Filtered by vendor Debian
Subscribe
Total
8961 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0986 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Fedora Core and 1 more | 2017-07-11 | 7.5 HIGH | N/A |
| Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. | |||||
| CVE-2004-0980 | 3 Angus Mackay, Debian, Gentoo | 3 Ez-ipupdate, Debian Linux, Linux | 2017-07-11 | 10.0 HIGH | N/A |
| Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | |||||
| CVE-2004-0964 | 2 Debian, Zinf | 2 Debian Linux, Zinf | 2017-07-11 | 10.0 HIGH | N/A |
| Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file. | |||||
| CVE-2004-0915 | 2 Debian, Viewcvs | 2 Debian Linux, Viewcvs | 2017-07-11 | 5.0 MEDIUM | N/A |
| Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information. | |||||
| CVE-2004-0911 | 1 Debian | 1 Netkit | 2017-07-11 | 5.0 MEDIUM | N/A |
| telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554. | |||||
| CVE-2004-0889 | 11 Debian, Easy Software Products, Gentoo and 8 more | 16 Debian Linux, Cups, Linux and 13 more | 2017-07-11 | 10.0 HIGH | N/A |
| Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | |||||
| CVE-2004-0833 | 1 Debian | 1 Debian Linux | 2017-07-11 | 7.5 HIGH | N/A |
| Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages. | |||||
| CVE-2004-0793 | 1 Debian | 1 Bsdmainutils | 2017-07-11 | 7.2 HIGH | N/A |
| The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. | |||||
| CVE-2004-0770 | 2 Debian, Dgen | 2 Debian Linux, Emulator | 2017-07-11 | 2.1 LOW | N/A |
| romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files. | |||||
| CVE-2004-0583 | 3 Debian, Usermin, Webmin | 3 Debian Linux, Usermin, Webmin | 2017-07-11 | 5.0 MEDIUM | N/A |
| The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. | |||||
| CVE-2004-0579 | 2 Debian, William Deich | 2 Debian Linux, Super | 2017-07-11 | 7.2 HIGH | N/A |
| Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root. | |||||
| CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2017-07-11 | 2.1 LOW | N/A |
| Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | |||||
| CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2017-07-11 | 10.0 HIGH | N/A |
| Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
| CVE-2004-0456 | 3 Debian, Gentoo, Pavuk | 3 Debian Linux, Linux, Pavuk | 2017-07-11 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | |||||
| CVE-2004-0451 | 2 Debian, Sup | 2 Debian Linux, Sup | 2017-07-11 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog. | |||||
| CVE-2003-0648 | 2 Debian, Fte | 2 Debian Linux, Fte Text Editor | 2017-07-11 | 10.0 HIGH | N/A |
| Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | |||||
| CVE-2003-0618 | 2 Debian, Perl | 2 Debian Linux, Suidperl | 2017-07-11 | 2.1 LOW | N/A |
| Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. | |||||
| CVE-2000-1221 | 3 Debian, Redhat, Sgi | 3 Debian Linux, Linux, Irix | 2017-07-11 | 10.0 HIGH | N/A |
| The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. | |||||
| CVE-2016-9190 | 2 Debian, Python | 2 Debian Linux, Pillow | 2017-07-01 | 6.8 MEDIUM | 7.8 HIGH |
| Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component. | |||||
| CVE-2016-9189 | 2 Debian, Python | 2 Debian Linux, Pillow | 2017-07-01 | 4.3 MEDIUM | 5.5 MEDIUM |
| Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component. | |||||