Filtered by vendor Debian
Subscriptions
Filtered by product Debian Linux
Subscriptions
Total
9123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2625 | 3 Debian, Opensuse, Otrs | 5 Debian Linux, Opensuse, Faq and 2 more | 2024-11-21 | 6.5 Medium |
| An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified | ||||
| CVE-2013-2600 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2024-11-21 | 7.5 High |
| MiniUPnPd has information disclosure use of snprintf() | ||||
| CVE-2013-2255 | 3 Debian, Openstack, Redhat | 4 Debian Linux, Compute, Keystone and 1 more | 2024-11-21 | 5.9 Medium |
| HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. | ||||
| CVE-2013-2227 | 2 Debian, Glpi-project | 2 Debian Linux, Glpi | 2024-11-21 | 7.5 High |
| GLPI 0.83.7 has Local File Inclusion in common.tabs.php. | ||||
| CVE-2013-2167 | 3 Debian, Openstack, Redhat | 3 Debian Linux, Python-keystoneclient, Openstack | 2024-11-21 | 9.8 Critical |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass | ||||
| CVE-2013-2166 | 4 Debian, Fedoraproject, Openstack and 1 more | 4 Debian Linux, Fedora, Python-keystoneclient and 1 more | 2024-11-21 | 9.8 Critical |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass | ||||
| CVE-2013-2106 | 2 Debian, Stanford | 2 Debian Linux, Webauth | 2024-11-21 | 7.5 High |
| webauth before 4.6.1 has authentication credential disclosure | ||||
| CVE-2013-2024 | 2 Call-cc, Debian | 2 Chicken, Debian Linux | 2024-11-21 | 8.8 High |
| OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0. | ||||
| CVE-2013-2016 | 3 Debian, Novell, Qemu | 4 Debian Linux, Open Desktop Server, Open Enterprise Server and 1 more | 2024-11-21 | 7.8 High |
| A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host. | ||||
| CVE-2013-2012 | 2 Autojump Project, Debian | 2 Autojump, Debian Linux | 2024-11-21 | 7.3 High |
| autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory. | ||||
| CVE-2013-1951 | 3 Debian, Linux, Mediawiki | 3 Debian Linux, Linux Kernel, Mediawiki | 2024-11-21 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names. | ||||
| CVE-2013-1934 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 5.4 Medium |
| A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script or HTML via a complex value. | ||||
| CVE-2013-1910 | 2 Baseurl, Debian | 2 Yum, Debian Linux | 2024-11-21 | 9.8 Critical |
| yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | ||||
| CVE-2013-1817 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | ||||
| CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | ||||
| CVE-2013-1811 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 4.3 Medium |
| An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | ||||
| CVE-2013-1809 | 2 Debian, Gambas Project | 2 Debian Linux, Gambas | 2024-11-21 | 7.5 High |
| Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | ||||
| CVE-2013-1429 | 2 Canonical, Debian | 3 Ubuntu Linux, Debian Linux, Lintian | 2024-11-21 | 6.3 Medium |
| Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | ||||
| CVE-2013-1425 | 2 Debian, Ldap Git Backup Project | 2 Debian Linux, Ldap Git Backup | 2024-11-21 | 5.5 Medium |
| ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. | ||||
| CVE-2013-0326 | 2 Debian, Openstack | 2 Debian Linux, Nova | 2024-11-21 | 5.5 Medium |
| OpenStack nova base images permissions are world readable | ||||