Debian: >> Debian Linux >> 8.0 Security Vulnerabilities
Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.
CVSS Score
7.5
EPSS Score
0.139
Published
2019-11-26
An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
CVSS Score
8.8
EPSS Score
0.012
Published
2019-11-25
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-11-25
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
CVSS Score
7.5
EPSS Score
0.037
Published
2019-11-25
libuser has information disclosure when moving user's home directory
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-25
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-25
Buffer overflow in CHICKEN 4.9.0 and 4.9.0.1 may allow remote attackers to execute arbitrary code via the 'select' function.
CVSS Score
9.8
EPSS Score
0.169
Published
2019-11-22
generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-11-22
An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.
CVSS Score
8.8
EPSS Score
0.43
Published
2019-11-22
PostfixAdmin 2.3.4 has multiple XSS vulnerabilities
CVSS Score
6.1
EPSS Score
0.006
Published
2019-11-22