Vulnerabilities > Debian
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-08 | CVE-2008-7291 | Exposure of Resource to Wrong Sphere vulnerability in multiple products gri before 2.12.18 generates temporary files in an insecure way. | 7.5 |
2019-11-07 | CVE-2013-1811 | Improper Input Validation vulnerability in multiple products An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | 4.0 |
2019-11-07 | CVE-2013-1809 | Link Following vulnerability in multiple products Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | 6.4 |
2019-11-07 | CVE-2007-6745 | clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. | 7.5 |
2019-11-07 | CVE-2013-1429 | Link Following vulnerability in multiple products Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | 6.3 |
2019-11-07 | CVE-2007-5743 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. | 4.3 |
2019-11-07 | CVE-2013-1425 | Incorrect Default Permissions vulnerability in multiple products ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. | 5.5 |
2019-11-07 | CVE-2010-2450 | Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. | 5.0 |
2019-11-07 | CVE-2019-3465 | Improper Verification of Cryptographic Signature vulnerability in multiple products Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message. | 8.8 |
2019-11-07 | CVE-2012-0051 | Improper Input Validation vulnerability in multiple products Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval. | 5.8 |