Lucene search
K

82 matches found

Debian
Debian
added 2021/10/15 12:36 a.m.11 views

RM: calibre/buster-backports -- ROM; no security support; bpo10s of a newer version are impossible

Dear Backports admins, I am requesting the removal of calibre from buster-backports, because it has no security support and because newer versions of Calibre depend on a newer Qt version that cannot be backported. I delayed this request until Bullseye was released, so that users would have a...

1.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/09/27 12:0 a.m.5 views

PT-2021-24281 · Nix +1 · Nix +1

Name of the Vulnerable Software and Affected Versions: nix crate versions 0.16.0 through 0.20.1 nix crate versions 0.21.x before 0.21.2 nix crate versions 0.22.x before 0.22.2 Description: An issue was discovered in the nix crate where the nix::unistd::getgrouplist function can call the libc...

9.8CVSS9.5AI score0.0165EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2021/04/11 12:0 a.m.5 views

PT-2021-17973 · Rust +6 · Rust +6

Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.51.0 Description: The issue arises from the Zip implementation in the standard library, which calls iterator get unchecked for the same index more than once when nested. This can lead to a memory safety violation due ...

9.8CVSS6.9AI score0.0289EPSS
Exploits7References53
Oracle linux
Oracle linux
added 2021/03/05 12:0 a.m.145 views

container-tools:1.0 security update

buildah 1.5-8.gite94b4f9.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.5-8.gite94b4f9 - bump release to preserve upgrade path - Related: 1821193 1.5-4.gite94b4f9 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build proces...

9.3CVSS8.2AI score0.9857EPSS
Exploits37
OSV
OSV
added 2021/02/11 10:15 a.m.4 views

CVE-2021-20335

For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager versions prior to and including 4.4.12 triggers a bug where Automation thinks SSL is being turned off, and c...

4.6CVSS5.8AI score0.00139EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/12/09 12:0 a.m.6 views

PT-2020-19565 · Mcafee · Mcafee Database Security Server/Sensor

Name of the Vulnerable Software and Affected Versions: McAfee Database Security Server and Sensor versions prior to 4.8.0 Description: The issue is related to the use of a broken or risky cryptographic algorithm in the form of a SHA1 signed certificate. This could allow an attacker on the same...

6.3CVSS6AI score0.00172EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2020/08/13 12:0 a.m.26 views

Debian DLA-2324-1 : linux-latest-4.19 new package

Linux 4.19 has been packaged for Debian 9 as linux-4.19. This provides a supported upgrade path for systems that currently use kernel packages from the 'stretch-backports' suite. However, 'apt full-upgrade' will not automatically install the updated kernel packages. You should explicitly install...

5.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/08/12 12:0 a.m.17 views

Debian DLA-2321-1 : firmware-nonfree new upstream version

The firmware-nonfree package has been updated to include additional firmware that may be requested by some drivers in Linux 4.19. Along with additional kernel packages that will be announced later, this will provide a supported upgrade path for systems that currently use kernel and firmware...

5.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/07/02 12:0 a.m.3 views

PT-2020-10434 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.4.2 Description: The issue allows remote attackers to enumerate internal services via an Information Disclosure vulnerability. This is only exploitable if WebSudo is disabled in Jira...

6.5AI score
Exploits0References3
Oracle linux
Oracle linux
added 2020/02/17 12:0 a.m.105 views

virt:ol security update

hivex libguestfs 1:1.38.4-14.0.1 - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.38.4-14 - v2v: use -T as argument of scp when copying vmx files via ssh resolves: rhbz1738886 Fri Jun 28 2019 Danilo de Paula - Rebuild all virt package...

9.8CVSS8.5AI score0.60631EPSS
Exploits7
Oracle linux
Oracle linux
added 2019/08/19 12:0 a.m.79 views

subversion:1.10 security update

libserf 1.3.9-9 - Resolves: 1696354 - Ensure modular RPM upgrade path subversion 1.10.2-2 - rebuild to ensure NVR ordering 1696354 1.10.2-1.1 - Resolves: 1733442 - CVE-2019-0203 subversion:1.10/subversion: remote unauthenticated denial-of-service in subversion svnserve utf8proc 2.1.1-5 - Resolves...

7.5CVSS3.7AI score0.0344EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2019/02/01 12:0 a.m.2 views

PT-2019-11534 · Gitea +1 · Gitea +1

Name of the Vulnerable Software and Affected Versions: Gitea versions 1.7.0 and earlier Description: The issue allows an attacker to execute arbitrary JavaScript in a victim's browser through a Cross Site Scripting XSS attack. This is achieved by having the victim open a specifically crafted URL,...

6.1CVSS6.2AI score0.0084EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.26 views

Debian DLA-1424-1 : linux-latest-4.9 new package

Linux 4.9 has been packaged for Debian 8 as linux-4.9. This provides a supported upgrade path for systems that currently use kernel packages from the 'jessie-backports' suite. However, 'apt full-upgrade' will not automatically install the updated kernel packages. You should explicitly install one...

5.4AI score
Exploits0References2
0day.today
0day.today
added 2017/05/11 12:0 a.m.75 views

Apache Cordova Android 5.2.2 Information Leak Vulnerability

Apache Cordova Android versions 5.2.2 and below suffer from an internal system information leak. CVE-2016-6799: Internal system information leak Severity: High Vendor: The Apache Software Foundation Versions Affected: Cordova Android 5.2.2 and below Description: The application calls methods of t...

5CVSS0.02582EPSS
Exploits1
F5 Networks
F5 Networks
added 2016/09/07 12:0 a.m.51 views

SOL05016441 - Oracle Java vulnerability CVE-2016-3508

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.3CVSS1.9AI score0.04797EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/11/17 12:0 a.m.39 views

Fedora 21 : GraphicsMagick-1.3.20-3.fc21 (2014-14617)

Fix for psd security issue, and upgrade path to f21. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.8CVSS7.6AI score0.07024EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2012/06/15 12:0 a.m.15 views

Fedora 16 : nut-2.6.3-4.fc16 (2012-8729)

fix heap-based buffer overflow due improper processing of non-printable characters in random network data CVE-2012-2944 - no change, just updated release number to fix upgrade path Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

7.5CVSS5.6AI score0.06243EPSS
Exploits1References3
0day.today
0day.today
added 2012/06/07 12:0 a.m.33 views

Wordpress MM Forms plugin file upload vulnerability

Exploit for php platform in category web applications +----------------------------------------------------------------------+ Exploit Title: wordpress mmforms plugin file upload vulnerability Google Dork: inurl:/wp-content/plugins/mm-forms/ Date: 07/06/2012 Author: Tunisian spl01t3r Software Lin...

7.1AI score
Exploits0
Atlassian
Atlassian
added 2010/11/25 11:42 p.m.17 views

Implement salting of user passwords

Salting and Hashing of user passwords will require us to provide an upgrade path for users since all existing passwords will become invalid. This change should use the atlassian-security password encode library SEC-1...

1.7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/11/15 12:0 a.m.19 views

Fedora 13 : gromacs-4.5.2-2.fc13 (2010-17256)

Fix upgrade path issue caused by branching of libs. Upgrade to 4.5.2, fixing CVE-2010-4001 and a bunch of other bugs. See full release notes at http://www.gromacs.org/AboutGromacs/ReleaseNotes/Versions4.5.x . Note that Tenable Network Security has extracted the preceding description block directl...

4.6CVSS5.4AI score0.00345EPSS
Exploits0References4
Rows per page
Query Builder