73 matches found
Advisory ROSA-SA-2024-2409
Software: xz 5.2.2 OS: rosa-server79 packageevrstring: xz-5.2.2.2-2 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts...
Advisory ROSA-SA-2024-2407
software: xz 5.2.9 AXIS: ROSA-CHROME packageevrstring: xz-5.2.9-1 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in the xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extrac...
UBUNTU-CVE-2022-1664
Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...
automake security update
CentOS Errata and Security Advisory CESA-2013:0526 An updated automake package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base...
[SECURITY] [DSA 2132-1] New xulrunner packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2132-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 11, 2010 http://www.debian.org/security/faq -...
[USN-1029-1] OpenSSL vulnerabilities
=========================================================== Ubuntu Security Notice USN-1029-1 December 08, 2010 openssl vulnerabilities CVE-2008-7270, CVE-2010-4180 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...
[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2102-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 3, 2010 http://www.debian.org/security/faq - -...
[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2095-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano August 23, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2078-1] New kvirc packages fix arbitrary IRC command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2078-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 31, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2056-1] New zonecheck packages fix cross-site scripting
------------------------------------------------------------------------ Debian Security Advisory DSA-2056-1 [email protected] http://www.debian.org/security/ Sébastien Delafond June 06, 2010 http://www.debian.org/security/faq -...
[USN-922-1] libnss-db vulnerability
=========================================================== Ubuntu Security Notice USN-922-1 March 31, 2010 libnss-db vulnerability CVE-2010-0826 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu...
[SECURITY] [DSA-2019-1] New pango1.0 packages fix denial of service
------------------------------------------------------------------------ Debian Security Advisory DSA-2019-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano March 20, 2010 http://www.debian.org/security/faq -...
[USN-863-1] QEMU vulnerability
=========================================================== Ubuntu Security Notice USN-863-1 December 03, 2009 qemu-kvm vulnerability https://launchpad.net/bugs/458521 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10...
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
------------------------------------------------------------------------ Debian Security Advisory DSA-1940-1 [email protected] http://www.debian.org/security/ Stefan Fritsch November 25, 2009 http://www.debian.org/security/faq -...
[Full-disclosure] [SECURITY] [DSA 1833-1] New dhcp3 packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1833-1 [email protected] http://www.debian.org/security/ Florian Weimer July 14, 2009 http://www.debian.org/security/faq -...
[USN-795-1] Nagios vulnerability
=========================================================== Ubuntu Security Notice USN-795-1 July 02, 2009 nagios2, nagios3 vulnerability CVE-2009-2288 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10...
[SECURITY] [DSA 1816-1] New apache2 packages fix privilege escalation
------------------------------------------------------------------------ Debian Security Advisory DSA-1816-1 [email protected] http://www.debian.org/security/ Stefan Fritsch June 16, 2009 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1813-1] New evolution-data-server packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1813-1 [email protected] http://www.debian.org/security/ Steffen Joeris June 08, 2009 http://www.debian.org/security/faq -...
DBD::Pg 'pg_getline()'和'getline()'堆缓冲区溢出漏洞
BUGTRAQ ID: 34755 CVE ID:CVE-2009-0663 DBD::Pg是一款用于PostgreSQL数据库访问的DBI驱动模块。 DBD::Pg存在基于堆的缓冲区溢出,远程攻击者可以利用漏洞执行任意代码。 使用pggetline和getline函数可从数据库中读取行信息的应用程序可通过触发堆溢出而执行任意代码。 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux...