NotCVE - vendor:"Debian" product:"Debian Linux" version:"7.0"

Page 33 of 2118 results (0.028 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2013-7325

https://notcve.org/view.php?id=CVE-2013-7325

An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball. Existe un problema en uscan en devscripts versiones anteriores a la versión 2.13.19, que podría permitir a un usuario malicioso remoto ejecutar código arbitrario por medio de un tarball especialmente diseñado. • http://www.openwall.com/lists/oss-security/2014/02/12/14 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7325 https://security-tracker.debian.org/tracker/CVE-2013-7325 •

CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 1

CVE-2012-6655

https://notcve.org/view.php?id=CVE-2012-6655

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords. Existe un problema en AccountService versión 0.6.37, en la función user_change_password_authorized_cb() en el archivo user.c, lo que podría permitir a usuarios locales obtener contraseñas cifradas. • http://www.openwall.com/lists/oss-security/2014/08/16/7 http://www.securityfocus.com/bid/69245 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6655 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6655 https://exchange.xforce.ibmcloud.com/vulnerabilities/95325 https://security-tracker.debian.org/tracker/CVE-2012-6655 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 1

CVE-2015-7810

https://notcve.org/view.php?id=CVE-2015-7810

libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files La clase libbluray MountManager presenta una carrera de tiempo de comprobación y tiempo de uso (TOCTOU) cuando se expanden archivos JAR. • http://www.openwall.com/lists/oss-security/2015/10/12/7 http://www.securityfocus.com/bid/72769 https://access.redhat.com/security/cve/cve-2015-7810 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7810 https://security-tracker.debian.org/tracker/CVE-2015-7810 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 1

CVE-2019-14864 – Ansible: Splunk and Sumologic callback plugins leak sensitive data in logs

https://notcve.org/view.php?id=CVE-2019-14864

Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. This would discloses and collects any sensitive data. Ansible, versiones 2.9.x anteriores a la versión 2.9.1, versiones 2.8.x anteriores a la versión 2.8.7 y Ansible versiones 2.7.x anteriores a la versión 2.7.15, no respeta el flag no_log, configurado en True cuando los plugins de devolución de llamada Sumologic y Splunk son usados para enviar eventos de resultados de tareas para coleccionistas. Esto revelaría y recolectaría cualquier información confidencial. A data disclosure flaw was found in Ansible when using the Splunk and Sumologic modules, as they are not respecting when the flag no_log is enabled. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00026.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14864 https://github.com/ansible/ansible/issues/63522 https://github.com/ansible/ansible/pull/63527 https://www.debian.org/security/2021/dsa-4950 https://access.redhat.com/security/cve/CVE-2019-14864 https://bugzilla.redhat.com/show_bug.cgi?id=1764148 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

CVE-2019-10172 – jackson-mapper-asl: XML external entity similar to CVE-2016-3720

https://notcve.org/view.php?id=CVE-2019-10172

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes. Se detectó un fallo en las bibliotecas org.codehaus.jackson:jackson-mapper-asl:1.9.x. Las vulnerabilidades de tipo XML external entity similares a CVE-2016-3720, también afectan a las bibliotecas codehaus jackson-mapper-asl pero en diferentes clases. A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity (XXE) vulnerability affects codehaus's jackson-mapper-asl libraries. • https://github.com/rusakovichma/CVE-2019-10172 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10172 https://lists.apache.org/thread.html/r0066c1e862613de402fee04e81cbe00bcd64b64a2711beb9a13c3b25%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r04ecadefb27cda84b699130b11b96427f1d8a7a4066d8292f7f15ed8%40%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r08e1b73fabd986dcd2ddd7d09480504d1472264bed2f19b1d2002a9c%40%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r0d8c3e32a0a2d8a0b6118f5 • CWE-611: Improper Restriction of XML External Entity Reference •

1...31 32 33 34 35