CVE-2015-1330

EPSS 0.08% · P23 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-1330

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which allows remote man-in-the-middle attackers to upload and execute arbitrary packages via unspecified vectors.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

unattended-upgrades 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

unattended-upgrades是软件开发者Michael Vogt所维护的一个自动安装安全升级的脚本。 unattended-upgrades 0.86.1之前版本中存在安全漏洞，该漏洞源于当程序在DPkg::Options::* apt配置中启用‘force-confold’或‘force-confnew’dpkg选项时，没有正确对程序包执行身份验证。远程攻击者可利用该漏洞实施中间人攻击，上传并执行任意程序包。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-1330

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-1330

请登录查看更多情报信息。

http://metadata.ftp-master.debian.org/changelogs//main/u/unattended-upgrades/unattended-upgrades_0.86.1_changelogx_refsource_CONFIRM
http://www.securitytracker.com/id/1032738vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2015/dsa-3297vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2657-1vendor-advisoryx_refsource_UBUNTU
https://nvd.nist.gov/vuln/detail/CVE-2015-1330

Same Patch Batch · n/a · 2015-07-01 · 17 CVEs total

CVE-2015-5353		Novius OS 目录遍历漏洞
CVE-2015-5354		Novius OS 开放重定向漏洞
CVE-2015-5355		Cagintranet Networks GetSimple CMS 跨站脚本漏洞
CVE-2015-5356		Cagintranet Networks GetSimple CMS 跨站脚本漏洞
CVE-2014-1750		WordPress Nokia Maps & Places插件开放重定向漏洞
CVE-2014-1836		ImpressCMS 绝对路径遍历漏洞
CVE-2015-0848		libwmf 基于堆的缓冲区溢出漏洞
CVE-2015-2141		libcrypto++ 信息泄露漏洞
CVE-2015-3164		XWayland 权限许可和访问控制漏洞
CVE-2015-3204		Libreswan 输入验证漏洞
CVE-2015-4588		libwmf 基于堆的缓冲区溢出漏洞
CVE-2015-4695		libwmf 缓冲区溢出漏洞
CVE-2015-4696		libwmf 释放后重用漏洞
CVE-2015-1950		IBM PowerVC Standard Edition 信任管理漏洞
CVE-2015-1951		IBM Maximo Asset Management 信息泄露漏洞
CVE-2015-1967		IBM WebSphere MQ Explorer 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-1330

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-1330

I. Basic Information for CVE-2015-1330

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-1330

III. Intelligence Information for CVE-2015-1330

Same Patch Batch · n/a · 2015-07-01 · 17 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-1330

Leave a comment