debian debian linux 8.0 vulnerabilities and exploits

(subscribe to this query)

NA

The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokeping_cgi, which allows remote attackers to execute arbitrary code via crafted CGI...

Debian Debian Linux 8.0 Debian Debian Linux 7.0

6.1

CVSSv3

The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser....

Simplesamlphp Simplesamlphp Debian Debian Linux 7.0 Debian Debian Linux 9.0 Debian Debian Linux 8.0

4.7

CVSSv3

Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an attacker to trick users into unwillingly...

Drupal Drupal Debian Debian Linux 8.0 Debian Debian Linux 7.0 Debian Debian Linux 9.0

9.8

CVSSv3

Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution...

Lcdf Gifsicle Debian Debian Linux 8.0 Debian Debian Linux 7.0 Debian Debian Linux 9.0

5.5

CVSSv3

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files....

Mutt Mutt Debian Debian Linux 9.0 Debian Debian Linux 10.0 Debian Debian Linux 8.0

6.5

CVSSv3

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts....

Freedesktop Poppler Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

6.1

CVSSv3

node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)...

Sencha Connect Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.01 Github repository available

9.8

CVSSv3

Yubico PAM Module before 2.10 performed user authentication when 'use_first_pass' PAM configuration option was not used and the module was configured as 'sufficient' in the PAM configuration. A remote attacker could use this flaw to circumvent common...

Yubico Pam Module Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

5.5

CVSSv3

OpenStack nova base images permissions are world readable...

Openstack Nova -Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

9.8

CVSSv3

The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file....

Smarty Smarty Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook