Debian DLA-1723-1 : cron security update

Various security problems have been discovered in Debian's CRON scheduler. CVE-2017-9525 Fix group crontab to root escalation via the Debian package's postinst script as described by Alexander Peslyak Solar Designer in http://www.openwall.com/lists/oss-security/2017/06/08/3 CVE-2019-9704 DoS: Fix...

DEBIAN-CVE-2014-8961

Directory traversal vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter...

CVE-2014-8961

Directory traversal vulnerability in libraries/errorreport.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter...

phpMyAdmin -- XSS and information disclosure vulnerabilities

The phpMyAdmin development team reports: With a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page. With a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoom search pages. With a crafted value for font siz...

Leakage of line count of an arbitrary file.

PMASA-2014-16 Announcement-ID: PMASA-2014-16 Date: 2014-11-20 Summary Leakage of line count of an arbitrary file. Description In the error reporting feature, a parameter specifying the file was not correctly validated, allowing the attacker to derive the line count of an arbitrary file. Severity ...