Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian advanced package tool vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2014-7206
The changelog command in Apt prior to 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
Debian Apt 0.9.7.9
Debian Apt 1.0.9
Debian Advanced Package Tool 1.0.8
Debian Advanced Package Tool
231
VMScore
CVE-2011-3634
methods/https.cc in apt prior to 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle malicious users to obtain repository credentials via unspecified vectors.
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 10.04
Debian Advanced Package Tool 0.8.0
Debian Advanced Package Tool 0.8.1
Debian Advanced Package Tool 0.8.10
Debian Advanced Package Tool 0.8.10.1
Debian Advanced Package Tool 0.8.10.2
Debian Advanced Package Tool
231
VMScore
CVE-2012-3587
APT 0.7.x prior to 0.7.25 and 0.8.x prior to 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote malicious users to install Trojan horse packages via a man-in-the-middle (MITM) attac...
Debian Advanced Package Tool 0.7.0
Debian Advanced Package Tool 0.7.1
Debian Advanced Package Tool 0.7.2
Debian Advanced Package Tool 0.7.2-0.1
Debian Advanced Package Tool 0.7.10
Debian Advanced Package Tool 0.7.11
Debian Advanced Package Tool 0.7.12
Debian Advanced Package Tool 0.7.13
Debian Advanced Package Tool 0.7.14
Debian Advanced Package Tool 0.7.15
Debian Advanced Package Tool 0.7.16
Debian Advanced Package Tool 0.7.17
Debian Advanced Package Tool 0.7.18
Debian Advanced Package Tool 0.7.19
Debian Advanced Package Tool 0.7.20
Debian Advanced Package Tool 0.7.20.1
Debian Advanced Package Tool 0.7.20.2
Debian Advanced Package Tool 0.7.21
Debian Advanced Package Tool 0.7.22
Debian Advanced Package Tool 0.7.22.1
Debian Advanced Package Tool 0.7.22.2
Debian Advanced Package Tool 0.7.23
231
VMScore
CVE-2012-0954
APT 0.7.x prior to 0.7.25 and 0.8.x prior to 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote malicious users to install altered packages via a man-in-the-middle (MITM) attack. NO...
Debian Advanced Package Tool 0.7.0
Debian Advanced Package Tool 0.7.1
Debian Advanced Package Tool 0.7.2
Debian Advanced Package Tool 0.7.2-0.1
Debian Advanced Package Tool 0.7.10
Debian Advanced Package Tool 0.7.11
Debian Advanced Package Tool 0.7.12
Debian Advanced Package Tool 0.7.13
Debian Advanced Package Tool 0.7.14
Debian Advanced Package Tool 0.7.15
Debian Advanced Package Tool 0.7.16
Debian Advanced Package Tool 0.7.17
Debian Advanced Package Tool 0.7.18
Debian Advanced Package Tool 0.7.19
Debian Advanced Package Tool 0.7.20
Debian Advanced Package Tool 0.7.20.1
Debian Advanced Package Tool 0.7.20.2
Debian Advanced Package Tool 0.7.21
Debian Advanced Package Tool 0.7.22
Debian Advanced Package Tool 0.7.22.1
Debian Advanced Package Tool 0.7.22.2
Debian Advanced Package Tool 0.7.23
188
VMScore
CVE-2022-21166
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Xen Xen
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Intel Sgx Dcap
Intel Sgx Psw
Intel Sgx Sdk
Vmware Esxi 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
188
VMScore
CVE-2022-21123
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Xen Xen
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Intel Sgx Dcap
Intel Sgx Psw
Intel Sgx Sdk
Vmware Esxi 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
188
VMScore
CVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Xen Xen
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Intel Sgx Dcap
Intel Sgx Psw
Intel Sgx Sdk
Vmware Esxi 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
187
VMScore
CVE-2022-0854
A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.
Linux Linux Kernel 5.17
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
187
VMScore
CVE-2020-27351
Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions before 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions before 1.6.5ubuntu0.4; 2.0....
Debian Advanced Package Tool
187
VMScore
CVE-2012-0961
Apt 0.8.16~exp5ubuntu13.x prior to 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x prior to 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x prior to 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensi...
Debian Apt 0.9.7
Debian Advanced Package Tool 0.8.16
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »