Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5208 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2019-5209 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2018-12380 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-17009. Reason: This candidate is a duplicate of CVE-2019-17009. Notes: All CVE users should reference CVE-2019-17009 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2019-11981 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11984. Reason: This candidate is a duplicate of CVE-2019-11984. Notes: All CVE users should reference CVE-2019-11984 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2018-18514 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-18515 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-18516 | 2020-01-09 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2012-3955 | 3 Canonical, Debian, Isc | 3 Ubuntu Linux, Debian Linux, Dhcp | 2020-01-08 | 7.1 HIGH | N/A |
| ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. | |||||
| CVE-2011-2748 | 3 Canonical, Debian, Isc | 3 Ubuntu Linux, Debian Linux, Dhcp | 2020-01-08 | 7.8 HIGH | N/A |
| The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. | |||||
| CVE-2014-0478 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 4.0 MEDIUM | N/A |
| APT before 1.0.4 does not properly validate source packages, which allows man-in-the-middle attackers to download and install Trojan horse packages by removing the Release signature. | |||||
| CVE-2014-0487 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 7.5 HIGH | N/A |
| APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors. | |||||
| CVE-2014-0488 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 6.8 MEDIUM | N/A |
| APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote attackers to have unspecified impact via crafted repository data. | |||||
| CVE-2014-0489 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 7.5 HIGH | N/A |
| APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package. | |||||
| CVE-2014-0490 | 2 Debian, Linux | 2 Advanced Package Tool, Linux Kernel | 2020-01-08 | 7.5 HIGH | N/A |
| The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package. | |||||
| CVE-2014-6273 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 6.8 MEDIUM | N/A |
| Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted URL. | |||||
| CVE-2014-7206 | 1 Debian | 2 Advanced Package Tool, Apt | 2020-01-08 | 3.6 LOW | N/A |
| The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a symlink attack on the changelog file. | |||||
| CVE-2012-0954 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 2.6 LOW | N/A |
| APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install altered packages via a man-in-the-middle (MITM) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3587. | |||||
| CVE-2012-0961 | 1 Debian | 2 Advanced Package Tool, Apt | 2020-01-08 | 2.1 LOW | N/A |
| Apt 0.8.16~exp5ubuntu13.x before 0.8.16~exp5ubuntu13.6, 0.8.16~exp12ubuntu10.x before 0.8.16~exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by reading the log file. | |||||
| CVE-2012-3587 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 2.6 LOW | N/A |
| APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the apt-key net-update to import keyrings, relies on GnuPG argument order and does not check GPG subkeys, which might allow remote attackers to install Trojan horse packages via a man-in-the-middle (MITM) attack. | |||||
| CVE-2013-1051 | 2 Canonical, Debian | 3 Ubuntu Linux, Advanced Package Tool, Apt | 2020-01-08 | 4.3 MEDIUM | N/A |
| apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories. | |||||
| CVE-2011-3634 | 2 Canonical, Debian | 2 Ubuntu Linux, Advanced Package Tool | 2020-01-08 | 2.6 LOW | N/A |
| methods/https.cc in apt before 0.8.11 accepts connections when the certificate host name fails validation and Verify-Host is enabled, which allows man-in-the-middle attackers to obtain repository credentials via unspecified vectors. | |||||
| CVE-2009-1300 | 1 Debian | 1 Advanced Package Tool | 2020-01-08 | 10.0 HIGH | N/A |
| apt 0.7.20 does not check when the date command returns an "invalid date" error, which can prevent apt from loading security updates in time zones for which DST occurs at midnight. | |||||
| CVE-2009-1358 | 1 Debian | 2 Advanced Package Tool, Apt | 2020-01-08 | 10.0 HIGH | N/A |
| apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories. | |||||
| CVE-2013-4744 | 1 Phpunit Project | 1 Phpunit | 2020-01-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the PHPUnit extension before 3.5.15 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-1850 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3743. Reason: This candidate is a duplicate of CVE-2014-3743. Notes: All CVE users should reference CVE-2014-3743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
| CVE-2019-17568 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2019-19861 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2019-19862 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2019-19863 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2019-19864 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none. | |||||
| CVE-2019-3468 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-3469 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-3470 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-3471 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-3472 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-3473 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2018-1300 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2018-1326 | 2020-01-06 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none. | |||||
| CVE-2013-3621 | 2020-01-02 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-3607. Reason: This candidate is a reservation duplicate of CVE-2013-3607. Notes: All CVE users should reference CVE-2013-3607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2004-0804 | 1 Libtiff | 1 Libtiff | 2019-12-31 | 4.3 MEDIUM | N/A |
| Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. | |||||
| CVE-2016-1000021 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10538. Reason: This candidate is a duplicate of CVE-2016-10538. Notes: All CVE users should reference CVE-2016-10538 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2019-4763 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4764 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4765 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4766 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4767 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4768 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4769 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4770 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||
| CVE-2019-4771 | 2019-12-30 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none. | |||||