CRITICAL9.8CVE-2025-8454It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of s… from 0
CRITICAL9.8CVE-2018-13043scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used wi… from 0, < 2.18.4
HIGH8.8CVE-2013-7325An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball. from 0, < 2.13.9
HIGH7.8scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
from 0, < 2.15.7
HIGH7.5Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and…
from 0, < 2.15.8
—Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted .orig.tar…
from 0, < 2.14.8
—devscripts - arbitrary code execution
from 0, < 2.12.6+deb7u2
—devscripts - arbitrary code execution
from 0, < 2.13.9
—Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character i…
from 0, < 2.13.9
—The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attackers to ex…
from 0, < 2.13.8
—scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via…
from 0, < 2.12.2
—scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes f…
from 0, < 2.12.3
—scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file,…
from 0, < 2.12.3
—devscripts - multiple
from 0, < 2.10.69+squeeze4
—devscripts - multiple
from 0, < 2.12.3
—debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shell metacha…
from 0, < 2.11.4
—debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a crafted tar…
from 0, < 2.11.4
—devscripts - several
from 0, < 2.11.4
—devscripts - several
from 0, < 2.10.69+squeeze2
—devscripts - regression fix
from 0, < 2.9.26etch5
—devscripts - regression fix
from 0, < 2.9.26etch4
—devscripts - regression fix
from 0, < 2.10.54