Home/Product/devscripts devel team devscripts
Product

devscripts devel team devscripts

18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-8454
all versions
It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collec
9.8CRITICAL
 CVE-2013-7325
< 2.13.19
An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafte
8.8HIGH
 CVE-2018-13043
<= 2.18.3
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck i
9.8CRITICAL
 CVE-2015-5704
<= 2.15.6
scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
7.8HIGH
 CVE-2015-5705
<= 2.15.6
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted sym
7.5HIGH
 CVE-2014-1833
all versions
Directory traversal vulnerability in uupdate in devscripts 2.14.1 allows remote attackers to modify arbitrary files via a crafted
 CVE-2013-6888
<= 2.13.8
Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball.
 CVE-2013-7085
all versions
Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace ch
 CVE-2013-7050
<= 2.13.7
The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using USCAN_EXCLUSION, allows remote attack
 CVE-2012-3500
<= 2.12.1
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary
 CVE-2012-2242
<= 2.10.72
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .
 CVE-2012-2241
<= 2.12.2
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .chang
 CVE-2012-2240
<= 2.12.2
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors rel
 CVE-2012-0212
all versions
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via shel
 CVE-2012-0211
all versions
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to execute arbitrary code via a cr
 CVE-2012-0210
all versions
debdiff.pl in devscripts 2.10.x before 2.10.69 and 2.11.x before 2.11.4 allows remote attackers to obtain system information and e
 CVE-2009-2946
all versions
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl c
 CVE-2006-0852
<= 1.2.2
Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh