Lucene search
+L

521 matches found

openvas
openvas
added 2023/03/08 12:0 a.m.19 views

Debian: Security Advisory (DLA-1537-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.6AI score0.01086EPSS
Exploits1References3
openvas
openvas
added 2023/03/08 12:0 a.m.5 views

Debian: Security Advisory (DLA-1784)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
nessus
nessus
added 2020/07/02 12:0 a.m.30 views

Debian DLA-2271-1 : coturn security update

In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client an attacker could use their connection to intelligently query coturn to get interesting bytes in the...

7.5CVSS7.2AI score0.01898EPSS
Exploits0References3
openvas
openvas
added 2020/07/01 12:0 a.m.34 views

Debian: Security Advisory (DLA-2266-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS7.4AI score0.00651EPSS
Exploits0References3
nessus
nessus
added 2020/06/30 12:0 a.m.48 views

Debian DLA-2262-1 : qemu security update

Several vulnerabilities were fixed in qemu, a fast processor emulator. CVE-2020-1983 slirp: Fix use-after-free in ipreass. CVE-2020-13361 es1370transferaudio in hw/audio/es1370.c allowed guest OS users to trigger an out-of-bounds access during an es1370write operation. CVE-2020-13362...

7.5CVSS6.4AI score0.02409EPSS
Exploits1References6
nessus
nessus
added 2020/06/29 12:0 a.m.31 views

Debian DLA-2260-1 : mcabber security update

It was discovered that there was a 'roster push attack' in mcabber, a console-based Jabber XMPP client. This is identical to CVE-2015-8688 for gajim. For Debian 8 'Jessie', this problem has been fixed in version 0.10.2-1+deb8u1. We recommend that you upgrade your mcabber packages. NOTE: Tenable...

7.4CVSS5.9AI score0.04512EPSS
Exploits2References3
openvas
openvas
added 2020/06/29 12:0 a.m.37 views

Debian: Security Advisory (DLA-2258-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.02854EPSS
Exploits8References3
debian
debian
added 2020/06/28 3:2 p.m.126 views

[SECURITY] [DLA 2260-1] mcabber security update

Package : mcabber Version : 0.10.2-1+deb8u1 CVE ID : CVE-2016-9928 It was discovered that there was a "roster push attack" in mcabber, a console-based Jabber XMPP client. This is identical to CVE-2015-8688 for gajim. For Debian 8 "Jessie", this problem has been fixed in version 0.10.2-1+deb8u1. W...

7.4CVSS5.6AI score0.04512EPSS
Exploits2
debian
debian
added 2020/06/28 12:7 p.m.49 views

[SECURITY] [DLA 2255-1] libtasn1-6 security update

Package : libtasn1-6 Version : 4.2-3+deb8u4 CVE ID : CVE-2017-10790 A vulnerability has been discovered in Libtasn1, a library to manage ASN.1 structures, allowing a remote attacker to cause a denial of service against an application using the Libtasn1 library. For Debian 8 "Jessie", this problem...

7.5CVSS6.7AI score0.0499EPSS
Exploits1
nessus
nessus
added 2020/06/26 12:0 a.m.23 views

Debian DLA-2254-1 : alpine security update

CVE-2020-14929 Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do. For Debian 8...

7.5CVSS7AI score0.01823EPSS
Exploits0References3
nessus
nessus
added 2020/06/22 12:0 a.m.24 views

Debian DLA-2253-1 : lynis security update

It was discovered that there was a vulnerability in lynis, a security auditing tool. The license key could be obtained by simple observation of the process list when a data upload is being performed. For Debian 8 'Jessie', this issue has been fixed in lynis version 1.6.3-1+deb8u1. We recommend th...

3.3CVSS5.4AI score0.00365EPSS
Exploits0References3
nessus
nessus
added 2020/06/22 12:0 a.m.25 views

Debian DLA-2252-1 : ngircd security update

It was discovered that there was an out-of-bounds access vulnerability in the server-server protocol in the ngircd Internet Relay Chat IRC server. For Debian 8 'Jessie', this issue has been fixed in ngircd version 22-2+deb8u1. We recommend that you upgrade your ngircd packages. NOTE: Tenable...

7.5CVSS7.1AI score0.02643EPSS
Exploits0References3
nessus
nessus
added 2020/06/22 12:0 a.m.44 views

Debian DLA-2251-1 : rails security update

Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based framework geared for web application development, which could lead to remote code execution and untrusted user input usage, depending on the application. CVE-2020-8164 Strong parameters bypass vector in ActionPack. In some cases us...

9.8CVSS7.7AI score0.45732EPSS
Exploits6References4
nessus
nessus
added 2020/06/17 12:0 a.m.233 views

Debian DLA-2247-1 : thunderbird security update

Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. For Debian 8 'Jessie', these problems have been fixed in version 1:68.9.0-1deb8u2. NOTE: 1:68.9.0esr-1deb8u...

9.3CVSS7.5AI score0.01537EPSS
Exploits1References7
openvas
openvas
added 2020/06/13 12:0 a.m.31 views

Debian: Security Advisory (DLA-2247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.01537EPSS
Exploits1References3
debian
debian
added 2020/06/12 12:59 p.m.51 views

[SECURITY] [DLA 2246-1] xawtv security update

Package : xawtv Version : 3.103-3+deb8u1 CVE ID : CVE-2020-13696 Debian Bug : 962221 An issue was discovered in LinuxTV xawtv before 3.107. The function devopen in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem...

4.4CVSS4.5AI score0.00355EPSS
Exploits0
debian
debian
added 2020/06/12 10:37 a.m.62 views

[SECURITY] [DLA 2233-2] python-django regression update

Package : python-django Version : 1.7.11-1+deb8u10 CVE ID : CVE-2020-13254 It was discovered that there was a regression in the latest update to Django, the Python web development framework. The upstream fix for CVE-2020-13254 to address data leakages via malformed memcached keys could, in some...

5.9CVSS6.3AI score0.0609EPSS
Exploits0
openvas
openvas
added 2020/06/10 12:0 a.m.23 views

Debian: Security Advisory (DLA-2240-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.9AI score0.01033EPSS
Exploits0References3
debian
debian
added 2020/06/09 6:29 p.m.56 views

[SECURITY] [DLA 2243-1] firefox-esr security update [REVISED]

Package : firefox-esr Version : 68.9.0esr-1deb8u2 CVE ID : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic...

9.3CVSS8.2AI score0.01537EPSS
Exploits1
debian
debian
added 2020/06/09 6:11 p.m.59 views

[SECURITY] [DLA 2240-1] bluez security update

Package : bluez Version : 5.43-2+deb9u2deb8u1 CVE ID : CVE-2020-0556 Debian Bug : 953770 It was reported that the BlueZs HID and HOGP profile implementations dont specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target...

7.1CVSS6.8AI score0.01033EPSS
Exploits0
Rows per page
Query Builder