Vulnerabilities > Debian > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-08 | CVE-2008-1945 | QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. | 2.1 |
| 2008-04-17 | CVE-2008-1877 | Permissions, Privileges, and Access Controls vulnerability in Debian TSS 0.8.1/0.8.2/0.8.3 tss 0.8.1 allows local users to read arbitrary files via the -a parameter, which is processed while tss is running with privileges. | 2.1 |
| 2008-03-31 | CVE-2008-1569 | Link Following vulnerability in Policyd-Weight policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket. | 3.3 |
| 2007-12-18 | CVE-2007-6418 | Information Exposure vulnerability in Debian Linux The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments. | 2.1 |
| 2007-11-05 | CVE-2007-5827 | Permissions, Privileges, and Access Controls vulnerability in Iscsitarget 0.4.15 iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords. | 2.1 |
| 2007-10-04 | CVE-2007-5207 | Link Following vulnerability in Debian Guilt 0.27 guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID] temporary file. | 3.3 |
| 2007-08-27 | CVE-2007-2797 | Unspecified vulnerability in Xterm 1927.El4/2083.1 xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals. | 2.1 |
| 2007-07-03 | CVE-2007-2837 | Unspecified vulnerability in Fireflier 1.1.6 The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file. | 3.6 |
| 2007-06-11 | CVE-2007-2875 | Numeric Errors vulnerability in Linux Kernel Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. | 2.1 |
| 2007-05-02 | CVE-2007-1366 | QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error. | 2.1 |