Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-1429
Lintian prior to 2.5.12 allows remote malicious users to gather information about the "host" system using crafted symlinks.
Debian Lintian 2.5.11
Debian Lintian
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 12.04
NA
CVE-2022-2787
Schroot prior to 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session.
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Schroot
NA
CVE-2023-4874
Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12
Mutt Mutt
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-4875
Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12
Mutt Mutt
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-3417
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file exten...
Mozilla Thunderbird
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2023-46316
In buc Traceroute 2.0.12 up to and including 2.1.2 prior to 2.1.3, the wrapper scripts do not properly parse command lines.
Buc Traceroute
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.8
CVSSv2
CVE-2017-17476
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.28, 5.0.x prior to 5.0.26, and 6.0.x prior to 6.0.3, when cookie support is disabled, might allow remote malicious users to hijack web sessions and consequently gain privileges via a crafted email.
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2019-17671
In WordPress prior to 5.2.4, unauthenticated viewing of certain content is possible because the static query property is mishandled.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 EDB exploit
1 Github repository
2.6
CVSSv2
CVE-2021-36368
An issue exists in OpenSSH prior to 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO au...
Openbsd Openssh
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
3.5
CVSSv2
CVE-2017-17093
wp-includes/general-template.php in WordPress prior to 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow malicious users to conduct XSS attacks via the language setting of a site.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »