Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 7552 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-1569 2 Debian, Policyd-weight 2 Debian Linux, Policyd-weight 2017-08-08 3.3 LOW N/A
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.
CVE-2008-0167 2 Debian, Gforge 2 Debian Linux, Gforge 2017-08-08 4.6 MEDIUM N/A
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
CVE-2016-7045 3 Canonical, Debian, Irssi 3 Ubuntu Linux, Debian Linux, Irssi 2017-07-30 5.0 MEDIUM 7.5 HIGH
The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.
CVE-2016-7044 3 Canonical, Debian, Irssi 3 Ubuntu Linux, Debian Linux, Irssi 2017-07-30 5.0 MEDIUM 7.5 HIGH
The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.
CVE-2007-6220 2 Debian, Typespeed 2 Debian Linux, Typespeed 2017-07-29 5.0 MEDIUM N/A
typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via unspecified network behavior that triggers a divide-by-zero error.
CVE-2007-5827 2 Debian, Iscsitarget 2 Debian Linux, Iscsitarget 2017-07-29 2.1 LOW N/A
iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.
CVE-2007-5207 1 Debian 1 Guilt 2017-07-29 3.3 LOW N/A
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file.
CVE-2007-5718 2 Debian, Vobcopy 2 Debian Linux, Vobcopy 2017-07-29 4.9 MEDIUM N/A
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.
CVE-2007-5795 2 Debian, Gnu 2 Debian Linux, Emacs 2017-07-29 6.3 MEDIUM N/A
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
CVE-2007-3912 1 Debian 1 Debian-goodies 2017-07-29 7.2 HIGH N/A
checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.
CVE-2007-2839 1 Debian 1 Gfax 2017-07-29 7.2 HIGH N/A
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
CVE-2007-2835 2 Debian, Unicon-imc2 2 Debian Linux, Unicon-imc2 2017-07-29 6.8 MEDIUM N/A
Multiple stack-based buffer overflows in (1) CCE_pinyin.c and (2) xl_pinyin.c in ImmModules/cce/ in unicon-imc2 3.0.4, as used by zhcon and other applications, allow local users to gain privileges via a long HOME environment variable.
CVE-2007-2838 2 Debian, Gsambad 2 Debian Linux, Gsambad 2017-07-29 7.2 HIGH N/A
The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
CVE-2007-2029 2 Clam Anti-virus, Debian 2 Clamav, Debian Linux 2017-07-29 7.8 HIGH N/A
File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file.
CVE-2007-2837 2 Debian, Fireflier 2 Debian Linux, Fireflier 2017-07-29 3.6 LOW N/A
The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.
CVE-2007-1665 2 Debian, Ekg 2 Debian Linux, Ekg 2017-07-29 5.0 MEDIUM N/A
Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
CVE-2007-1663 2 Debian, Ekg 2 Debian Linux, Ekg 2017-07-29 5.0 MEDIUM N/A
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
CVE-2007-1664 2 Debian, Ekg 2 Debian Linux, Ekg 2017-07-29 5.0 MEDIUM N/A
ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.
CVE-2006-6942 2 Debian, Phpmyadmin 2 Debian Linux, Phpmyadmin 2017-07-29 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via (1) a comment for a table name, as exploited through (a) db_operations.php, (2) the db parameter to (b) db_create.php, (3) the newname parameter to db_operations.php, the (4) query_history_latest, (5) query_history_latest_db, and (6) querydisplay_tab parameters to (c) querywindow.php, and (7) the pos parameter to (d) sql.php.
CVE-2006-7098 1 Debian 1 Apache 2017-07-29 6.6 MEDIUM N/A
The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.