Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
debian vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2012-1093
The init script in the Debian x11-common package prior to 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian X11-common
NA
CVE-2004-0793
The calendar program in bsdmainutils 6.0 up to and including 6.0.14 does not drop root privileges when executed with the -a flag, which allows malicious users to execute arbitrary commands via a calendar event file.
Debian Bsdmainutils 6.0.14
Debian Bsdmainutils 6.0.6
Debian Bsdmainutils 6.0.5
Debian Bsdmainutils 6.0.8
Debian Bsdmainutils 6.0.7
Debian Bsdmainutils 6.0
Debian Bsdmainutils 6.0.13
Debian Bsdmainutils 6.0.12
Debian Bsdmainutils 6.0.4
Debian Bsdmainutils 6.0.3
Debian Bsdmainutils 6.0.11
Debian Bsdmainutils 6.0.10
Debian Bsdmainutils 6.0.9
Debian Bsdmainutils 6.0.2
Debian Bsdmainutils 6.0.1
NA
CVE-2000-0112
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
Debian Debian Linux 2.0
Debian Debian Linux 2.2
Debian Debian Linux 2.1
7.5
CVSSv3
CVE-2018-5735
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distribution...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
NA
CVE-1999-0457
Linux ftpwatch program allows local users to gain root privileges.
Debian Debian Linux 1.3.1
Debian Debian Linux 2.0
Debian Debian Linux 1.3
9.8
CVSSv3
CVE-2021-20001
It exists, that debian-edu-config, a set of configuration files used for the Debian Edu blend, prior to 2.12.16 configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
Skolelinux Debian-edu-config
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
3.7
CVSSv3
CVE-2011-3374
It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.
Debian Advanced Package Tool
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
8 Github repositories
8.8
CVSSv3
CVE-2017-17514
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product do...
Nip2 Project Nip2 8.4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2019-3467
Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu, and debian-lan-config < 0.26, configured too permissive ACLs for the Kerberos admin server, which allowed password changes for other Kerberos user principals.
Debian Debian-lan-config
Skolelinux Debian-edu-config
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
NA
CVE-2015-0840
The dpkg-source command in Debian dpkg prior to 1.16.16 and 1.17.x prior to 1.17.25 allows remote malicious users to bypass signature verification via a crafted Debian source control file (.dsc).
Debian Dpkg 1.17.1
Debian Dpkg 1.17.2
Debian Dpkg 1.17.5
Debian Dpkg 1.17.6
Debian Dpkg 1.17.7
Debian Dpkg 1.17.14
Debian Dpkg 1.17.15
Debian Dpkg 1.17.22
Debian Dpkg 1.17.23
Debian Dpkg
Debian Dpkg 1.17.0
Debian Dpkg 1.17.8
Debian Dpkg 1.17.9
Debian Dpkg 1.17.16
Debian Dpkg 1.17.17
Debian Dpkg 1.17.24
Debian Dpkg 1.17.10
Debian Dpkg 1.17.11
Debian Dpkg 1.17.18
Debian Dpkg 1.17.19
Debian Dpkg 1.17.3
Debian Dpkg 1.17.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »