Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian dpkg vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2022-33912
A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Packages created by the agent bakery (enterprise editions only) were not affected. Using the shipped version of the agents, the maintainer scripts located at /var/lib/dpkg/info/ will...
Tribe29 Checkmk 1.6.0
Tribe29 Checkmk 2.0.0
Tribe29 Checkmk 1.6.0b10
Tribe29 Checkmk 1.6.0b11
Tribe29 Checkmk 2.1.0
Tribe29 Checkmk 2.2.0
7.5
CVSSv2
CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-pl...
Debian Dpkg
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
4.3
CVSSv2
CVE-2018-0360
ClamAV prior to 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
Clamav Clamav
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2018-0361
ClamAV prior to 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
Clamav Clamav
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2017-8283
dpkg-source in dpkg 1.3.0 up to and including 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote malicious users to conduct directory traversal attacks via a crafted Debian source package, as...
Debian Dpkg 1.18.19
Debian Dpkg 1.18.17
Debian Dpkg 1.18.12
Debian Dpkg 1.18.10
Debian Dpkg 1.18.3
Debian Dpkg 1.18.1
Debian Dpkg 1.17.18
Debian Dpkg 1.17.16
Debian Dpkg 1.17.11
Debian Dpkg 1.17.9
Debian Dpkg 1.17.2
Debian Dpkg 1.17.0
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.0.3
Debian Dpkg 1.15.8.7
Debian Dpkg 1.15.8.5
Debian Dpkg 1.15.7.1
Debian Dpkg 1.15.6.1
Debian Dpkg 1.15.5.3
Debian Dpkg 1.15.5.1
7.5
CVSSv2
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x prior to 1.16.17 and 1.17.x prior to 1.17.26 allows remote malicious users to execute arbitrary code via the archive magic version number in an "old-style"...
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Debian Dpkg 1.16.0.3
Debian Dpkg 1.16.1
Debian Dpkg 1.16.4
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.9
Debian Dpkg 1.16.15
Debian Dpkg 1.17.6
Debian Dpkg 1.17.7
Debian Dpkg 1.17.15
Debian Dpkg 1.17.16
Debian Dpkg 1.17.23
Debian Dpkg 1.17.24
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.1.2
Debian Dpkg 1.16.4.2
Debian Dpkg 1.16.4.3
Debian Dpkg 1.17.0
Debian Dpkg 1.17.1
6.8
CVSSv2
CVE-2015-1330
unattended-upgrades prior to 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle malicious users to upload and execute arbitrary pa...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Unattended-upgrades
4.3
CVSSv2
CVE-2015-0840
The dpkg-source command in Debian dpkg prior to 1.16.16 and 1.17.x prior to 1.17.25 allows remote malicious users to bypass signature verification via a crafted Debian source control file (.dsc).
Debian Dpkg 1.17.1
Debian Dpkg 1.17.2
Debian Dpkg 1.17.5
Debian Dpkg 1.17.6
Debian Dpkg 1.17.7
Debian Dpkg 1.17.14
Debian Dpkg 1.17.15
Debian Dpkg 1.17.22
Debian Dpkg 1.17.23
Debian Dpkg
Debian Dpkg 1.17.0
Debian Dpkg 1.17.8
Debian Dpkg 1.17.9
Debian Dpkg 1.17.16
Debian Dpkg 1.17.17
Debian Dpkg 1.17.24
Debian Dpkg 1.17.10
Debian Dpkg 1.17.11
Debian Dpkg 1.17.18
Debian Dpkg 1.17.19
Debian Dpkg 1.17.3
Debian Dpkg 1.17.4
6.8
CVSSv2
CVE-2014-8625
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg prior to 1.17.22 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) package or (2) architecture...
Debian Dpkg
6.4
CVSSv2
CVE-2014-3227
dpkg 1.15.9, 1.16.x prior to 1.16.14, and 1.17.x prior to 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that...
Debian Dpkg 1.16.0.1
Debian Dpkg 1.16.0.2
Debian Dpkg 1.16.0.3
Debian Dpkg 1.16.1
Debian Dpkg 1.16.7
Debian Dpkg 1.16.8
Debian Dpkg 1.16.9
Debian Dpkg 1.17.0
Debian Dpkg 1.16.12
Debian Dpkg 1.16.2
Debian Dpkg 1.16.3
Debian Dpkg 1.16.4
Debian Dpkg 1.16.4.1
Debian Dpkg 1.17.5
Debian Dpkg 1.17.6
Debian Dpkg 1.17.7
Debian Dpkg 1.17.8
Debian Dpkg 1.15.9
Debian Dpkg 1.16.1.2
Debian Dpkg 1.16.11
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »