Filtered by vendor Debian
Subscribe
Total
8961 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1902 | 1 Debian | 1 Aptlinex | 2017-08-08 | 5.0 MEDIUM | N/A |
| The GUI for aptlinex before 0.91 does not sufficiently warn the user of potentially dangerous actions, which allows remote attackers to remove or modify packages via an apt:// URL. | |||||
| CVE-2008-1901 | 1 Debian | 1 Aptlinex | 2017-08-08 | 7.2 HIGH | N/A |
| aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. | |||||
| CVE-2008-1877 | 1 Debian | 1 Tss | 2017-08-08 | 2.1 LOW | N/A |
| tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges. | |||||
| CVE-2008-1569 | 2 Debian, Policyd-weight | 2 Debian Linux, Policyd-weight | 2017-08-08 | 3.3 LOW | N/A |
| policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket. | |||||
| CVE-2008-0167 | 2 Debian, Gforge | 2 Debian Linux, Gforge | 2017-08-08 | 4.6 MEDIUM | N/A |
| The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances. | |||||
| CVE-2016-7045 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2017-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string. | |||||
| CVE-2016-7044 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2017-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code. | |||||
| CVE-2007-6220 | 2 Debian, Typespeed | 2 Debian Linux, Typespeed | 2017-07-29 | 5.0 MEDIUM | N/A |
| typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error. | |||||
| CVE-2007-5827 | 2 Debian, Iscsitarget | 2 Debian Linux, Iscsitarget | 2017-07-29 | 2.1 LOW | N/A |
| iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords. | |||||
| CVE-2007-5795 | 2 Debian, Gnu | 2 Debian Linux, Emacs | 2017-07-29 | 6.3 MEDIUM | N/A |
| The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration. | |||||
| CVE-2007-5718 | 2 Debian, Vobcopy | 2 Debian Linux, Vobcopy | 2017-07-29 | 4.9 MEDIUM | N/A |
| vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file. | |||||
| CVE-2007-5207 | 1 Debian | 1 Guilt | 2017-07-29 | 3.3 LOW | N/A |
| guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file. | |||||
| CVE-2007-3912 | 1 Debian | 1 Debian-goodies | 2017-07-29 | 7.2 HIGH | N/A |
| checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process. | |||||
| CVE-2007-2839 | 1 Debian | 1 Gfax | 2017-07-29 | 7.2 HIGH | N/A |
| gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors. | |||||
| CVE-2007-2838 | 2 Debian, Gsambad | 2 Debian Linux, Gsambad | 2017-07-29 | 7.2 HIGH | N/A |
| The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file. | |||||
| CVE-2007-2837 | 2 Debian, Fireflier | 2 Debian Linux, Fireflier | 2017-07-29 | 3.6 LOW | N/A |
| The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file. | |||||
| CVE-2007-2835 | 2 Debian, Unicon-imc2 | 2 Debian Linux, Unicon-imc2 | 2017-07-29 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable. | |||||
| CVE-2007-2029 | 2 Clam Anti-virus, Debian | 2 Clamav, Debian Linux | 2017-07-29 | 7.8 HIGH | N/A |
| File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file. | |||||
| CVE-2007-1665 | 2 Debian, Ekg | 2 Debian Linux, Ekg | 2017-07-29 | 5.0 MEDIUM | N/A |
| Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service. | |||||
| CVE-2007-1664 | 2 Debian, Ekg | 2 Debian Linux, Ekg | 2017-07-29 | 5.0 MEDIUM | N/A |
| ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality. | |||||