Debian - Page 63 of Debian Most Viewed Vulnerabilities List

Debian•added 2020/09/04 9:50 p.m.•46 views

[SECURITY] [DLA 2278-3] squid3 regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2278-3 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 04, 2020 https://wiki.debian.org/LTS -...

5.9CVSS8AI score0.17466EPSS

Debian•added 2020/08/29 11:51 p.m.•46 views

[SECURITY] [DLA 2356-1] freerdp security update

Debian LTS Advisory DLA-2356-1 [email protected] https://www.debian.org/lts/security/ Mike Gabriel August 30, 2020 https://wiki.debian.org/LTS Package : freerdp Version : 1.1.0git20140921.1.440916e+dfsg1-13+deb9u4 CVE ID : CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046...

8.3CVSS6.7AI score0.02202EPSS

Exploits9

Debian•added 2020/08/15 10:0 p.m.•46 views

[SECURITY] [DLA 2328-1] dovecot security update

Debian LTS Advisory DLA-2328-1 [email protected] https://www.debian.org/lts/security/ August 15, 2020 https://wiki.debian.org/LTS Package : dovecot Version : 1:2.2.27-3+deb9u6 CVE ID : CVE-2020-12100 CVE-2020-12673 CVE-2020-12674 Debian Bug : 968302 Several vulnerabilities have been...

7.5CVSS6.9AI score0.25804EPSS

Exploits4

Debian•added 2020/08/13 10:7 a.m.•46 views

[SECURITY] [DLA 2325-1] openjdk-8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2325-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 13, 2020 https://wiki.debian.org/LTS -...

8.3CVSS8.3AI score0.01018EPSS

Debian•added 2020/08/11 8:37 a.m.•46 views

[SECURITY] [DLA 2320-1] golang-github-seccomp-libseccomp-golang security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2320-1 [email protected] https://www.debian.org/lts/security/ August 10, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package...

7.5CVSS7.1AI score0.00438EPSS

Debian•added 2020/06/08 7:59 a.m.•46 views

[SECURITY] [DLA 2238-1] libupnp security update

Package : libupnp Version : 1.6.19+git20141001-1+deb8u2 CVE ID : CVE-2020-13848 Debian Bug : 962282 libupnp, the portable SDK for UPnP Devices allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions...

7.5CVSS7.4AI score0.03242EPSS

Debian•added 2020/05/19 7:48 p.m.•46 views

[SECURITY] [DSA 4689-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4689-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 19, 2020 https://www.debian.org/security/faq -...

5CVSS1.4AI score0.92629EPSS

Exploits6

Debian•added 2020/05/03 5:59 p.m.•46 views

[SECURITY] [DLA 2196-2] pound regression update

Package : pound Version : 2.6-6+deb8u3 CVE ID : CVE-2016-10711 A regression has been found in the patch for CVE-2016-10711 of pound, a reverse proxy, load balancer and HTTPS front-end for Web servers. Without the fix pound can be tricked to use 100% CPU. For Debian 8 "Jessie", this problem has be...

9.8CVSS9.4AI score0.00997EPSS

Debian•added 2020/03/31 5:35 p.m.•46 views

[SECURITY] [DSA 4648-1] libpam-krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4648-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 31, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.07295EPSS

Debian•added 2019/10/30 11:4 a.m.•46 views

[SECURITY] [DLA 1976-1] imapfilter security update

Package : imapfilter Version : 1:2.5.2-2+deb8u1 CVE ID : CVE-2016-10937 Debian Bug : 939702 The imapfilter tool, a utility for scripting IMAP operations in lua, lacked server name / certificate peer hostname validation support. For Debian 8 "Jessie", this problem has been fixed in version...

7.5CVSS7AI score0.00318EPSS

Debian•added 2019/09/30 7:53 a.m.•46 views

[SECURITY] [DLA 1938-1] file-roller security update

Package : file-roller Version : 3.14.1-1+deb8u1 CVE ID : CVE-2019-16680 An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction. For Debian 8 "Jessie", this proble...

4.3CVSS6AI score0.01789EPSS

Debian•added 2019/04/28 9:3 p.m.•46 views

[SECURITY] [DLA 1769-1] gst-plugins-base0.10 security update

rom: Thorsten Alteholz [email protected] To: [email protected] Subject: SECURITY DLA 1769-1 gst-plugins-base0.10 security update Package : gst-plugins-base0.10 Version : 0.10.36-2+deb8u1 CVE ID : CVE-2019-9928 Debian Bug : The RTSP connection parser in the base GStreamer...

8.8CVSS8.6AI score0.16747EPSS

Debian•added 2018/09/20 3:42 a.m.•46 views

[SECURITY] [DLA 1509-1] php5 security update

Package : php5 Version : 5.6.38+dfsg-0+deb8u1 CVE ID : CVE-2018-17082 A vulnerability has been discovered in php5, a server-side, HTML-embedded scripting language. The Apache2 component allows XSS via the body of a "Transfer-Encoding: chunked" request because of a defect in request handling. For...

6.1CVSS6.6AI score0.04436EPSS

Debian•added 2018/06/27 9:20 p.m.•46 views

[SECURITY] [DSA 4236-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4236-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 27, 2018 https://www.debian.org/security/faq -...

9.9CVSS7.9AI score0.02771EPSS

Debian•added 2018/06/22 7:59 p.m.•46 views

[SECURITY] [DSA 4233-1] bouncycastle security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4233-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2018 https://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.0031EPSS

Debian•added 2018/01/27 4:48 p.m.•46 views

[SECURITY] [DSA 4100-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4100-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 27, 2018 https://www.debian.org/security/faq -...

8.8CVSS9.2AI score0.01374EPSS

Exploits3

Debian•added 2018/01/01 7:33 p.m.•46 views

[SECURITY] [DLA 1227-1] imagemagick security update

Package : imagemagick Version : 8:6.7.7.10-5+deb7u19 CVE ID : CVE-2017-17504 CVE-2017-17682 CVE-2017-17879 CVE-2017-17914 Debian Bug : 885340 885942 885125 Several security vulnerabilities were discovered in ImageMagick, an image manipulation program, that allow remote attackers to cause a denial...

8.8CVSS8.9AI score0.01712EPSS

Debian•added 2017/11/21 2:51 p.m.•46 views

[SECURITY] [DSA 4043-1] samba security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4043-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2017 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.4327EPSS

Debian•added 2017/11/11 2:46 p.m.•46 views

[SECURITY] [DSA 4031-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4031-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 11, 2017 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.0818EPSS

Debian•added 2017/11/07 2:14 a.m.•46 views

[SECURITY] [DSA 4020-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4020-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 05, 2017 https://www.debian.org/security/faq -...

8.8CVSS9AI score0.19092EPSS

Exploits6

Debian•added 2017/11/02 9:44 p.m.•46 views

[SECURITY] [DSA 4015-1] openjdk-8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4015-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 02, 2017 https://www.debian.org/security/faq -...

9.6CVSS9AI score0.06365EPSS

Debian•added 2017/10/03 9:33 p.m.•46 views

[SECURITY] [DSA 3991-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3991-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 03, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.9AI score0.01345EPSS

Debian•added 2017/09/05 6:12 p.m.•46 views

[SECURITY] [DLA 1087-1] icedove/thunderbird security update

Package : icedove Version : 1:52.3.0-4deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-7809 Multiple security issues have bee...

10CVSS7.2AI score0.0852EPSS

Exploits13

Debian•added 2017/08/07 5:18 a.m.•46 views

[SECURITY] [DSA 3927-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3927-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 07, 2017 https://www.debian.org/security/faq -...

7.8CVSS1.7AI score0.20809EPSS

Exploits11

Debian•added 2017/06/22 8:5 a.m.•46 views

[SECURITY] [DSA 3892-1] tomcat7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3892-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 22, 2017 https://www.debian.org/security/faq -...

7.5CVSS7.8AI score0.10802EPSS

Debian•added 2017/05/16 2:17 p.m.•46 views

[SECURITY] [DLA 944-1] openvpn security update

Package : openvpn Version : 2.2.1-8+deb7u4 CVE ID : CVE-2017-7479 Denial of Service due to Exhaustion of Packet-ID counter An authenticated client can cause the servers the packet-id counter to roll over, which would lead the server process to hit an ASSERT and stop running. To make the server hi...

6.5CVSS6.9AI score0.00146EPSS

Debian•added 2017/05/11 10:0 a.m.•46 views

[SECURITY] [DLA 939-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u21 CVE ID : CVE-2016-9603 CVE-2017-7718 CVE-2017-7980 Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware based on Quick EmulatorQemu. The Common Vulnerabilities and Exposures project identifies t...

9.9CVSS7.3AI score0.00634EPSS

Debian•added 2017/04/28 9:59 p.m.•46 views

[SECURITY] [DLA 924-1] tomcat7 security update

Package : tomcat7 Version : 7.0.28-4+deb7u12 CVE ID : CVE-2017-5647 CVE-2017-5648 Debian Bug : 860068 Two security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2017-5647 A bug in the handling of the pipelined requests when send file was used resulted in the...

9.1CVSS9.5AI score0.21758EPSS

Debian•added 2017/03/09 12:6 p.m.•46 views

[SECURITY] [DLA 849-1] linux security update

Package : linux Version : 3.2.86-1 CVE ID : CVE-2016-9588 CVE-2017-2636 CVE-2017-5669 CVE-2017-5986 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6348 CVE-2017-6353 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or...

7.8CVSS7AI score0.0946EPSS

Debian•added 2017/02/09 2:28 a.m.•46 views

[SECURITY] [DSA 3783-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3783-1 [email protected] https://www.debian.org/security/ Luciano Bello February 08, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.4AI score0.2113EPSS

Debian•added 2017/01/22 10:43 a.m.•46 views

[SECURITY] [DSA 3769-1] libphp-swiftmailer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3769-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 22, 2017 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.73109EPSS

Exploits18

Debian•added 2017/01/13 3:45 p.m.•46 views

[SECURITY] [DSA 3762-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3762-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS January 13, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.5AI score0.03829EPSS

Exploits11

Debian•added 2016/12/26 1:50 p.m.•46 views

[SECURITY] [DLA 765-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u19 CVE ID : CVE-2016-9911 CVE-2016-9921 CVE-2016-9922 Multiple vulnerabilities have been found in qemu-kvm: CVE-2016-9911 qemu-kvm built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing pack...

6.5CVSS7.3AI score0.00085EPSS

Debian•added 2016/11/17 8:7 p.m.•46 views

[SECURITY] [DSA 3717-1] gst-plugins-bad1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3717-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2016 https://www.debian.org/security/faq -...

7AI score

Debian•added 2016/10/31 5:9 p.m.•46 views

[SECURITY] [DLA 691-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy7 CVE ID : CVE-2016-4658 CVE-2016-5131 CVE-2016-4658 Namespace nodes must be copied to avoid use-after-free errors. But they dont necessarily have a physical representation in a document, so simply disallow them in XPointer ranges. CVE-2016-5131 The...

10CVSS8.6AI score0.15391EPSS

Debian•added 2016/10/25 8:48 p.m.•46 views

[SECURITY] [DSA 3700-1] asterisk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3700-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2016 https://www.debian.org/security/faq -...

7.5CVSS7AI score0.39025EPSS

Debian•added 2016/07/30 10:43 a.m.•46 views

[SECURITY] [DLA 574-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u14 CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439 CVE-2016-5403 CVE-2016-6351 Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures projec...

8.4CVSS8.5AI score0.08407EPSS

Debian•added 2016/07/25 2:18 p.m.•46 views

[SECURITY] [DSA 3628-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq -...

7.8CVSS8.6AI score0.00317EPSS

Debian•added 2016/06/30 8:44 a.m.•46 views

[SECURITY] [DSA 3611-1] libcommons-fileupload-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3611-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 30, 2016 https://www.debian.org/security/faq -...

7.8CVSS7.9AI score0.40246EPSS

Debian•added 2016/06/21 8:22 p.m.•46 views

[SECURITY] [DLA 522-1] python2.7 security update

Package : python2.7 Version : 2.7.3-6+deb7u3 CVE ID : CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 CVE-2016-0772 A vulnerability in smtplib allowing MITM attacker to perform a startTLS stripping attack. smtplib does not seem to raise an exception when the remote end smtp server is capable of...

10CVSS7.9AI score0.45123EPSS

Exploits7

Debian•added 2016/04/07 4:33 p.m.•46 views

[SECURITY] [DSA 3544-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3544-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq -...

7.4CVSS7.1AI score0.0125EPSS

Debian•added 2016/02/11 6:54 p.m.•46 views

[SECURITY] [DSA 3473-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3473-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 11, 2016 https://www.debian.org/security/faq -...

7.5CVSS2.8AI score0.78788EPSS

Debian•added 2016/02/08 7:45 p.m.•46 views

[SECURITY] [DSA 3469-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3469-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...

9CVSS9AI score0.13388EPSS

Debian•added 2016/02/02 9:31 p.m.•46 views

[SECURITY] [DSA 3465-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3465-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2016 https://www.debian.org/security/faq -...

10CVSS7.2AI score0.09896EPSS

Debian•added 2016/01/25 8:41 p.m.•46 views

[SECURITY] [DSA 3453-1] mariadb-10.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3453-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 25, 2016 https://www.debian.org/security/faq -...

7.2CVSS2.5AI score0.06492EPSS

Debian•added 2016/01/13 9:31 p.m.•46 views

[SECURITY] [DSA 3443-1] libpng security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3443-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2016 https://www.debian.org/security/faq -...

9.3CVSS8.8AI score0.13549EPSS

Debian•added 2015/12/30 11:29 a.m.•46 views

[SECURITY] [DLA 376-1] mono security update

Package : mono Version : 2.6.7-5.1+deb6u2 CVE ID : CVE-2009-0689 Monos string-to-double parser may crash, on specially crafted input. This could theoretically lead to arbitrary code execution. This issue has been fixed in Debian 6 Squeeze with the version 2.6.7-5.1+deb6u2 of mono. We recommend th...

6.8CVSS6AI score0.4176EPSS

Exploits43

Debian•added 2015/12/03 10:20 p.m.•46 views

[SECURITY] [DLA 358-1] openssl security update

Package : openssl Version : 0.9.8o-4squeeze22 CVE ID : CVE-2015-3195 When presented with a malformed X509ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS7 and CMS routines so any application which reads PKCS7 or CMS data from untrusted sources is affected. SSL/TLS ...

5.3CVSS6.7AI score0.03481EPSS