Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apt vulnerabilities and exploits
(subscribe to this query)
978
VMScore
CVE-2014-6332
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote malicious users to execute arbitrary code via a craft...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Server 2008 -
Microsoft Windows Vista -
Microsoft Windows Rt -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2012 R2
Microsoft Windows 8 -
9 EDB exploits
10 Github repositories
9 Articles
668
VMScore
CVE-2014-0487
APT prior to 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
1 Article
605
VMScore
CVE-2014-0488
APT prior to 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote malicious users to have unspecified impact via crafted repository data.
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
668
VMScore
CVE-2014-0490
The apt-get download command in APT prior to 1.0.9 does not properly validate signatures for packages, which allows remote malicious users to execute arbitrary code via a crafted package.
Debian Advanced Package Tool
Debian Advanced Package Tool 1.0.6
Debian Advanced Package Tool 1.0.5
Debian Advanced Package Tool 1.0.4
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
668
VMScore
CVE-2014-0489
APT prior to 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote malicious users to execute arbitrary code via a crafted package.
Debian Advanced Package Tool 1.0.5
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
320
VMScore
CVE-2014-7206
The changelog command in Apt prior to 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
Debian Apt 1.0.9
Debian Advanced Package Tool
Debian Apt 0.9.7.9
Debian Advanced Package Tool 1.0.8
383
VMScore
CVE-2014-4510
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Debian Apt-cacher 0.7.26
605
VMScore
CVE-2014-6273
Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and previous versions allows man-in-the-middle malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted URL.
Debian Advanced Package Tool
890
VMScore
CVE-2014-0546
Adobe Reader and Acrobat 10.x prior to 10.1.11 and 11.x prior to 11.0.08 on Windows allow malicious users to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
Adobe Acrobat Reader 10.1.10
Adobe Acrobat Reader 10.1.2
Adobe Acrobat Reader 10.1.9
Adobe Acrobat Reader 11.0
Adobe Acrobat Reader 10.1
Adobe Acrobat Reader 10.1.1
Adobe Acrobat Reader 10.1.7
Adobe Acrobat Reader 10.1.8
Adobe Acrobat Reader 11.0.5
Adobe Acrobat Reader 11.0.6
Adobe Acrobat Reader 11.0.7
Adobe Acrobat Reader 10.0.2
Adobe Acrobat Reader 10.0.3
Adobe Acrobat Reader 10.1.5
Adobe Acrobat Reader 10.1.6
Adobe Acrobat Reader 11.0.3
Adobe Acrobat Reader 11.0.4
Adobe Acrobat Reader 10.0
Adobe Acrobat Reader 10.0.1
Adobe Acrobat Reader 10.1.3
Adobe Acrobat Reader 10.1.4
Adobe Acrobat Reader 11.0.1
3 Articles
356
VMScore
CVE-2014-0478
APT prior to 1.0.4 does not properly validate source packages, which allows man-in-the-middle malicious users to download and install Trojan horse packages by removing the Release signature.
Debian Advanced Package Tool
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »