Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Filtered by product Debian Linux
Total 9159 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1331 2 Debian, Progeny 2 Debian Linux, Debian 2025-04-03 1.2 LOW N/A
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.
CVE-2001-0441 3 Debian, Mandrakesoft, Redhat 4 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 1 more 2025-04-03 7.5 HIGH N/A
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
CVE-2005-3624 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2025-04-03 5.0 MEDIUM N/A
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVE-2001-0111 2 Debian, Sam Lantinga 2 Debian Linux, Splitvt 2025-04-03 7.2 HIGH N/A
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
CVE-2004-0835 3 Debian, Mysql, Oracle 3 Debian Linux, Mysql, Mysql 2025-04-03 7.5 HIGH N/A
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
CVE-1999-0368 7 Caldera, Debian, Proftpd Project and 4 more 8 Openlinux, Debian Linux, Proftpd and 5 more 2025-04-03 10.0 HIGH N/A
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVE-2001-1561 2 Debian, John Bovey 2 Debian Linux, Xvt 2025-04-03 7.2 HIGH N/A
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
CVE-2004-0594 6 Avaya, Debian, Hp and 3 more 6 Converged Communications Server, Debian Linux, Hp-ux and 3 more 2025-04-03 5.1 MEDIUM N/A
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
CVE-2005-0102 2 Debian, Gnome 2 Debian Linux, Evolution 2025-04-03 7.2 HIGH 9.8 CRITICAL
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.
CVE-2005-2456 2 Debian, Linux 2 Debian Linux, Linux Kernel 2025-04-03 2.1 LOW 5.5 MEDIUM
Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array.
CVE-2004-1076 2 Atari800, Debian 2 Atari800, Debian Linux 2025-04-03 7.2 HIGH N/A
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.
CVE-2004-0579 2 Debian, William Deich 2 Debian Linux, Super 2025-04-03 7.2 HIGH N/A
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
CVE-2003-0358 3 Debian, Falconseye Project, Nethack 3 Debian Linux, Falconseye, Nethack 2025-04-03 4.6 MEDIUM N/A
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
CVE-2000-0314 5 Debian, Digital, Netbsd and 2 more 5 Debian Linux, Unix, Netbsd and 2 more 2025-04-03 5.0 MEDIUM N/A
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
CVE-2002-0392 2 Apache, Debian 2 Http Server, Debian Linux 2025-04-03 7.5 HIGH N/A
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
CVE-2001-0755 1 Debian 1 Debian Linux 2025-04-03 7.5 HIGH N/A
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
CVE-2001-0690 4 Conectiva, Debian, Redhat and 1 more 4 Linux, Debian Linux, Linux and 1 more 2025-04-03 7.5 HIGH N/A
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
CVE-2001-0195 1 Debian 1 Debian Linux 2025-04-03 2.1 LOW 7.8 HIGH
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
CVE-1999-1276 2 Debian, Linux 2 Debian Linux, Linux Kernel 2025-04-03 7.2 HIGH N/A
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
CVE-2004-0996 4 Cscope, Debian, Gentoo and 1 more 4 Cscope, Debian Linux, Linux and 1 more 2025-04-03 2.1 LOW N/A
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.