Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.2 vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2013-6435
Race condition in RPM 4.11.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d d...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2\\/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 4.9.1.2
Rpm Rpm 2.2.11
7.6
CVSSv2
CVE-2004-0456
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
Pavuk Pavuk 0.9pl28i
Pavuk Pavuk 0.928r1
Debian Debian Linux 3.0
Gentoo Linux 1.4
Gentoo Linux 1.1a
Gentoo Linux 1.2
7.5
CVSSv2
CVE-2022-28346
An issue exists in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
Djangoproject Django
Debian Debian Linux 9.0
Debian Debian Linux 11.0
7 Github repositories
7.5
CVSSv2
CVE-2022-28347
A SQL injection issue exists in QuerySet.explain() in Django 2.2 prior to 2.2.28, 3.2 prior to 3.2.13, and 4.0 prior to 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.
Djangoproject Django
Debian Debian Linux 11.0
2 Github repositories
7.5
CVSSv2
CVE-2020-27153
In BlueZ prior to 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
Bluez Bluez
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
7.5
CVSSv2
CVE-2020-11651
An issue exists in SaltStack Salt prior to 2019.2.4 and 3000 prior to 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user toke...
Saltstack Salt
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Vmware Application Remote Collector 8.0.0
Vmware Application Remote Collector 7.5.0
17 Github repositories
4 Articles
7.5
CVSSv2
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
18 Github repositories
1 Article
7.5
CVSSv2
CVE-2017-12865
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and previous versions allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
Intel Connman
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
7.5
CVSSv2
CVE-2016-8863
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) prior to 1.6.21 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in ...
Libupnp Project Libupnp
Debian Debian Linux 8.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »