Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-12 | CVE-2010-3439 | Improper Input Validation vulnerability in multiple products It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. | 4.0 |
2019-11-12 | CVE-2010-3438 | Use of Externally-Controlled Format String vulnerability in multiple products libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. | 7.5 |
2019-11-12 | CVE-2010-3359 | Improper Input Validation vulnerability in multiple products If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. | 4.4 |
2019-11-12 | CVE-2012-1572 | Resource Exhaustion vulnerability in multiple products OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space | 5.0 |
2019-11-12 | CVE-2019-18848 | Improper Authentication vulnerability in multiple products The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. | 5.0 |
2019-11-12 | CVE-2011-3618 | Link Following vulnerability in multiple products atop: symlink attack possible due to insecure tempfile handling | 4.6 |
2019-11-12 | CVE-2011-2897 | Improper Input Validation vulnerability in multiple products gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw | 7.5 |
2019-11-11 | CVE-2019-18849 | Out-of-bounds Read vulnerability in multiple products In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup. | 5.5 |
2019-11-09 | CVE-2009-3614 | Improper Input Validation vulnerability in multiple products liboping 1.3.2 allows users reading arbitrary files upon the local system. | 2.1 |
2019-11-08 | CVE-2019-14824 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. | 6.5 |