Debian: >> Debian Linux Security Vulnerabilities
babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary files, allowing a local attacker to overwrite arbitrary files.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-12
An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-11-12
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-12
libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-11-12
It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-11-12
If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account.
CVSS Score
4.8
EPSS Score
0.001
Published
2019-11-12
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-12
atop: symlink attack possible due to insecure tempfile handling
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-12
The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-11-12
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
CVSS Score
9.8
EPSS Score
0.01
Published
2019-11-12