EUVD-2016-7997

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-0774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 piperead and 2 pipewrite implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and...

Debian: Security Advisory (DLA-1223-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-139-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-455-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2016-0774

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in a certain Linux kernel backport in the linux package before 3.2.73-2+deb7u3 on Debian wheezy and the kernel package before 3.10.0-229.26.2 on Red Hat Enterprise Linux RHEL 7.1 do not properly consider the side effects of failed...

[SECURITY] [DLA 1306-1] vips security update

Package : vips Version : 7.28.5-1+deb7u2 CVE ID : CVE-2018-7998 Debian Bug : 892589 It was discovered that there was NULL function pointer dereference vulnerability in vips, an image processing system for very large images. Remote attackers could cause a denial of service via a specially-crafted...

[SECURITY] [DLA 1283-1] python-crypto security update

Package : python-crypto Version : 2.6-4+deb7u8 CVE ID : CVE-2018-6594 Debian Bug : 889999 python-crypto generated weak ElGamal key parameters, which allowed attackers to obtain sensitive information by reading ciphertext data i.e., it did not have semantic security in face of a ciphertext-only...

[SECURITY] [DLA 1277-1] audacity security update

Package : audacity Version : 2.0.1-1+deb7u1 CVE ID : CVE-2016-2540 Chris Navarrete from Fortinets FortiGuard Labs discovered that Audacity, a multi-track audio editor, contains a vulnerability such that a .wav file with a crafted FORMATCHUNK structure many channels can result in a denial of servi...

Debian: Security Advisory (DLA-890-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-840-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-1255

The pgctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in Debian jessie before 165+deb8u2, in Debian unstable before 178, in Ubuntu 12.04 LTS before 129ubuntu1.2, in Ubuntu 14.04 LTS before 154ubuntu1.1, in Ubuntu 16.04 LTS before 173ubuntu0.1, in Ubuntu 17.04...

[SECURITY] [DLA 1170-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u15 CVE ID : CVE-2017-13134 CVE-2017-16547 Debian Bug : 881524 Security vulnerabilities have been identified in graphicsmagick, a collection of image processing utilities and libraries. CVE-2017-13134 Graphicsmagick was vulnerable to a heap-based...

[SECURITY] [DLA 1134-1] sdl-image1.2 security update

Package : sdl-image1.2 Version : 1.2.12-2+deb7u1 CVE ID : CVE-2017-2887 Debian Bug : 878267 It was discovered that there was a buffer overflow vulnerability in sdl-image1.2, an image loading library. A specially crafted .xcf file could cause a stack-based buffer overflow resulting in potential co...

Debian DLA-1070-1 : qemu security update

Multiple vulnerabilities were discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2017-6505 Denial of service via infinite loop in the USB OHCI emulation CVE-2017-8309 Denial of service via VNC audio capture...

Debian DLA-882-1 : tryton-server security update

It was discovered that there was a path suffix injection attack in tryton-server, a general purpose application platform. For Debian 7 'Wheezy', this issue has been fixed in tryton-server version 2.2.4-1+deb7u4. We recommend that you upgrade your tryton-server packages. NOTE: Tenable Network...

Design/Logic Flaw

The postrm script in the tomcat6 package before 6.0.45+dfsg-1deb7u3 on Debian wheezy, before 6.0.45+dfsg-1deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian...

CVE-2016-9775

The postrm script in the tomcat6 package before 6.0.45+dfsg-1deb7u3 on Debian wheezy, before 6.0.45+dfsg-1deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian...

CVE-2016-9774

Removed by vendor...

CVE-2016-9775

The postrm script in the tomcat6 package before 6.0.45+dfsg-1deb7u3 on Debian wheezy, before 6.0.45+dfsg-1deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian...