Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian debian linux 8.0 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2017-17092
wp-includes/functions.php in WordPress prior to 4.9.1 does not require the unfiltered_html capability for upload of .js files, which might allow remote malicious users to conduct XSS attacks via a crafted file.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
312
VMScore
CVE-2017-17093
wp-includes/general-template.php in WordPress prior to 4.9.1 does not properly restrict the lang attribute of an HTML element, which might allow malicious users to conduct XSS attacks via the language setting of a site.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
312
VMScore
CVE-2017-17094
wp-includes/feed.php in WordPress prior to 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow malicious users to conduct XSS attacks via a crafted URL.
Wordpress Wordpress
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
668
VMScore
CVE-2010-4533
offlineimap prior to 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Offlineimap Offlineimap
383
VMScore
CVE-2010-4653
An integer overflow condition in poppler prior to 0.16.3 can occur when parsing CharCodes for fonts.
Freedesktop Poppler
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2016-9646
ikiwiki prior to 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata forgery.
Ikiwiki Ikiwiki
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
383
VMScore
CVE-2013-7371
node-connects prior to 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
Sencha Connect
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
534
VMScore
CVE-2017-7652
In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets availa...
Eclipse Mosquitto
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
445
VMScore
CVE-2018-7334
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.
Wireshark Wireshark
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
578
VMScore
CVE-2017-16664
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 prior to 5.0.24, 4 prior to 4.0.26, and 3.3 prior to 3.3.20. In the agent interface, an authenticated remote attacker can execute shell commands as the webserver user via URL manipulation.
Otrs Otrs
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »