Debian - Page 62 of Debian Most Viewed Vulnerabilities List

Debian•added 2020/09/26 9:39 a.m.•47 views

[SECURITY] [DLA 2380-1] ruby-gon security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2380-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 26, 2020 https://wiki.debian.org/LTS -...

6.1CVSS6.2AI score0.00607EPSS

Debian•added 2020/09/25 5:43 p.m.•47 views

[SECURITY] [DSA 4767-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4767-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 25, 2020 https://www.debian.org/security/faq -...

7.5CVSS6.9AI score0.00737EPSS

Debian•added 2020/09/04 9:50 p.m.•46 views

[SECURITY] [DLA 2278-3] squid3 regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2278-3 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 04, 2020 https://wiki.debian.org/LTS -...

5.9CVSS8AI score0.17466EPSS

Debian•added 2020/08/29 11:51 p.m.•46 views

[SECURITY] [DLA 2356-1] freerdp security update

Debian LTS Advisory DLA-2356-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 30, 2020 https://wiki.debian.org/LTS Package : freerdp Version : 1.1.0git20140921.1.440916e+dfsg1-13+deb9u4 CVE ID : CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046...

8.3CVSS6.7AI score0.02202EPSS

Exploits9

Debian•added 2020/08/15 10:0 p.m.•46 views

[SECURITY] [DLA 2328-1] dovecot security update

Debian LTS Advisory DLA-2328-1 [email protected] https://www.debian.org/lts/security/ August 15, 2020 https://wiki.debian.org/LTS Package : dovecot Version : 1:2.2.27-3+deb9u6 CVE ID : CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 Debian Bug : 968302 Several vulnerabilities have been...

7.5CVSS6.9AI score0.25804EPSS

Exploits4

Debian•added 2020/08/11 8:37 a.m.•47 views

[SECURITY] [DLA 2320-1] golang-github-seccomp-libseccomp-golang security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2320-1 [email protected] https://www.debian.org/lts/security/ August 10, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...

7.5CVSS7.1AI score0.00438EPSS

Debian•added 2020/06/11 3:21 p.m.•47 views

[SECURITY] [DSA 4701-1] intel-microcode security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4701-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2020 https://www.debian.org/security/faq -...

2.1CVSS2.1AI score0.00481EPSS

Debian•added 2020/06/11 6:20 a.m.•48 views

[SECURITY] [DSA 4700-1] roundcube security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4700-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 11, 2020 https://www.debian.org/security/faq -...

6.3CVSS6.9AI score0.71819EPSS

Debian•added 2020/04/17 11:52 p.m.•48 views

[SECURITY] [DLA 2180-1] file-roller security update

Package : file-roller Version : 3.14.1-1+deb8u2 CVE ID : CVE-2020-11736 Debian Bug : 956638 fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a files parent is a symlink to a directory outside of the intend...

3.9CVSS4.6AI score0.00336EPSS

Debian•added 2020/02/20 3:36 p.m.•47 views

[SECURITY] [DLA 2112-1] python-reportlab security update

Package : python-reportlab Version : 3.1.8-3+deb8u2 CVE ID : CVE-2019-17626 Debian Bug : 942763 It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian ...

9.8CVSS9.5AI score0.16839EPSS

Debian•added 2019/10/30 5:39 p.m.•47 views

[SECURITY] [DLA 1978-1] python-ecdsa security update

Package : python-ecdsa Version : 0.11-1+deb8u1 CVE ID : CVE-2019-14853 CVE-2019-14859 It was discovered that python-ecdsa, a cryptographic signature library for Python, did not correctly verify DER encoded signatures. Malformed signatures could lead to unexpected exceptions and in some cases did...

9.1CVSS7.5AI score0.00076EPSS

Debian•added 2019/06/30 6:32 p.m.•48 views

[SECURITY] [DLA 1840-1] golang-go.crypto security update

Package : golang-go.crypto Version : 0.0hg190-1+deb8u1 CVE ID : CVE-2019-11840 A flaw was found in the amd64 implementation of salsa20. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect...

5.9CVSS5.9AI score0.02086EPSS

Debian•added 2018/09/20 3:42 a.m.•46 views

[SECURITY] [DLA 1509-1] php5 security update

Package : php5 Version : 5.6.38+dfsg-0+deb8u1 CVE ID : CVE-2018-17082 A vulnerability has been discovered in php5, a server-side, HTML-embedded scripting language. The Apache2 component allows XSS via the body of a "Transfer-Encoding: chunked" request because of a defect in request handling. For...

6.1CVSS6.6AI score0.04436EPSS

Debian•added 2018/06/27 9:20 p.m.•46 views

[SECURITY] [DSA 4236-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4236-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 27, 2018 https://www.debian.org/security/faq -...

9.9CVSS7.9AI score0.02771EPSS

Debian•added 2018/01/27 4:48 p.m.•46 views

[SECURITY] [DSA 4100-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4100-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 27, 2018 https://www.debian.org/security/faq -...

8.8CVSS9.2AI score0.01374EPSS

Exploits3

Debian•added 2017/11/21 2:51 p.m.•46 views

[SECURITY] [DSA 4043-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4043-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2017 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.4327EPSS

Debian•added 2017/11/11 2:46 p.m.•46 views

[SECURITY] [DSA 4031-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4031-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 11, 2017 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.0818EPSS

Debian•added 2017/11/02 9:44 p.m.•46 views

[SECURITY] [DSA 4015-1] openjdk-8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4015-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 02, 2017 https://www.debian.org/security/faq -...

9.6CVSS9AI score0.06365EPSS

Debian•added 2017/10/30 11:20 p.m.•47 views

[SECURITY] [DSA 4012-1] libav security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4012-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 31, 2017 https://www.debian.org/security/faq -...

9.8CVSS9AI score0.01662EPSS

Debian•added 2017/10/03 9:33 p.m.•46 views

[SECURITY] [DSA 3991-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3991-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 03, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.9AI score0.01345EPSS

Debian•added 2017/09/05 6:12 p.m.•46 views

[SECURITY] [DLA 1087-1] icedove/thunderbird security update

Package : icedove Version : 1:52.3.0-4deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-7809 Multiple security issues have bee...

10CVSS7.2AI score0.0852EPSS

Exploits13

Debian•added 2017/08/07 5:18 a.m.•46 views

[SECURITY] [DSA 3927-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3927-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 07, 2017 https://www.debian.org/security/faq -...

7.8CVSS1.7AI score0.20809EPSS

Exploits11

Debian•added 2017/06/22 8:5 a.m.•46 views

[SECURITY] [DSA 3892-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3892-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 22, 2017 https://www.debian.org/security/faq -...

7.5CVSS7.8AI score0.10802EPSS

Debian•added 2017/05/11 10:0 a.m.•46 views

[SECURITY] [DLA 939-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u21 CVE ID : CVE-2016-9603 CVE-2017-7718 CVE-2017-7980 Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware based on Quick EmulatorQemu. The Common Vulnerabilities and Exposures project identifies t...

9.9CVSS7.3AI score0.00634EPSS

Debian•added 2017/04/28 9:59 p.m.•46 views

[SECURITY] [DLA 924-1] tomcat7 security update

Package : tomcat7 Version : 7.0.28-4+deb7u12 CVE ID : CVE-2017-5647 CVE-2017-5648 Debian Bug : 860068 Two security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2017-5647 A bug in the handling of the pipelined requests when send file was used resulted in the...

9.1CVSS9.5AI score0.21758EPSS

Debian•added 2017/03/09 12:6 p.m.•46 views

[SECURITY] [DLA 849-1] linux security update

Package : linux Version : 3.2.86-1 CVE ID : CVE-2016-9588 CVE-2017-2636 CVE-2017-5669 CVE-2017-5986 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6348 CVE-2017-6353 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or...

7.8CVSS7AI score0.0946EPSS

Debian•added 2017/02/09 2:28 a.m.•46 views

[SECURITY] [DSA 3783-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3783-1 [email protected] https://www.debian.org/security/ Luciano Bello February 08, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.4AI score0.2113EPSS

Debian•added 2017/01/23 11:1 p.m.•49 views

[SECURITY] [DLA 795-1] tiff security update

Package : tiff Version : 4.0.2-6+deb7u9 CVE ID : CVE-2016-3622 CVE-2016-3623 CVE-2016-3624 CVE-2016-3945 CVE-2016-3990 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9538 CVE-2016-9540 CVE-2016-10092 CVE-2016-10093 CVE-2017-5225 Debian Bug : 846837 820365 836570...

9.8CVSS7.9AI score0.02534EPSS

Exploits7

Debian•added 2016/11/17 8:7 p.m.•46 views

[SECURITY] [DSA 3717-1] gst-plugins-bad1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3717-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2016 https://www.debian.org/security/faq -...

7AI score

Debian•added 2016/10/31 5:9 p.m.•46 views

[SECURITY] [DLA 691-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy7 CVE ID : CVE-2016-4658 CVE-2016-5131 CVE-2016-4658 Namespace nodes must be copied to avoid use-after-free errors. But they dont necessarily have a physical representation in a document, so simply disallow them in XPointer ranges. CVE-2016-5131 The...

10CVSS8.6AI score0.15391EPSS

Debian•added 2016/07/25 2:18 p.m.•46 views

[SECURITY] [DSA 3628-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...

7.8CVSS8.6AI score0.00317EPSS

Debian•added 2016/06/21 8:22 p.m.•46 views

[SECURITY] [DLA 522-1] python2.7 security update

Package : python2.7 Version : 2.7.3-6+deb7u3 CVE ID : CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 CVE-2016-0772 A vulnerability in smtplib allowing MITM attacker to perform a startTLS stripping attack. smtplib does not seem to raise an exception when the remote end smtp server is capable of...

10CVSS7.9AI score0.45123EPSS

Exploits7

Debian•added 2016/06/07 4:44 p.m.•47 views

[SECURITY] [DSA 3597-1] expat security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3597-1 [email protected] https://www.debian.org/security/ Luciano Bello June 07, 2016 https://www.debian.org/security/faq -...

7.8CVSS7.6AI score0.02202EPSS

Debian•added 2016/05/18 6:34 p.m.•48 views

[SECURITY] [DLA 480-1] nss security update

Package : nss Version : 3.14.5-1+deb7u6 CVE ID : CVE-2015-7181 CVE-2015-7182 CVE-2016-1938 CVE-2016-1950 CVE-2016-1978 CVE-2016-1979 This security update fixes serious security issues in NSS including arbitrary code execution and remote denial service attacks. For Debian 7 "wheezy", these problem...

9.8CVSS7.8AI score0.11044EPSS

Debian•added 2016/04/15 11:59 a.m.•48 views

[SECURITY] [DSA 3549-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3549-1 [email protected] https://www.debian.org/security/ Michael Gilbert April 15, 2016 https://www.debian.org/security/faq -...

10CVSS7.4AI score0.0306EPSS

Debian•added 2016/04/07 4:33 p.m.•46 views

[SECURITY] [DSA 3544-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3544-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq -...

7.4CVSS7.1AI score0.0125EPSS

Debian•added 2016/02/11 6:54 p.m.•47 views

[SECURITY] [DSA 3473-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3473-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 11, 2016 https://www.debian.org/security/faq -...

9.8CVSS8.9AI score0.78788EPSS

Debian•added 2016/02/02 9:31 p.m.•46 views

[SECURITY] [DSA 3465-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3465-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2016 https://www.debian.org/security/faq -...

10CVSS7.2AI score0.09896EPSS

Debian•added 2016/01/25 8:41 p.m.•46 views

[SECURITY] [DSA 3453-1] mariadb-10.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3453-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 25, 2016 https://www.debian.org/security/faq -...

7.2CVSS2.5AI score0.06492EPSS

Debian•added 2016/01/13 9:31 p.m.•46 views

[SECURITY] [DSA 3443-1] libpng security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3443-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...

9.3CVSS8.8AI score0.13549EPSS

Debian•added 2016/01/05 7:18 p.m.•47 views

[SECURITY] [DSA 3434-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3434-1 [email protected] https://www.debian.org/security/ Ben Hutchings January 05, 2016 https://www.debian.org/security/faq -...

6.9CVSS2.1AI score0.15964EPSS

Debian•added 2015/12/30 11:29 a.m.•46 views

[SECURITY] [DLA 376-1] mono security update

Package : mono Version : 2.6.7-5.1+deb6u2 CVE ID : CVE-2009-0689 Monos string-to-double parser may crash, on specially crafted input. This could theoretically lead to arbitrary code execution. This issue has been fixed in Debian 6 Squeeze with the version 2.6.7-5.1+deb6u2 of mono. We recommend th...

6.8CVSS6AI score0.4176EPSS

Exploits43

Debian•added 2015/12/03 10:20 p.m.•46 views

[SECURITY] [DLA 358-1] openssl security update

Package : openssl Version : 0.9.8o-4squeeze22 CVE ID : CVE-2015-3195 When presented with a malformed X509ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS7 and CMS routines so any application which reads PKCS7 or CMS data from untrusted sources is affected. SSL/TLS ...

5.3CVSS6.7AI score0.03481EPSS

Debian•added 2015/10/12 5:20 p.m.•46 views

[SECURITY] [DLA 325-1] linux-2.6 security update

Package : linux-2.6 Version : 2.6.32-48squeeze16 CVE ID : CVE-2015-2925 CVE-2015-5257 CVE-2015-7613 This update fixes the CVEs described below. CVE-2015-2925 Jann Horn discovered that when a subdirectory of a filesystem was bind-mounted into a chroot or mount namespace, a user that should be...

6.9CVSS6.8AI score0.00747EPSS

Debian•added 2015/09/18 8:9 p.m.•47 views

[SECURITY] [DSA 3361-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3361-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2015 https://www.debian.org/security/faq -...

7.5CVSS8.3AI score0.10195EPSS

Debian•added 2015/09/02 4:22 p.m.•46 views

[SECURITY] [DSA 3348-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3348-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 02, 2015 https://www.debian.org/security/faq -...

9.3CVSS8.2AI score0.1149EPSS