Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apt vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2016-0165
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k E...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 -
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008
Microsoft Windows 10 1511
Microsoft Windows 10 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Vista
2 Articles
NA
CVE-2015-1330
unattended-upgrades prior to 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle malicious users to upload and execute arbitrary pa...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Unattended-upgrades
NA
CVE-2014-6332
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote malicious users to execute arbitrary code via a craft...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Vista -
Microsoft Windows Rt -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2012 R2
Microsoft Windows 8 -
9 EDB exploits
10 Github repositories
9 Articles
NA
CVE-2014-0487
APT prior to 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
1 Article
NA
CVE-2014-0488
APT prior to 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote malicious users to have unspecified impact via crafted repository data.
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
NA
CVE-2014-0489
APT prior to 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote malicious users to execute arbitrary code via a crafted package.
Debian Advanced Package Tool 1.0.5
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
NA
CVE-2014-0490
The apt-get download command in APT prior to 1.0.9 does not properly validate signatures for packages, which allows remote malicious users to execute arbitrary code via a crafted package.
Debian Advanced Package Tool
Debian Advanced Package Tool 1.0.6
Debian Advanced Package Tool 1.0.5
Debian Advanced Package Tool 1.0.4
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
NA
CVE-2014-7206
The changelog command in Apt prior to 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
Debian Apt 1.0.9
Debian Advanced Package Tool
Debian Apt 0.9.7.9
Debian Advanced Package Tool 1.0.8
NA
CVE-2014-4510
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Debian Apt-cacher 0.7.26
NA
CVE-2014-6273
Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and previous versions allows man-in-the-middle malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted URL.
Debian Advanced Package Tool
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »