Debian ≫ Debian Linux

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping ad...

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriti...

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting ...

nuSOAP before 0.7.3-5 does not properly check the hostname of a cert.

Node-cookie-signature before 1.0.6 is affected by a timing attack due to the type of comparison used.

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

uzbl: Information disclosure via world-readable cookies storage file

Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechan...

surf: cookie jar has read access from other local user