debian debian linux 8.0 vulnerabilities and exploits

(subscribe to this query)

5

CVSSv2

The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other...

Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

2.1

CVSSv2

The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling....

Linux Linux Kernel Debian Debian Linux 8.0 Debian Debian Linux 9.01 Github repository available

2.1

CVSSv2

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB...

Linux Linux Kernel Debian Debian Linux 8.0 Debian Debian Linux 9.01 Github repository available

6.2

CVSSv2

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet...

Linux Linux Kernel Debian Debian Linux 7.0 Debian Debian Linux 8.01 Github repository available

4.3

CVSSv2

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr....

Linux Linux Kernel Debian Debian Linux 8.0 Debian Debian Linux 9.0

2.7

CVSSv2

qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage)....

Redhat Libvirt Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

6.5

CVSSv2

Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation....

Otrs Otrs Debian Debian Linux 7.0 Debian Debian Linux 8.0 Debian Debian Linux 9.0

4

CVSSv2

In Open Ticket Request System (OTRS) through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets....

Otrs Otrs Debian Debian Linux 7.0 Debian Debian Linux 9.0 Debian Debian Linux 8.0

7.2

CVSSv2

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update...

Apache Spamassassin Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

5

CVSSv2

webauth before 4.6.1 has authentication credential disclosure...

Stanford Webauth Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook