Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian dpkg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3865
Multiple directory traversal vulnerabilities in dpkg-source in dpkg-dev 1.3.0 allow remote malicious users to modify files outside of the intended directories via a source package with a crafted Index: pseudo-header in conjunction with (1) missing --- and +++ header lines or (2) ...
Debian Dpkg-dev 1.3.0
1 EDB exploit
NA
CVE-2014-3227
dpkg 1.15.9, 1.16.x prior to 1.16.14, and 1.17.x prior to 1.17.9 expect the patch program to be compliant with a need for the "C-style encoded filenames" feature, but is supported in environments with noncompliant patch programs, which triggers an interaction error that...
Debian Dpkg 1.16.0.1
Debian Dpkg 1.16.0.2
Debian Dpkg 1.16.0.3
Debian Dpkg 1.16.1
Debian Dpkg 1.16.7
Debian Dpkg 1.16.8
Debian Dpkg 1.16.9
Debian Dpkg 1.17.0
Debian Dpkg 1.16.12
Debian Dpkg 1.16.2
Debian Dpkg 1.16.3
Debian Dpkg 1.16.4
Debian Dpkg 1.16.4.1
Debian Dpkg 1.17.5
Debian Dpkg 1.17.6
Debian Dpkg 1.17.7
Debian Dpkg 1.17.8
Debian Dpkg 1.15.9
Debian Dpkg 1.16.1.2
Debian Dpkg 1.16.11
Debian Dpkg 1.16.4.3
Debian Dpkg 1.16.6
NA
CVE-2014-3127
dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature without recognizing that the squeeze patch program lacks this feature, which triggers an interaction error that allows remote malicious users to conduct directory traversal atta...
Debian Dpkg 1.16.0.2
Debian Dpkg 1.16.0.3
Debian Dpkg 1.16.2
Debian Dpkg 1.16.3
Debian Dpkg 1.16.8
Debian Dpkg 1.16.9
Debian Dpkg 1.16.0
Debian Dpkg 1.16.0.1
Debian Dpkg 1.16.11
Debian Dpkg 1.16.12
Debian Dpkg 1.16.5
Debian Dpkg 1.16.6
Debian Dpkg 1.16.7
Debian Dpkg 1.16.1
Debian Dpkg 1.16.1.1
Debian Dpkg 1.16.4
Debian Dpkg 1.16.4.1
Debian Dpkg 1.16.1.2
Debian Dpkg 1.16.10
Debian Dpkg 1.16.4.2
Debian Dpkg 1.16.4.3
Debian Dpkg 1.17.5
NA
CVE-2014-0471
Directory traversal vulnerability in the unpacking functionality in dpkg prior to 1.15.9, 1.16.x prior to 1.16.13, and 1.17.x prior to 1.17.8 allows remote malicious users to write arbitrary files via a crafted source package, related to "C-style filename quoting."
Canonical Ubuntu Linux 10.04
Debian Dpkg 1.10.11
Debian Dpkg 1.10.13
Debian Dpkg 1.10.19
Debian Dpkg 1.10.20
Debian Dpkg 1.10.25
Debian Dpkg 1.10.27
Debian Dpkg 1.10.8
Debian Dpkg 1.13.0
Debian Dpkg 1.13.14
Debian Dpkg 1.13.16
Debian Dpkg 1.13.20
Debian Dpkg 1.13.22
Debian Dpkg 1.13.6
Debian Dpkg 1.13.8
Debian Dpkg 1.14.13
Debian Dpkg 1.14.15
Debian Dpkg 1.14.16.4
Debian Dpkg 1.14.16.6
Debian Dpkg 1.14.22
Debian Dpkg 1.14.24
Debian Dpkg 1.14.30
NA
CVE-2011-0402
dpkg-source in dpkg prior to 1.14.31 and 1.15.x allows user-assisted remote malicious users to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.
Debian Dpkg 1.14.16.3
Debian Dpkg 1.14.16.2
Debian Dpkg 1.14.21
Debian Dpkg 1.14.20
Debian Dpkg 1.13.9
Debian Dpkg 1.13.8
Debian Dpkg 1.13.15
Debian Dpkg 1.13.18
Debian Dpkg 1.13.24
Debian Dpkg 1.13.25
Debian Dpkg 1.14.6
Debian Dpkg 1.14.7
Debian Dpkg 1.14.8
Debian Dpkg 1.13.5
Debian Dpkg 1.13.4
Debian Dpkg 1.10.26
Debian Dpkg 1.10.25
Debian Dpkg 1.14.15
Debian Dpkg 1.14.14
Debian Dpkg 1.14.17
Debian Dpkg 1.14.16.6
Debian Dpkg 1.14.26
NA
CVE-2010-1679
Directory traversal vulnerability in dpkg-source in dpkg prior to 1.14.31 and 1.15.x allows user-assisted remote malicious users to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.
Debian Dpkg 1.14.16
Debian Dpkg 1.14.15
Debian Dpkg 1.14.18
Debian Dpkg 1.14.17
Debian Dpkg 1.14.16.6
Debian Dpkg 1.14.26
Debian Dpkg 1.14.23
Debian Dpkg 1.13.12
Debian Dpkg 1.13.11.1
Debian Dpkg 1.13.19
Debian Dpkg 1.13.22
Debian Dpkg 1.14.2
Debian Dpkg 1.14.3
Debian Dpkg 1.14.10
Debian Dpkg 1.14.11
Debian Dpkg 1.13.1
Debian Dpkg 1.13.0
Debian Dpkg 1.14.14
Debian Dpkg 1.14.13
Debian Dpkg 1.14.16.5
Debian Dpkg 1.14.22
Debian Dpkg 1.14.24
NA
CVE-2004-2768
dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-20...
Debian Dpkg 1.9.21
NA
CVE-2010-0396
Directory traversal vulnerability in the dpkg-source component in dpkg prior to 1.14.29 allows remote malicious users to modify arbitrary files via a crafted Debian source archive.
Debian Dpkg
Debian Dpkg 1.14.27
Debian Dpkg 1.14.19
Debian Dpkg 1.14.18
Debian Dpkg 1.14.16.1
Debian Dpkg 1.14.16
Debian Dpkg 1.14.9
Debian Dpkg 1.14.8
Debian Dpkg 1.14.7
Debian Dpkg 1.14.0
Debian Dpkg 1.13.25
Debian Dpkg 1.13.18
Debian Dpkg 1.13.17
Debian Dpkg 1.13.11
Debian Dpkg 1.13.10
Debian Dpkg 1.13.9
Debian Dpkg 1.13.2
Debian Dpkg 1.13.1
Debian Dpkg 1.10.23
Debian Dpkg 1.10.22
Debian Dpkg 1.10.15
Debian Dpkg 1.10.14
NA
CVE-2009-1358
apt-get in apt prior to 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote malicious users to trick apt into installing mali...
Debian Advanced Package Tool 0.7.21
Debian Advanced Package Tool 0.7.19
Debian Advanced Package Tool 0.7.16
Debian Advanced Package Tool 0.7.15
Debian Apt 0.7.9
Debian Apt 0.7.8
Debian Advanced Package Tool 0.7.2
Debian Advanced Package Tool 0.7.1
Debian Apt 0.6.46.1
Debian Apt 0.6.46
Debian Apt 0.6.45
Debian Apt 0.6.43.2
Debian Apt 0.6.43.1
Debian Apt 0.6.40.1
Debian Apt 0.6.40
Debian Apt 0.6.33
Debian Apt 0.6.32
Debian Apt 0.6.27
Debian Apt 0.6.20
Debian Apt 0.6.19
Debian Apt 0.6.11
Debian Apt 0.6.10
NA
CVE-2009-1300
apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight.
Debian Advanced Package Tool 0.7.20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »