Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-01-24 | CVE-2005-0102 | Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. | Debian_linux, Evolution | 9.8 | ||
| 2005-05-11 | CVE-2005-1513 | Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request. | Ubuntu_linux, Debian_linux, Qmail | 9.8 | ||
| 2016-08-07 | CVE-2016-4029 | WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining an intranet address, which allows remote attackers to bypass an intended SSRF protection mechanism via a crafted address. | Debian_linux, Wordpress | 8.6 | ||
| 2020-09-04 | CVE-2019-20916 | The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py. | Debian_linux, Leap, Communications_cloud_native_core_network_function_cloud_native_environment, Communications_cloud_native_core_policy, Pip | 7.5 | ||
| 2007-06-26 | CVE-2007-3409 | Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop. | Ubuntu_linux, Debian_linux, Net\:\:dns | 7.5 | ||
| 2019-08-16 | CVE-2019-15118 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Data_availability_services, H410c_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Leap | 5.5 | ||
| 2004-10-20 | CVE-2004-0772 | Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. | Debian_linux, Kerberos_5, Openpkg | 9.8 | ||
| 2004-09-28 | CVE-2004-0642 | Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | Debian_linux, Kerberos_5, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2005-07-18 | CVE-2005-1689 | Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. | Mac_os_x, Mac_os_x_server, Debian_linux, Kerberos_5 | 9.8 | ||
| 2005-10-17 | CVE-2005-3120 | Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | Debian_linux, Lynx | 9.8 |