Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-1429
Lintian prior to 2.5.12 allows remote malicious users to gather information about the "host" system using crafted symlinks.
Debian Lintian 2.5.11
Debian Lintian
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 12.04
641
VMScore
CVE-2011-2910
The AX.25 daemon (ax25d) in ax25-tools prior to 0.0.8-13 does not check the return value of a setuid call. The setuid call is responsible for dropping privileges but if the call fails the daemon would continue to run with root privileges which can allow possible privilege escalat...
Linux-ax25 Ax25-tools
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
668
VMScore
CVE-2021-20001
It exists, that debian-edu-config, a set of configuration files used for the Debian Edu blend, prior to 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
Skolelinux Debian-edu-config
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
385
VMScore
CVE-2011-3374
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
Debian Advanced Package Tool
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8 Github repositories
641
VMScore
CVE-2019-3467
Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.
Debian Debian-lan-config
Skolelinux Debian-edu-config
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
383
VMScore
CVE-2018-1000069
FreePlane version 1.5.9 and previous versions contains a XML External Entity (XXE) vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the victim to open a specially crafted mind map file. This ...
Freeplane Freeplane
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
383
VMScore
CVE-2021-38502
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected ...
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
605
VMScore
CVE-2017-18122
A signature-validation bypass issue exists in SimpleSAMLphp up to and including 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any unsigned SAML response containing more than one signed assertion, provided that the signature of at least one of the a...
Simplesamlphp Simplesamlphp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
668
VMScore
CVE-2017-14062
Integer overflow in the decode_digit function in puny_decode.c in Libidn2 prior to 2.0.4 allows remote malicious users to cause a denial of service or possibly have unspecified other impact.
Gnu Libidn2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
668
VMScore
CVE-2014-4678
The safe_eval function in Ansible prior to 1.6.4 does not properly restrict the code subset, which allows remote malicious users to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657.
Redhat Ansible
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »