Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Total 8963 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0579 2 Debian, William Deich 2 Debian Linux, Super 2023-12-10 7.2 HIGH N/A
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
CVE-2004-1000 1 Debian 1 Lintian 2023-12-10 2.1 LOW N/A
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
CVE-2004-0011 1 Debian 1 Fsp 2023-12-10 7.5 HIGH N/A
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
CVE-2000-0844 13 Caldera, Conectiva, Debian and 10 more 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more 2023-12-10 10.0 HIGH N/A
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2000-0112 1 Debian 1 Debian Linux 2023-12-10 7.2 HIGH N/A
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
CVE-2003-0358 3 Debian, Falconseye Project, Nethack 3 Debian Linux, Falconseye, Nethack 2023-12-10 4.6 MEDIUM N/A
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
CVE-2000-0229 4 Alessandro Rubini, Debian, Redhat and 1 more 4 Gpm, Debian Linux, Linux and 1 more 2023-12-10 7.2 HIGH N/A
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
CVE-2001-0690 4 Conectiva, Debian, Redhat and 1 more 4 Linux, Debian Linux, Linux and 1 more 2023-12-10 7.5 HIGH N/A
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
CVE-2003-1022 1 Debian 1 Fsp 2023-12-10 7.5 HIGH N/A
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
CVE-2000-0315 5 Debian, Digital, Netbsd and 2 more 5 Debian Linux, Unix, Netbsd and 2 more 2023-12-10 5.0 MEDIUM N/A
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
CVE-2002-0392 2 Apache, Debian 2 Http Server, Debian Linux 2023-12-10 7.5 HIGH N/A
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
CVE-2001-0128 6 Conectiva, Debian, Freebsd and 3 more 7 Linux, Debian Linux, Freebsd and 4 more 2023-12-10 7.2 HIGH N/A
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
CVE-1999-1048 2 Debian, Redhat 2 Debian Linux, Linux 2023-12-10 4.6 MEDIUM N/A
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
CVE-2000-0607 3 Debian, Mandrakesoft, Redhat 3 Debian Linux, Mandrake Linux, Linux 2023-12-10 7.2 HIGH N/A
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
CVE-2004-1336 2 Debian, Gentoo 2 Tetex-bin, Linux 2023-12-10 2.1 LOW N/A
The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2003-0360 1 Debian 1 Debian Linux 2023-12-10 7.5 HIGH N/A
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2001-0456 1 Debian 1 Debian Linux 2023-12-10 7.5 HIGH N/A
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
CVE-1999-0743 1 Debian 1 Debian Linux 2023-12-10 2.1 LOW N/A
Trn allows local users to overwrite other users' files via symlinks.
CVE-2000-0867 5 Debian, Mandrakesoft, Redhat and 2 more 5 Debian Linux, Mandrake Linux, Linux and 2 more 2023-12-10 7.2 HIGH N/A
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
CVE-2000-1136 1 Debian 1 Elvis Tiny 2023-12-10 4.6 MEDIUM N/A
elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack.