debian_linux vulnerabilities and exploits

6.6
CVSSv2
CVE-2014-2312

The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid....

6.8
CVSSv2
CVE-2018-7439

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function read_mini_biff_next_record....

5
CVSSv2
CVE-1999-0939

Denial of service in Debian IRC Epic/epic4 client via a long string....

4.3
CVSSv2
CVE-2010-5312

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option....

DebianDebian Linux
5
CVSSv2
CVE-2017-8819

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to...

7.8
CVSSv2
CVE-2017-11409

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type....

10
CVSSv2
CVE-1999-0730

The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack....

DebianDebian Linux
5
CVSSv2
CVE-2018-15501

In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS....

5
CVSSv2
CVE-2017-8820

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed...

3.6
CVSSv2
CVE-2006-1753

A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file....