Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 2.1 vulnerabilities and exploits
(subscribe to this query)
417
VMScore
CVE-2019-18634
In Sudo prior to 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages...
Sudo Project Sudo
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
26 Github repositories
1 Article
445
VMScore
CVE-2004-1014
statd in nfs-utils 1.257 and previous versions does not ignore the SIGPIPE signal, which allows remote malicious users to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
Nfs Nfs-utils 1.0.6
Mandrakesoft Mandrake Linux Corporate Server 2.1
Redhat Enterprise Linux Desktop 3.0
Debian Debian Linux 3.0
Redhat Enterprise Linux 3.0
Mandrakesoft Mandrake Linux 9.2
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux 10.0
445
VMScore
CVE-2022-31001
Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1)...
Signalwire Sofia-sip
Debian Debian Linux 10.0
Debian Debian Linux 11.0
668
VMScore
CVE-2017-18187
In ARM mbed TLS prior to 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.
Arm Mbed Tls
Debian Debian Linux 8.0
Debian Debian Linux 9.0
516
VMScore
CVE-2021-26675
A stack-based buffer overflow in dnsproxy in ConnMan prior to 1.39 could be used by network adjacent malicious users to execute code.
Intel Connman
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.2
294
VMScore
CVE-2021-26676
gdhcp in ConnMan prior to 1.39 could be used by network-adjacent malicious users to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.
Intel Connman
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.2
668
VMScore
CVE-2018-0487
ARM mbed TLS prior to 1.3.22, prior to 2.1.10, and prior to 2.7.0 allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTL...
Arm Mbed Tls
Debian Debian Linux 8.0
Debian Debian Linux 9.0
668
VMScore
CVE-2018-0488
ARM mbed TLS prior to 1.3.22, prior to 2.1.10, and prior to 2.7.0, when the truncated HMAC extension and CBC are used, allows remote malicious users to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS sess...
Arm Mbed Tls
Debian Debian Linux 8.0
Debian Debian Linux 9.0
383
VMScore
CVE-2019-3498
In Django 1.11.x prior to 1.11.18, 2.0.x prior to 2.0.10, and 2.1.x prior to 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if...
Djangoproject Django
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Fedoraproject Fedora 28
1 Github repository
668
VMScore
CVE-2019-14234
An issue exists in Django 1.11.x prior to 1.11.23, 2.1.x prior to 2.1.11, and 2.2.x prior to 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, w...
Djangoproject Django
Fedoraproject Fedora 30
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »