CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0302
https://notcve.org/view.php?id=CVE-2008-0302
Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory. Vulnerabilidad de ruta de búsqueda no confiable en apt-listchanges.py de apt-listchanges versiones anteriores a 2.82 permite a usuarios locales ejecutar código de su elección mediante un programa apt-listchanges malicioso en el directorio actual de trabajo. • http://git.madism.org/?p=apt-listchanges.git%3Ba=commitdiff%3Bh=1bcfbf3dc55413bb83a1782dc9a54515a963fb32 http://packages.debian.org/changelogs/pool/main/a/apt-listchanges/apt-listchanges_2.82/changelog http://secunia.com/advisories/28513 http://secunia.com/advisories/28574 http://www.debian.org/security/2008/dsa-1465 http://www.securityfocus.com/bid/27331 http://www.ubuntu.com/usn/usn-572-1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1854
https://notcve.org/view.php?id=CVE-2005-1854
Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. Vulnerabilidad desconocida en apt-catcher en Debian 3.1 relacionada con "missing input sanitising", permite que atacantes remotos ejecuten código arbitrario en el servidor donde se cachea. • http://secunia.com/advisories/16327 http://www.debian.org/security/2005/dsa-772 http://www.securityfocus.com/bid/14459 https://exchange.xforce.ibmcloud.com/vulnerabilities/21664 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2214
https://notcve.org/view.php?id=CVE-2005-2214
apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305142 http://secunia.com/advisories/15955 http://www.securityfocus.com/bid/14173 •