Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-26 | CVE-2011-3632 | Link Following vulnerability in multiple products Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. | 3.6 |
| 2019-11-26 | CVE-2011-3631 | Integer Overflow or Wraparound vulnerability in multiple products Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. | 6.8 |
| 2019-11-26 | CVE-2011-3630 | Out-of-bounds Write vulnerability in multiple products Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. | 6.8 |
| 2019-11-26 | CVE-2011-3617 | Incorrect Authorization vulnerability in multiple products Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases. | 5.5 |
| 2019-11-26 | CVE-2011-3596 | Reachable Assertion vulnerability in multiple products Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. | 5.0 |
| 2019-11-26 | CVE-2011-3374 | Improper Verification of Cryptographic Signature vulnerability in Debian Advanced Package Tool and Debian Linux It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. | 4.3 |
| 2019-11-25 | CVE-2012-6639 | Improper Privilege Management vulnerability in multiple products An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. | 9.0 |
| 2019-11-25 | CVE-2019-19246 | Out-of-bounds Read vulnerability in multiple products Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. | 7.5 |
| 2019-11-25 | CVE-2015-1396 | Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. | 6.4 |
| 2019-11-25 | CVE-2012-5644 | Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory | 4.9 |