Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2021-43302
Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause an out-of-bounds read when the filename is shorter than 4 characters.
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2021-43303
Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker-controlled 'buffer' argument may cause a buffer overflow, since supplying an output buffer smaller than 128 characters may overflow the output buffer, regardless of the 'maxlen' argument su...
Teluu Pjsip
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.5
CVSSv2
CVE-2021-26120
Smarty prior to 3.1.39 allows code injection via an unexpected function name after a {function name= substring.
Smarty Smarty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
6.8
CVSSv2
CVE-2017-5510
coders/psd.c in ImageMagick allows remote malicious users to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
Imagemagick Imagemagick
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2017-15721
In Irssi prior to 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468.
Irssi Irssi
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2017-15722
In certain cases, Irssi prior to 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string.
Irssi Irssi
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2019-16222
WordPress prior to 5.2.3 has an issue with URL sanitization in wp_kses_bad_protocol_once in wp-includes/kses.php that can lead to cross-site scripting (XSS) attacks.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4
CVSSv2
CVE-2021-40085
An issue exists in OpenStack Neutron prior to 16.4.1, 17.x prior to 17.2.1, and 18.x prior to 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
Openstack Neutron
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.4
CVSSv2
CVE-2011-2902
zxpdf in xpdf prior to 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote malicious users to delete arbitrary files via a crafted .pdf.gz file name.
Glyphandcog Xpdf
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
4.9
CVSSv2
CVE-2012-1096
NetworkManager 0.9 and previous versions allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
Gnome Networkmanager
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »