Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 7.0 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2017-6932
Drupal core 7.x versions prior to 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an malicious user to trick users into unwillingly...
Drupal Drupal
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2017-1000421
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
Lcdf Gifsicle
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
5.9
CVSSv3
CVE-2017-15722
In certain cases, Irssi prior to 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
Irssi Irssi
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
NA
CVE-2011-2688
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and previous versions for the Apache HTTP Server allows remote malicious users to execute arbitrary SQL commands via the user field.
Mod Authnz External Project Mod Authnz External
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Debian Debian Linux 7.0
5.3
CVSSv3
CVE-2011-2902
zxpdf in xpdf prior to 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote malicious users to delete arbitrary files via a crafted .pdf.gz file name.
Glyphandcog Xpdf
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
7.5
CVSSv3
CVE-2018-7419
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.
Wireshark Wireshark
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
5.4
CVSSv3
CVE-2017-17094
wp-includes/feed.php in WordPress prior to 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow malicious users to conduct XSS attacks via a crafted URL.
Wordpress Wordpress
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-16854
In Open Ticket Request System (OTRS) up to and including 3.3.20, 4 up to and including 4.0.26, 5 up to and including 5.0.24, and 6 up to and including 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of thei...
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2018-1308
This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrar...
Apache Solr
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
9.8
CVSSv3
CVE-2018-6521
The sqlauth module in SimpleSAMLphp prior to 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might be a scenario in which this allows remote malicious users to bypass intended access restrictions.
Simplesamlphp Simplesamlphp
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »