Vulnerabilities > Debian > Debian Linux > 5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-06 | CVE-2010-2471 | Open Redirect vulnerability in multiple products Drupal versions 5.x and 6.x has open redirection | 5.8 |
2019-11-06 | CVE-2011-4900 | Information Exposure vulnerability in multiple products TYPO3 before 4.5.4 allows Information Disclosure in the backend. | 4.0 |
2019-11-05 | CVE-2010-3674 | Cross-site Scripting vulnerability in multiple products TYPO3 before 4.4.1 allows XSS in the frontend search box. | 4.3 |
2019-10-30 | CVE-2010-0747 | Incorrect Permission Assignment for Critical Resource vulnerability in Linbit Drbd8 2.6.26 drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725. | 4.6 |
2018-11-12 | CVE-2018-19200 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in uriparser before 0.9.0. | 5.0 |
2012-02-01 | CVE-2012-0449 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. | 9.3 |
2012-02-01 | CVE-2012-0444 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. | 10.0 |
2012-02-01 | CVE-2012-0442 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 9.3 |
2011-12-25 | CVE-2011-4862 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. network low complexity gnu heimdal-project mit freebsd fedoraproject debian opensuse suse CWE-120 critical | 10.0 |
2011-12-24 | CVE-2011-4362 | Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. | 5.0 |