-php/smarty
• https://github.com/symfony/symfony
• https://github.com/ansible/ansible
• https://github.com/mapserver/mapserver
• https://github.com/stoth68000/media-tree
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/antlarr/audiofile
• https://github.com/shadow-maint/shadow
• https://github.com/lxml/lxml
• https://github.com/GStreamer/gst-plugins-ugly
• https://github.com/erikd/libsndfile
• https://github.com/ruby/openssl
• https://github.com/beanshell/beanshell
• https://github.com/git/git
• https://github.com/cyu/rack-cors
• https://github.com/Exim/exim
• https://github.com/GNOME/nautilus
• https://github.com/phusion/passenger
• https://github.com/karelzak/util-linux
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/flori/json
• https://github.com/eldy/awstats
• https://github.com/simplesamlphp/saml2
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/TeX-Live/texlive-source
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/mjg59/pupnp-code
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki

#Vulnerabilities

9122

Date	Id	Summary	Products	Score	Patch	Annotated
2019-05-07	CVE-2019-11810	An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.	Ubuntu_linux, Debian_linux, Linux_kernel	7.5
2011-09-06	CVE-2011-3389	The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the...	Ubuntu_linux, Debian_linux, Chrome, Curl, Internet_explorer, Windows, Firefox, Opera_browser, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Simatic_rf615r_firmware, Simatic_rf68xr_firmware	N/A
2017-08-29	CVE-2017-13755	In The Sleuth Kit (TSK) 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660_proc_dir() in tsk/fs/iso9660_dent.c in libtskfs.a, as demonstrated by fls.	Debian_linux, The_sleuth_kit	5.5
2017-08-29	CVE-2017-13756	In The Sleuth Kit (TSK) 4.4.2, opening a crafted disk image triggers infinite recursion in dos_load_ext_table() in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls.	Debian_linux, The_sleuth_kit	5.5
2017-08-29	CVE-2017-13760	In The Sleuth Kit (TSK) 4.4.2, fls hangs on a corrupt exfat image in tsk_img_read() in tsk/img/img_io.c in libtskimg.a.	Debian_linux, The_sleuth_kit	5.5
2018-05-21	CVE-2018-1108	kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.	Ubuntu_linux, Debian_linux, Linux_kernel	5.9
2020-04-08	CVE-2020-11653	An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss.	Debian_linux, Backports_sle, Leap, Varnish_cache, Varnish_cache	7.5
2018-04-19	CVE-2018-2771	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0...	Ubuntu_linux, Debian_linux, Mariadb, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Mysql, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack	4.4
2019-07-18	CVE-2019-1010069	moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae.	Debian_linux, Abcm2ps	5.5
2019-12-26	CVE-2019-16780	WordPress users with lower privileges (like contributors) can inject JavaScript code in the block editor using a specific payload, which is executed within the dashboard. This can lead to XSS if an admin opens the post in the editor. Execution of this attack does require an authenticated user. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release. Automatic updates are enabled by default for minor releases and we strongly...	Debian_linux, Wordpress	5.4