Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Debian Linux  Security Vulnerabilities
CVE-2013-7088
ClamAV before 0.97.7 has buffer overflow in the libclamav component
CVSS Score
9.8
EPSS Score
0.004
Published
2019-11-15
CVE-2013-7089
ClamAV before 0.97.7: dbg_printhex possible information leak
CVSS Score
7.5
EPSS Score
0.005
Published
2019-11-15
CVE-2014-0021
Chrony before 1.29.1 has traffic amplification in cmdmon protocol
CVSS Score
7.5
EPSS Score
0.024
Published
2019-11-15
CVE-2019-18928
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-11-15
CVE-2019-18978
An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
CVSS Score
5.3
EPSS Score
0.008
Published
2019-11-14
CVE-2018-12207
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-14
CVE-2019-11135
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-14
CVE-2019-11139
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
CVSS Score
6.0
EPSS Score
0.001
Published
2019-11-14
CVE-2012-1155
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
CVSS Score
7.5
EPSS Score
0.013
Published
2019-11-14
CVE-2011-1930
In klibc 1.5.20 and 1.5.21, the DHCP options written by ipconfig to /tmp/net-$DEVICE.conf are not properly escaped. This may allow a remote attacker to send a specially crafted DHCP reply which could execute arbitrary code with the privileges of any process which sources DHCP options.
CVSS Score
9.8
EPSS Score
0.29
Published
2019-11-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved