Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2014-01-15 CVE-2014-0437 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. 3.5
3.5
2014-01-15 CVE-2014-0420 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. 2.8
2.8
2014-01-15 CVE-2014-0412 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
network
low complexity
oracle mariadb canonical debian redhat
4.0
4.0
2014-01-15 CVE-2014-0402 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
network
low complexity
oracle mariadb canonical debian redhat
4.0
4.0
2014-01-15 CVE-2014-0401 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.
network
low complexity
oracle mariadb canonical debian redhat
4.0
4.0
2014-01-15 CVE-2014-0386 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
network
low complexity
oracle mariadb canonical debian redhat
4.0
4.0
2014-01-15 CVE-2013-5891 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
network
low complexity
oracle mariadb canonical debian redhat
4.0
4.0
2014-01-07 CVE-2013-4969 Link Following vulnerability in multiple products
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
local
low complexity
puppetlabs puppet debian canonical CWE-59
2.1
2.1
2013-12-23 CVE-2013-6890 Improper Authentication vulnerability in multiple products
denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names.
network
low complexity
debian fedoraproject phil-schwartz CWE-287
5.0
5.0
2013-12-23 CVE-2013-6422 Improper Input Validation vulnerability in multiple products
The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification (CURLOPT_SSL_VERIFYPEER), also disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.
network
high complexity
debian canonical haxx CWE-20
4.0
4.0