Filtered by vendor Debian
Subscribe
Total
9279 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2079 | 2 Debian, X File Explorer Project | 2 Debian Linux, X File Explorer | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| X File Explorer (aka xfe) might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares. | |||||
| CVE-2014-1936 | 2 Debian, Rc Project | 2 Debian Linux, Rc | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| rc before 1.7.1-5 insecurely creates temporary files. | |||||
| CVE-2014-1935 | 2 9base Project, Debian | 2 9base, Debian Linux | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. | |||||
| CVE-2014-10077 | 2 Debian, I18n Project | 2 Debian Linux, I18n | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash. | |||||
| CVE-2014-10073 | 2 Debian, Wpitchoune | 2 Debian Linux, Psensor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory. | |||||
| CVE-2014-0175 | 3 Debian, Puppet, Redhat | 3 Debian Linux, Marionette Collective, Openshift | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| mcollective has a default password set at install | |||||
| CVE-2014-0083 | 2 Debian, Net-ldap Project | 2 Debian Linux, Net-ldap | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords. | |||||
| CVE-2014-0021 | 3 Chrony Project, Debian, Fedoraproject | 3 Chrony, Debian Linux, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Chrony before 1.29.1 has traffic amplification in cmdmon protocol | |||||
| CVE-2013-7371 | 2 Debian, Sencha | 2 Debian Linux, Connect | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370) | |||||
| CVE-2013-7370 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Openshift and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | |||||
| CVE-2013-7325 | 1 Debian | 2 Debian Linux, Devscripts | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball. | |||||
| CVE-2013-7089 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ClamAV before 0.97.7: dbg_printhex possible information leak | |||||
| CVE-2013-7088 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ClamAV before 0.97.7 has buffer overflow in the libclamav component | |||||
| CVE-2013-7087 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ClamAV before 0.97.7 has WWPack corrupt heap memory | |||||
| CVE-2013-6461 | 3 Debian, Nokogiri, Redhat | 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits | |||||
| CVE-2013-6460 | 3 Debian, Nokogiri, Redhat | 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents | |||||
| CVE-2013-6365 | 3 Debian, Horde, Opensuse | 3 Debian Linux, Groupware, Opensuse | 2024-11-21 | 2.6 LOW | 5.3 MEDIUM |
| Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions | |||||
| CVE-2013-6364 | 2 Debian, Horde | 2 Debian Linux, Groupware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Horde Groupware Webmail Edition has CSRF and XSS when saving search as a virtual address book | |||||
| CVE-2013-6275 | 2 Debian, Horde | 2 Debian Linux, Groupware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php. | |||||
| CVE-2013-5123 | 5 Debian, Fedoraproject, Pypa and 2 more | 6 Debian Linux, Fedora, Pip and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. | |||||