Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apt vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-18899
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local malicious users to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions before...
Apt-cacher-ng Project Apt-cacher-ng
Opensuse Backports Sle-15
4.6
CVSSv2
CVE-2013-6049
apt-listbugs prior to 0.1.10 creates temporary files insecurely, which allows malicious users to have unspecified impact via unknown vectors.
Apt-listbugs Project Apt-listbugs -
Debian Debian Linux 8.0
Debian Debian Linux 7.0
4.6
CVSSv2
CVE-2013-1064
apt-xapian-index prior to 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1...
Canonical Apt-xapian-index 0.44ubuntu7.1
Canonical Apt-xapian-index 0.44ubuntu5.1
Canonical Apt-xapian-index
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
3.6
CVSSv2
CVE-2014-7206
The changelog command in Apt prior to 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
Debian Apt 1.0.9
Debian Advanced Package Tool
Debian Apt 0.9.7.9
Debian Advanced Package Tool 1.0.8
7.2
CVSSv2
CVE-2008-0302
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges prior to 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
Debian Apt-listchanges
4.6
CVSSv2
CVE-2005-2214
apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords.
Debian Apt-setup
2.1
CVSSv2
CVE-2020-15709
Versions of add-apt-repository prior to 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1, printed a PPA (personal package archive) description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpecte...
Canonical Add-apt-repository
4.3
CVSSv2
CVE-2014-4510
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Debian Apt-cacher 0.7.26
7.5
CVSSv2
CVE-2003-0843
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and previous versions, and possibly later official versions, when running in debug mode and using the Apache log, allows remote malicious users to execute arbitrary code via format string characters in an HTTP ...
Dag Apt Repository Mod Gzip
7.5
CVSSv2
CVE-2003-0842
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and previous versions, and possibly later official versions, when running in debug mode, allows remote malicious users to execute arbitrary code via a long filename in a GET request with an "Accept-Encodin...
Dag Apt Repository Mod Gzip 1.3.26.1a
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »