Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 8.0 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2017-15864
In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x up to and including 3.3.18, with a crafted URL it is possible to gain information like database user and password.
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
445
VMScore
CVE-2017-15923
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x prior to 1.7.3 allow remote malicious users to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.
Konversation Konversation
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Debian Debian Linux 8.0
605
VMScore
CVE-2017-17476
Open Ticket Request System (OTRS) 4.0.x prior to 4.0.28, 5.0.x prior to 5.0.26, and 6.0.x prior to 6.0.3, when cookie support is disabled, might allow remote malicious users to hijack web sessions and consequently gain privileges via a crafted email.
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
356
VMScore
CVE-2017-16854
In Open Ticket Request System (OTRS) up to and including 3.3.20, 4 up to and including 4.0.26, 5 up to and including 5.0.24, and 6 up to and including 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of thei...
Otrs Otrs
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
383
VMScore
CVE-2010-4532
offlineimap prior to 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Offlineimap Offlineimap
668
VMScore
CVE-2010-0748
Transmission prior to 1.92 allows an malicious user to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.
Transmissionbt Transmission
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
312
VMScore
CVE-2017-17092
wp-includes/functions.php in WordPress prior to 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote malicious users to conduct XSS attacks via a crafted file.
Wordpress Wordpress
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
312
VMScore
CVE-2017-17093
wp-includes/general-template.php in WordPress prior to 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow malicious users to conduct XSS attacks via the language setting of a site.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
312
VMScore
CVE-2017-17094
wp-includes/feed.php in WordPress prior to 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow malicious users to conduct XSS attacks via a crafted URL.
Wordpress Wordpress
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
570
VMScore
CVE-2011-1408
ikiwiki prior to 3.20110608 allows remote malicious users to hijack root's tty and run symlink attacks.
Ikiwiki Ikiwiki
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »