Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian apt 1.0.9 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-0488
APT prior to 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote malicious users to have unspecified impact via crafted repository data.
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
668
VMScore
CVE-2014-0490
The apt-get download command in APT prior to 1.0.9 does not properly validate signatures for packages, which allows remote malicious users to execute arbitrary code via a crafted package.
Debian Advanced Package Tool
Debian Advanced Package Tool 1.0.6
Debian Advanced Package Tool 1.0.5
Debian Advanced Package Tool 1.0.4
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
668
VMScore
CVE-2014-0487
APT prior to 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
1 Article
668
VMScore
CVE-2014-0489
APT prior to 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote malicious users to execute arbitrary code via a crafted package.
Debian Advanced Package Tool 1.0.5
Debian Advanced Package Tool 1.0.3
Debian Advanced Package Tool 1.0.7
320
VMScore
CVE-2014-7206
The changelog command in Apt prior to 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file.
Debian Apt 1.0.9
Debian Advanced Package Tool
Debian Apt 0.9.7.9
Debian Advanced Package Tool 1.0.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started