Total
9187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7253 | 3 Canonical, Debian, Wavpack | 3 Ubuntu Linux, Debian Linux, Wavpack | 2019-12-20 | 6.8 MEDIUM | 7.8 HIGH |
| The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file. | |||||
| CVE-2018-7254 | 2 Debian, Wavpack | 2 Debian Linux, Wavpack | 2019-12-20 | 6.8 MEDIUM | 7.8 HIGH |
| The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file. | |||||
| CVE-2014-2387 | 3 Debian, Opensuse, Pen Project | 3 Debian Linux, Opensuse, Pen | 2019-12-19 | 4.6 MEDIUM | 4.4 MEDIUM |
| Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities | |||||
| CVE-2014-3495 | 2 Debian, Opensuse | 3 Debian Linux, Duplicity, Opensuse | 2019-12-19 | 5.0 MEDIUM | 7.5 HIGH |
| duplicity 0.6.24 has improper verification of SSL certificates | |||||
| CVE-2014-8650 | 2 Debian, Requests-kerberos Project | 2 Debian Linux, Requests-kerberos | 2019-12-19 | 7.5 HIGH | 9.8 CRITICAL |
| python-requests-Kerberos through 0.5 does not handle mutual authentication | |||||
| CVE-2014-4913 | 2 Debian, Zend | 2 Debian Linux, Zend Framework | 2019-12-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| ZF2014-03 has a potential cross site scripting vector in multiple view helpers | |||||
| CVE-2014-8561 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2019-12-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| imagemagick 6.8.9.6 has remote DOS via infinite loop | |||||
| CVE-2012-2130 | 3 Debian, Fedoraproject, Polarssl | 3 Debian Linux, Fedora, Polarssl | 2019-12-18 | 5.8 MEDIUM | 7.4 HIGH |
| A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. | |||||
| CVE-2012-1105 | 3 Apereo, Debian, Fedoraproject | 3 Phpcas, Debian Linux, Fedora | 2019-12-17 | 2.1 LOW | 5.5 MEDIUM |
| An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner. | |||||
| CVE-2008-4098 | 4 Canonical, Debian, Mysql and 1 more | 4 Ubuntu Linux, Debian Linux, Mysql and 1 more | 2019-12-17 | 4.6 MEDIUM | N/A |
| MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097. | |||||
| CVE-2008-0226 | 6 Apple, Canonical, Debian and 3 more | 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more | 2019-12-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp. | |||||
| CVE-2012-1577 | 3 Debian, Dietlibc Project, Openbsd | 3 Debian Linux, Dietlibc, Openbsd | 2019-12-17 | 7.5 HIGH | 9.8 CRITICAL |
| lib/libc/stdlib/random.c in OpenBSD returns 0 when seeded with 0. | |||||
| CVE-2004-0836 | 2 Debian, Oracle | 2 Debian Linux, Mysql | 2019-12-17 | 10.0 HIGH | N/A |
| Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | |||||
| CVE-2013-4158 | 3 Debian, Fedoraproject, Smokeping | 3 Debian Linux, Fedora, Smokeping | 2019-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) | |||||
| CVE-2013-7370 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Openshift and 1 more | 2019-12-17 | 4.3 MEDIUM | 6.1 MEDIUM |
| node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | |||||
| CVE-2008-2079 | 4 Canonical, Debian, Mysql and 1 more | 4 Ubuntu Linux, Debian Linux, Mysql and 1 more | 2019-12-17 | 4.6 MEDIUM | N/A |
| MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future. | |||||
| CVE-2013-4133 | 2 Debian, Kde | 2 Debian Linux, Kde-workspace | 2019-12-17 | 7.8 HIGH | 7.5 HIGH |
| kde-workspace before 4.10.5 has a memory leak in plasma desktop | |||||
| CVE-2015-7697 | 3 Canonical, Debian, Unzip Project | 3 Ubuntu Linux, Debian Linux, Unzip | 2019-12-16 | 4.3 MEDIUM | N/A |
| Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. | |||||
| CVE-2014-9636 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2019-12-16 | 5.0 MEDIUM | N/A |
| unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. | |||||
| CVE-2015-7696 | 3 Canonical, Debian, Unzip Project | 3 Ubuntu Linux, Debian Linux, Unzip | 2019-12-16 | 6.8 MEDIUM | N/A |
| Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value. | |||||