Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
9110 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3373 | 2 Debian, Grsecurity | 2 Debian Linux, Paxtest | 2024-11-21 | 5.5 Medium |
| paxtest handles temporary files insecurely | ||||
| CVE-2010-3359 | 2 Debian, Gargoyle Project | 2 Debian Linux, Gargoyle | 2024-11-21 | 4.8 Medium |
| If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account. | ||||
| CVE-2010-3299 | 2 Debian, Rubyonrails | 2 Debian Linux, Rails | 2024-11-21 | 6.5 Medium |
| The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. | ||||
| CVE-2010-2490 | 2 Debian, Mumble | 2 Debian Linux, Mumble | 2024-11-21 | 6.5 Medium |
| Mumble: murmur-server has DoS due to malformed client query | ||||
| CVE-2010-2471 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2024-11-21 | 6.1 Medium |
| Drupal versions 5.x and 6.x has open redirection | ||||
| CVE-2010-2450 | 2 Debian, Shibboleth | 2 Debian Linux, Service Provider | 2024-11-21 | 7.5 High |
| The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable by default. | ||||
| CVE-2010-0749 | 3 Debian, Linux, Transmissionbt | 3 Debian Linux, Linux Kernel, Transmission | 2024-11-21 | 5.3 Medium |
| Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame. | ||||
| CVE-2010-0748 | 3 Debian, Linux, Transmissionbt | 3 Debian Linux, Linux Kernel, Transmission | 2024-11-21 | 9.8 Critical |
| Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link. | ||||
| CVE-2010-0747 | 2 Debian, Linbit | 2 Debian Linux, Drbd8 | 2024-11-21 | 7.8 High |
| drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725. | ||||
| CVE-2010-0207 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2024-11-21 | 5.5 Medium |
| In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers. | ||||
| CVE-2010-0206 | 2 Debian, Xpdfreader | 2 Debian Linux, Xpdf | 2024-11-21 | 5.5 Medium |
| xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects. | ||||
| CVE-2009-5049 | 2 Debian, Mortbay | 2 Debian Linux, Jetty | 2024-11-21 | 6.1 Medium |
| WebApp JSP Snoop page XSS in jetty though 6.1.21. | ||||
| CVE-2009-5046 | 2 Debian, Eclipse | 2 Debian Linux, Jetty | 2024-11-21 | 6.1 Medium |
| JSP Dump and Session Dump Servlet XSS in jetty before 6.1.22. | ||||
| CVE-2009-5045 | 2 Debian, Eclipse | 2 Debian Linux, Jetty | 2024-11-21 | 7.5 High |
| Dump Servlet information leak in jetty before 6.1.22. | ||||
| CVE-2009-5043 | 2 Burn Project, Debian | 2 Burn, Debian Linux | 2024-11-21 | 9.8 Critical |
| burn allows file names to escape via mishandled quotation marks | ||||
| CVE-2009-5042 | 2 Debian, Python-docutils Project | 2 Debian Linux, Python-docutils | 2024-11-21 | 9.1 Critical |
| python-docutils allows insecure usage of temporary files | ||||
| CVE-2009-3723 | 2 Debian, Sangoma | 2 Debian Linux, Asterisk | 2024-11-21 | 7.5 High |
| asterisk allows calls on prohibited networks | ||||
| CVE-2009-3614 | 2 Debian, Noping | 2 Debian Linux, Liboping | 2024-11-21 | 3.3 Low |
| liboping 1.3.2 allows users reading arbitrary files upon the local system. | ||||
| CVE-2008-7291 | 2 Debian, Gri Project | 2 Debian Linux, Gri | 2024-11-21 | 9.8 Critical |
| gri before 2.12.18 generates temporary files in an insecure way. | ||||
| CVE-2007-6745 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2024-11-21 | 9.8 Critical |
| clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. | ||||