Every advisory below is enriched with the Vulnetix VDB exploit-intelligence chip (hover a CVE ID in the interactive page to see CVSS, EPSS, KEV status, and PoC maturity).
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
CVEs:CVE-1999-0678
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| apache2 | affected | wolfi | apache2 | — |
| apache2 | affected | chainguard | apache2 | — |
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
CVEs:CVE-1999-0656
| Product | Status | Vendor | Package | Ecosystem |
|---|---|---|---|---|
| linux | affected | chainguard | linux | — |
| linux-aws-6.12 | affected | chainguard | linux-aws-6.12 | — |
| linux-aws-6.18 | affected | chainguard | linux-aws-6.18 | — |
| linux-aws-generic | affected | chainguard | linux-aws-generic | — |
| linux-azure-6.12 | affected | chainguard | linux-azure-6.12 | — |
| linux-azure-6.18 | affected | chainguard | linux-azure-6.18 | — |
| linux-azure-generic | affected | chainguard | linux-azure-generic | — |
| linux-gcp-6.12 | affected | chainguard | linux-gcp-6.12 | — |
| linux-gcp-6.18 | affected | chainguard | linux-gcp-6.18 | — |
| linux-gcp-64k | affected | chainguard | linux-gcp-64k | — |
| linux-gcp-generic | affected | chainguard | linux-gcp-generic | — |
| linux-qemu-6.12 | affected | chainguard | linux-qemu-6.12 | — |
| linux-qemu-6.18 | affected | chainguard | linux-qemu-6.18 | — |
| linux-qemu-generic | affected | chainguard | linux-qemu-generic | — |
| linux-qemu-rc | affected | chainguard | linux-qemu-rc | — |
| linux-vmware-6.18 | affected | chainguard | linux-vmware-6.18 | — |
| linux-vmware-generic | affected | chainguard | linux-vmware-generic | — |
Every CVE above is indexed in the Vulnetix VDB with KEV, EPSS, and PoC maturity. The interactive page surfaces that on hover.