Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apt vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2019-18899
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local malicious users to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions before...
Apt-cacher-ng Project Apt-cacher-ng
Opensuse Backports Sle-15
7.8
CVSSv3
CVE-2013-6049
apt-listbugs prior to 0.1.10 creates temporary files insecurely, which allows malicious users to have unspecified impact via unknown vectors.
Apt-listbugs Project Apt-listbugs -
Debian Debian Linux 8.0
Debian Debian Linux 7.0
NA
CVE-2013-1064
apt-xapian-index prior to 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1...
Canonical Apt-xapian-index 0.44ubuntu7.1
Canonical Apt-xapian-index 0.44ubuntu5.1
Canonical Apt-xapian-index
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
NA
CVE-2014-7206
The changelog command in Apt prior to 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
Debian Apt 1.0.9
Debian Advanced Package Tool
Debian Apt 0.9.7.9
Debian Advanced Package Tool 1.0.8
NA
CVE-2005-2214
apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords.
Debian Apt-setup
NA
CVE-2008-0302
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges prior to 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory.
Debian Apt-listchanges
5.5
CVSSv3
CVE-2020-15709
Versions of add-apt-repository prior to 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1, printed a PPA (personal package archive) description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpecte...
Canonical Add-apt-repository
NA
CVE-2014-4510
Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Debian Apt-cacher 0.7.26
NA
CVE-2003-0843
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and previous versions, and possibly later official versions, when running in debug mode and using the Apache log, allows remote malicious users to execute arbitrary code via format string characters in an HTTP ...
Dag Apt Repository Mod Gzip
NA
CVE-2003-0842
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and previous versions, and possibly later official versions, when running in debug mode, allows remote malicious users to execute arbitrary code via a long filename in a GET request with an "Accept-Encodin...
Dag Apt Repository Mod Gzip 1.3.26.1a
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »