Total
9187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7439 | 3 Canonical, Debian, X.org | 4 Ubuntu Linux, Debian Linux, Libx11 and 1 more | 2016-10-18 | 7.5 HIGH | N/A |
| Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. | |||||
| CVE-2004-1076 | 2 Atari800, Debian | 2 Atari800, Debian Linux | 2016-10-18 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. | |||||
| CVE-2003-0385 | 1 Debian | 1 Debian Linux | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | |||||
| CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2016-10-18 | 4.6 MEDIUM | N/A |
| Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | |||||
| CVE-2002-1232 | 3 Debian, Hp, Redhat | 3 Debian Linux, Secure Os, Linux | 2016-10-18 | 5.0 MEDIUM | N/A |
| Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | |||||
| CVE-2001-0112 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2016-10-18 | 7.2 HIGH | N/A |
| Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. | |||||
| CVE-2000-0315 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2016-10-18 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | |||||
| CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2016-10-18 | 2.1 LOW | N/A |
| nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | |||||
| CVE-2000-0112 | 1 Debian | 1 Debian Linux | 2016-10-18 | 7.2 HIGH | N/A |
| The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2016-10-18 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-1999-1411 | 1 Debian | 1 Debian Linux | 2016-10-18 | 7.5 HIGH | N/A |
| The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | |||||
| CVE-1999-1330 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. | |||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
| CVE-2015-8875 | 2 Debian, Gnome | 2 Debian Linux, Gdk-pixbuf | 2016-10-05 | 6.8 MEDIUM | 7.8 HIGH |
| Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. | |||||
| CVE-2016-6801 | 2 Apache, Debian | 2 Jackrabbit, Debian Linux | 2016-10-04 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authentication of unspecified victims for requests that create a resource via an HTTP POST request with a (1) missing or (2) crafted Content-Type header. | |||||
| CVE-2014-8601 | 2 Debian, Powerdns | 2 Debian Linux, Recursor | 2016-09-06 | 5.0 MEDIUM | N/A |
| PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. | |||||
| CVE-2012-6684 | 2 Debian, Redcloth | 2 Debian Linux, Redcloth Library | 2016-09-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI. | |||||
| CVE-2014-1829 | 4 Canonical, Debian, Mageia and 1 more | 4 Ubuntu Linux, Debian Linux, Mageia and 1 more | 2016-08-30 | 5.0 MEDIUM | N/A |
| Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request. | |||||
| CVE-2014-7204 | 3 Canonical, Debian, Mageia | 4 Ubuntu Linux, Debian Linux, Exuberant Ctags and 1 more | 2016-08-30 | 5.0 MEDIUM | N/A |
| jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file. | |||||
| CVE-2013-6892 | 2 Debian, Websvn | 2 Debian Linux, Websvn | 2016-08-26 | 3.5 LOW | N/A |
| WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit. | |||||