debian_linux vulnerabilities and exploits

6.6
CVSSv2
CVE-2014-2312

The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid....

7.5
CVSSv2
CVE-2018-20721

URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address....

5
CVSSv2
CVE-1999-0939

Denial of service in Debian IRC Epic/epic4 client via a long string....

6.8
CVSSv2
CVE-2018-7438

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function....

5
CVSSv2
CVE-2017-8819

In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to...

4.3
CVSSv2
CVE-2010-5312

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option....

DebianDebian Linux
3.6
CVSSv2
CVE-2006-1753

A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file....

2.1
CVSSv2
CVE-2019-9706

Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (use-after-free and daemon crash) because of a force_rescan_user error....

2.1
CVSSv2
CVE-1999-0732

The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links....

5
CVSSv2
CVE-1999-0742

The Debian mailman package uses weak authentication, which allows attackers to gain privileges....