Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2012-1093
The init script in the Debian x11-common package prior to 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian X11-common
641
VMScore
CVE-2004-0793
The calendar program in bsdmainutils 6.0 up to and including 6.0.14 does not drop root privileges when executed with the -a flag, which allows malicious users to execute arbitrary commands via a calendar event file.
Debian Bsdmainutils 6.0.14
Debian Bsdmainutils 6.0.6
Debian Bsdmainutils 6.0.5
Debian Bsdmainutils 6.0.8
Debian Bsdmainutils 6.0.7
Debian Bsdmainutils 6.0
Debian Bsdmainutils 6.0.13
Debian Bsdmainutils 6.0.12
Debian Bsdmainutils 6.0.4
Debian Bsdmainutils 6.0.3
Debian Bsdmainutils 6.0.11
Debian Bsdmainutils 6.0.10
Debian Bsdmainutils 6.0.9
Debian Bsdmainutils 6.0.2
Debian Bsdmainutils 6.0.1
445
VMScore
CVE-2018-5735
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distribution...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
641
VMScore
CVE-1999-0457
Linux ftpwatch program allows local users to gain root privileges.
Debian Debian Linux 1.3.1
Debian Debian Linux 2.0
Debian Debian Linux 1.3
641
VMScore
CVE-2000-0112
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
Debian Debian Linux 2.0
Debian Debian Linux 2.2
Debian Debian Linux 2.1
668
VMScore
CVE-2021-20001
It exists, that debian-edu-config, a set of configuration files used for the Debian Edu blend, prior to 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
Skolelinux Debian-edu-config
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
385
VMScore
CVE-2011-3374
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
Debian Advanced Package Tool
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8 Github repositories
605
VMScore
CVE-2017-17514
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product do...
Nip2 Project Nip2 8.4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
641
VMScore
CVE-2019-3467
Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.
Debian Debian-lan-config
Skolelinux Debian-edu-config
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
383
VMScore
CVE-2015-0840
The dpkg-source command in Debian dpkg prior to 1.16.16 and 1.17.x prior to 1.17.25 allows remote malicious users to bypass signature verification via a crafted Debian source control file (.dsc).
Debian Dpkg 1.17.1
Debian Dpkg 1.17.2
Debian Dpkg 1.17.5
Debian Dpkg 1.17.6
Debian Dpkg 1.17.7
Debian Dpkg 1.17.14
Debian Dpkg 1.17.15
Debian Dpkg 1.17.22
Debian Dpkg 1.17.23
Debian Dpkg
Debian Dpkg 1.17.0
Debian Dpkg 1.17.8
Debian Dpkg 1.17.9
Debian Dpkg 1.17.16
Debian Dpkg 1.17.17
Debian Dpkg 1.17.24
Debian Dpkg 1.17.10
Debian Dpkg 1.17.11
Debian Dpkg 1.17.18
Debian Dpkg 1.17.19
Debian Dpkg 1.17.3
Debian Dpkg 1.17.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »