Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 1.3.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-18076
In strategy.rb in OmniAuth prior to 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored in the session and become available in the environment of the callback phase.
Omniauth Omniauth
Debian Debian Linux 9.0
Debian Debian Linux 8.0
4.6
CVSSv2
CVE-2017-16651
Roundcube Webmail prior to 1.1.10, 1.2.x prior to 1.2.7, and 1.3.x prior to 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at th...
Roundcube Webmail 1.3.0
Roundcube Webmail 1.2.5
Roundcube Webmail
Roundcube Webmail 1.3.2
Roundcube Webmail 1.2.3
Roundcube Webmail 1.2.2
Roundcube Webmail 1.2.1
Roundcube Webmail 1.2.0
Roundcube Webmail 1.3.1
Roundcube Webmail 1.2.6
Roundcube Webmail 1.2.4
Debian Debian Linux 9.0
Debian Debian Linux 7.0
2 Github repositories
7.5
CVSSv2
CVE-2013-7439
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 prior to 1.6.0 allow remote malicious users to have unspecified impact via a crafted request, which triggers a buffer overflow.
X.org Libx11 1.4.99.902
X.org Libx11 1.4.99.901
X.org Libx11 1.3.99.901
X.org Libx11 1.3.6
X.org Libx11 1.2.2
X.org Libx11 1.2.1
X.org Libx11 1.1.99.1
X.org Libx11 1.1
X.org Libx11 1.4.4
X.org Libx11 1.4.3
X.org Libx11 1.3.5
X.org Libx11 1.3.4
X.org Libx11 1.2
X.org Libx11 1.1.6
X.org Libx11 1.0.1
X.org Libx11 1.5.99.902
X.org Libx11 1.4.2
X.org Libx11 1.4.1
X.org Libx11 1.3.3
X.org Libx11 1.3.2
X.org Libx11 1.1.5
X.org Libx11 1.1.4
7.6
CVSSv2
CVE-2013-6435
Race condition in RPM 4.11.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d d...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 4.8.0
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 1.4.2\\/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.9.0
Rpm Rpm 4.0.1
Rpm Rpm 4.9.1.2
Rpm Rpm 2.2.11
5
CVSSv2
CVE-2014-4911
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL prior to 1.2.11 and 1.3.x prior to 1.3.8 allows remote malicious users to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.
Polarssl Polarssl 1.3.6
Polarssl Polarssl 1.3.4
Polarssl Polarssl 1.3.7
Polarssl Polarssl 1.3.2
Polarssl Polarssl 1.3.0
Polarssl Polarssl 1.3.5
Polarssl Polarssl 1.3.3
Polarssl Polarssl 1.3.1
Polarssl Polarssl 1.2.0
Polarssl Polarssl 1.2.7
Polarssl Polarssl 1.2.9
Polarssl Polarssl 1.2.1
Polarssl Polarssl 1.2.2
Polarssl Polarssl 1.2.3
Polarssl Polarssl 1.2.4
Polarssl Polarssl 1.2.5
Polarssl Polarssl
Polarssl Polarssl 1.2.6
Polarssl Polarssl 1.2.8
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
2.1
CVSSv2
CVE-2014-3533
dbus 1.3.0 prior to 1.6.22 and 1.8.x prior to 1.8.6 allows local users to cause a denial of service (disconnect) via a certain sequence of crafted messages that cause the dbus-daemon to forward a message containing an invalid file descriptor.
Debian Debian Linux 7.0
Freedesktop Dbus 1.4.18
Freedesktop Dbus 1.6.0
Freedesktop Dbus 1.4.22
Freedesktop Dbus 1.5.6
Freedesktop Dbus 1.8.0
Freedesktop Dbus 1.5.8
Freedesktop Dbus 1.5.4
Freedesktop Dbus 1.5.10
Freedesktop Dbus 1.4.24
Freedesktop Dbus 1.4.12
Freedesktop Dbus 1.6.20
Freedesktop Dbus 1.6.10
Freedesktop Dbus 1.5.0
Freedesktop Dbus 1.6.12
Freedesktop Dbus 1.6.16
Freedesktop Dbus 1.4.6
Freedesktop Dbus 1.4.16
Freedesktop Dbus 1.5.2
Freedesktop Dbus 1.3.0
Freedesktop Dbus 1.4.8
Freedesktop Dbus 1.3.1
5
CVSSv2
CVE-2014-4617
The do_uncompress function in g10/compress.c in GnuPG 1.x prior to 1.4.17 and 2.x prior to 2.0.24 allows context-dependent malicious users to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
Gnupg Gnupg 2.0.1
Gnupg Gnupg 2.0.7
Gnupg Gnupg 2.0.15
Gnupg Gnupg 2.0.8
Gnupg Gnupg 2.0.11
Gnupg Gnupg 2.0.6
Gnupg Gnupg 2.0.10
Gnupg Gnupg 2.0.13
Gnupg Gnupg 2.0
Gnupg Gnupg 2.0.5
Gnupg Gnupg 2.0.17
Gnupg Gnupg 2.0.12
Gnupg Gnupg 2.0.18
Gnupg Gnupg 2.0.16
Gnupg Gnupg 2.0.21
Gnupg Gnupg 2.0.14
Gnupg Gnupg 2.0.4
Gnupg Gnupg 2.0.3
Gnupg Gnupg 2.0.22
Gnupg Gnupg 2.0.19
Gnupg Gnupg 2.0.20
Gnupg Gnupg 2.0.23
1 Github repository
4.3
CVSSv2
CVE-2013-4134
OpenAFS prior to 1.4.15, 1.6.x prior to 1.6.5, and 1.7.x prior to 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote malicious users to obtain the service key.
Openafs Openafs 1.7.20
Openafs Openafs 1.7.19
Openafs Openafs 1.7.18
Openafs Openafs 1.7.17
Openafs Openafs 1.4.8 Pre3
Openafs Openafs 1.4.8 Pre2
Openafs Openafs 1.4.8 Pre1
Openafs Openafs 1.4.8
Openafs Openafs 1.4.7 Pre5
Openafs Openafs 1.4.1
Openafs Openafs 1.4.0
Openafs Openafs 1.4
Openafs Openafs 1.3.81
Openafs Openafs 1.2.3
Openafs Openafs 1.2.2b
Openafs Openafs 1.2.2a
Openafs Openafs 1.2.2
Openafs Openafs 1.0.2
Openafs Openafs 1.0.1
Openafs Openafs 1.0
Openafs Openafs 1.6.2.1
Openafs Openafs 1.6.2
5
CVSSv2
CVE-2012-2351
The default configuration of the auth/saml plugin in Mahara prior to 1.4.2 sets the "Match username attribute to Remote username" option to false, which allows remote SAML IdP servers to spoof users of other SAML IdP servers by using the same internal username.
Debian Debian Linux 6.0
Mahara Mahara 1.4
Mahara Mahara 1.3.3
Mahara Mahara 1.2.6
Mahara Mahara 1.2.0
Mahara Mahara 1.1.1
Mahara Mahara 1.1.0
Mahara Mahara 1.1.7
Mahara Mahara 1.1.8
Mahara Mahara 1.1
Mahara Mahara 1.0.9
Mahara Mahara 1.0.6
Mahara Mahara 1.0.14
Mahara Mahara 1.0.15
Mahara Mahara 0.9.1
Mahara Mahara 0.9.2
Mahara Mahara 1.3.0
Mahara Mahara 1.3.1
Mahara Mahara 1.2.2
Mahara Mahara 1.1.6
Mahara Mahara 1.0.0
Mahara Mahara 1.0.4
10
CVSSv2
CVE-2012-0444
Mozilla Firefox prior to 3.6.26 and 4.x up to and including 9.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 do not properly initialize nsChildView data structures, which allows remote malicious users to cause a denial of service (memor...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »