Debian - Page 133 of Debian Vulnerabilities List

Debian•added 2017/09/18 8:41 p.m.•35 views

[SECURITY] [DSA 3978-1] gdk-pixbuf security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3978-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 18, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.2AI score0.04599EPSS

Debian•added 2017/09/18 6:35 p.m.•17 views

[SECURITY] [DSA 3977-1] newsbeuter security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3977-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 18, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.7AI score0.03078EPSS

Debian•added 2017/09/18 6:35 p.m.•18 views

[SECURITY] [DSA 3977-1] newsbeuter security update

6.8CVSS2.5AI score0.03078EPSS

Debian•added 2017/09/17 5:12 p.m.•20 views

[SECURITY] [DSA 3976-1] freexl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3976-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 17, 2017 https://www.debian.org/security/faq -...

8.8CVSS9.5AI score0.03313EPSS

Debian•added 2017/09/17 5:12 p.m.•20 views

[SECURITY] [DSA 3976-1] freexl security update

6.8CVSS2.3AI score0.03313EPSS

Debian•added 2017/09/17 4:14 p.m.•19 views

[SECURITY] [DLA 1098-1] freexl security update

Package : freexl Version : 1.0.0b-1+deb7u4 CVE ID : CVE-2017-2923 CVE-2017-2924 Debian Bug : 875690 875691 The Cisco Talos team reported two sensitive security issues affecting FreeXL-1.0.3 and any previous version. CVE-2017-2923 An exploitable heap based buffer overflow vulnerability exists in t...

8.8CVSS9.6AI score0.03313EPSS

Debian•added 2017/09/15 9:21 p.m.•22 views

[SECURITY] [DSA 3975-1] emacs25 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3975-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.8AI score0.04042EPSS

Debian•added 2017/09/15 3:20 p.m.•28 views

[SECURITY] [DSA 3974-1] tomcat8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3974-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 15, 2017 https://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.1014EPSS

Debian•added 2017/09/15 3:20 p.m.•34 views

[SECURITY] [DSA 3974-1] tomcat8 security update

5CVSS1.2AI score0.1014EPSS

Debian•added 2017/09/15 10:18 a.m.•62 views

[SECURITY] [DLA 1097-1] tcpdump security update

Package : tcpdump Version : 4.9.2-1deb7u1 CVE ID : CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991...

9.8CVSS7.2AI score0.04639EPSS

Debian•added 2017/09/14 9:11 p.m.•28 views

[SECURITY] [DSA 3973-1] wordpress-shibboleth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3973-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 14, 2017 https://www.debian.org/security/faq -...

6.1CVSS6.1AI score0.0146EPSS

Debian•added 2017/09/13 5:51 p.m.•15 views

[SECURITY] [DLA 1096-1] wordpress-shibboleth security update

Package : wordpress-shibboleth Version : 1.4-2+deb7u1 CVE ID : CVE-2017-14313 Debian Bug : 874416 It was discovered that there was a an XSS vulnerability in the login form of the "Shibboleth" identity provider module for Wordpress. For Debian 7 "Wheezy", this issue has been fixed in...

6.1CVSS6AI score0.0146EPSS

Debian•added 2017/09/13 11:54 a.m.•41 views

[SECURITY] [DSA 3972-1] bluez security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3972-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq -...

6.5CVSS6.6AI score0.07774EPSS

Debian•added 2017/09/13 11:54 a.m.•36 views

[SECURITY] [DSA 3972-1] bluez security update

3.3CVSS2.6AI score0.07774EPSS

Debian•added 2017/09/13 5:4 a.m.•33 views

[SECURITY] [DSA 3971-1] tcpdump security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3971-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq -...

7.5CVSS2.9AI score0.06196EPSS

Debian•added 2017/09/13 5:4 a.m.•48 views

[SECURITY] [DSA 3971-1] tcpdump security update

9.8CVSS10AI score0.06196EPSS

Debian•added 2017/09/12 9:8 p.m.•12 views

[SECURITY] [DSA 3970-1] emacs24 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3970-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 12, 2017 https://www.debian.org/security/faq -...

6.8AI score

Debian•added 2017/09/12 9:5 p.m.•37 views

[SECURITY] [DSA 3969-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3969-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 12, 2017 https://www.debian.org/security/faq -...

10CVSS8.8AI score0.0367EPSS

Debian•added 2017/09/11 9:39 p.m.•45 views

[SECURITY] [DSA 3968-1] icedove/thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3968-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 11, 2017 https://www.debian.org/security/faq -...

10CVSS9.3AI score0.04187EPSS

Exploits13

Debian•added 2017/09/11 5:29 a.m.•32 views

[SECURITY] [DLA 1095-1] freerdp security update

Package : freerdp Version : 1.0.1-1.1+deb7u4 CVE ID : CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839 Debian Bug : 869880 Tyler Bohan of Talos discovered that FreeRDP, a free implementation of the Remote Desktop Protocol RDP, contained several vulnerabilities that allowed a...

8.8CVSS7.7AI score0.01722EPSS

Exploits5

Debian•added 2017/09/10 2:14 a.m.•31 views

[SECURITY] [DLA 1094-1] tiff3 security update

Package : tiff3 Version : 3.9.6-11+deb7u8 CVE ID : CVE-2017-11335 Debian Bug : 868513 A heap based buffer overflow has been discovered in the tiff2pdf utility, part of the Tag Image File Format TIFF library. A PlanarConfig=Contig image can cause an out-of-bounds write related to the ZIPDecode...

8.8CVSS7.8AI score0.0363EPSS

Debian•added 2017/09/10 2:12 a.m.•34 views

[SECURITY] [DLA 1093-1] tiff security update

Package : tiff Version : 4.0.2-6+deb7u16 CVE ID : CVE-2017-11335 CVE-2017-12944 CVE-2017-13726 CVE-2017-13727 Debian Bug : 868513 872607 873880 873879 Several vulnerabilities have been discovered in the Tag Image File Format TIFF library and its associated tools. CVE-2017-11335 A heap based buffe...

8.8CVSS7.7AI score0.0363EPSS

Debian•added 2017/09/08 6:40 p.m.•23 views

[SECURITY] [DSA 3967-1] mbedtls security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3967-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 08, 2017 https://www.debian.org/security/faq -...

8.1CVSS8AI score0.01492EPSS

Debian•added 2017/09/08 6:40 p.m.•24 views

[SECURITY] [DSA 3967-1] mbedtls security update

6.8CVSS2.8AI score0.01492EPSS

Debian•added 2017/09/08 9:0 a.m.•34 views

[SECURITY] [DLA 1092-1] libarchive security update

Package : libarchive Version : 3.0.4-3+wheezy6+deb7u1 CVE ID : CVE-2017-14166 Debian Bug : 874539 It was discovered that there was a denial of service vulnerability in the libarchive multi-format compression library. A specially-crafted .xar archive could cause via a heap-based buffer over-read...

6.5CVSS6.5AI score0.03341EPSS

Debian•added 2017/09/07 8:56 p.m.•16 views

[SECURITY] [DLA 1087-2] icedove/thunderbird regression update

Package : icedove Version : 1:52.3.0-4deb7u2 The update for icedove/thunderbird issued as DLA-1087-1 did not build on i386. This update corrects this. For reference, the original advisory text follows. Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memor...

6.3AI score

Debian•added 2017/09/07 3:48 p.m.•25 views

[SECURITY] [DLA 1091-1] unrar-free security update

Package : unrar-free Version : 1:0.0.1+cvs20071127-2+deb7u1 CVE ID : CVE-2017-14120 Debian Bug : 874059 It was discovered that there was a directory traversal vulnerability in unrar-free, a unarchiver for .rar files, where pathnames of the form "../filename" were unpacked into the parent director...

7.5CVSS7.7AI score0.0211EPSS

Debian•added 2017/09/06 6:42 a.m.•20 views

[SECURITY] [DLA 1090-1] tcpdump security update

Package : tcpdump Version : 4.9.0-1deb7u2 CVE ID : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service application crash. For Debian 7...

9.8CVSS6.8AI score0.06196EPSS

Debian•added 2017/09/05 8:17 p.m.•39 views

[SECURITY] [DSA 3966-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.9AI score0.29442EPSS

Exploits8

Debian•added 2017/09/05 8:15 p.m.•23 views

[SECURITY] [DSA 3965-1] file security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3965-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 05, 2017 https://www.debian.org/security/faq -...

5.5CVSS5.5AI score0.00404EPSS

Debian•added 2017/09/05 8:15 p.m.•27 views

[SECURITY] [DSA 3965-1] file security update

2.1CVSS1.5AI score0.00404EPSS

Debian•added 2017/09/05 6:12 p.m.•46 views

[SECURITY] [DLA 1087-1] icedove/thunderbird security update

Package : icedove Version : 1:52.3.0-4deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-7809 Multiple security issues have bee...

10CVSS7.2AI score0.04187EPSS

Exploits13

Debian•added 2017/09/05 4:12 p.m.•28 views

[SECURITY] [DLA 1089-1] irssi security update

Package : irssi Version : 0.8.15-5+deb7u3 CVE ID : CVE-2017-10965 CVE-2017-10966 Debian Bug : 867598 Some Irssi issues were found: CVE-2017-10965 An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer...

9.8CVSS9.9AI score0.03443EPSS

Debian•added 2017/09/04 9:32 p.m.•20 views

[SECURITY] [DSA 3964-1] asterisk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3964-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 04, 2017 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.14907EPSS

Debian•added 2017/09/04 7:21 p.m.•26 views

[SECURITY] [DLA 1088-1] irssi security update

Package : irssi Version : 0.8.15-5+deb7u2 CVE ID : CVE-2017-9468 CVE-2017-9469 Debian Bug : 864400 Irssi has some issues where remote attackers might be able to cause a crash. CVE-2017-9468 In irssi, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer...

7.5CVSS7.9AI score0.06084EPSS

Debian•added 2017/09/04 7:5 a.m.•39 views

[SECURITY] [DSA 3963-1] mercurial security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...

10CVSS9.6AI score0.21512EPSS

Debian•added 2017/09/04 7:5 a.m.•33 views

[SECURITY] [DSA 3963-1] mercurial security update

10CVSS2.5AI score0.21512EPSS

Debian•added 2017/09/03 6:40 p.m.•18 views

[SECURITY] [DLA 1086-1] enigmail security update

Package : enigmail Version : 2:1.9.8.1-1deb7u1 In DLA 1007-1 Thunderbird was upgraded to the latest ESR series. This update upgrades Enigmail, the OpenPGP extention for Thunderbird, to version 1.9.8.1 to restore full compatibility. For Debian 7 "Wheezy", these problems have been fixed in version...

5.8AI score

Debian•added 2017/09/03 1:23 p.m.•23 views

[SECURITY] [DSA 3962-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3962-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez September 03, 2017 https://www.debian.org/security/faq -...

7.5CVSS7.3AI score0.03252EPSS

Debian•added 2017/09/03 6:42 a.m.•19 views

[SECURITY] [DLA 1085-1] libidn2-0 security update

Package : libidn2-0 Version : 0.8-2+deb7u1 CVE ID : CVE-2017-14062 Debian Bug : 873902 It was discovered that there was an integer overflow vulnerability in libidn2-0s Punycode handling an encoding used to convert Unicode characters to ASCII which would have allowed attackers to cause a remote...

9.8CVSS9.6AI score0.03965EPSS

Debian•added 2017/09/03 6:1 a.m.•30 views

[SECURITY] [DSA 3961-1] libgd2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3961-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 03, 2017 https://www.debian.org/security/faq -...

5CVSS2AI score0.05102EPSS

Debian•added 2017/09/03 6:1 a.m.•26 views

[SECURITY] [DSA 3961-1] libgd2 security update

7.5CVSS7.8AI score0.05102EPSS

Debian•added 2017/09/02 9:41 p.m.•24 views

[SECURITY] [DLA 1084-1] libidn security update

Package : libidn Version : 1.25-2+deb7u3 CVE ID : CVE-2017-14062 Debian Bug : 873903 It was discovered that there was an integer overflow vulnerability in libidns Punycode handling an encoding used to convert Unicode characters to ASCII which would have allowed remote attackers to cause a denial ...

9.8CVSS9.6AI score0.03965EPSS

Debian•added 2017/09/01 7:52 p.m.•28 views

[SECURITY] [DSA 3960-1] gnupg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3960-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 01, 2017 https://www.debian.org/security/faq -...

4.3CVSS1.3AI score0.03885EPSS

Debian•added 2017/09/01 7:52 p.m.•26 views

[SECURITY] [DSA 3960-1] gnupg security update

6.8CVSS6.8AI score0.03885EPSS

Debian•added 2017/08/31 10:29 p.m.•53 views

[SECURITY] [DLA 1083-1] openexr security update

Package : openexr Version : 1.6.1-6+deb7u1 CVE ID : CVE-2017-9110 CVE-2017-9112 CVE-2017-9116 Debian Bug : 864078 Brandon Perry discovered that openexr, a high dynamic-range HDR image library, was affected by an integer overflow vulnerability and missing boundary checks that would allow a remote...

6.5CVSS6.9AI score0.01851EPSS

Debian•added 2017/08/31 8:21 p.m.•35 views

[SECURITY] [DLA 1082-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.16-1.1+deb7u9 CVE ID : CVE-2017-12935 CVE-2017-12936 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13776 CVE-2017-13777 CVE-2017-13776 CVE-2017-13777 denial of service issue in ReadXBMImage CVE-2017-12935 The ReadMNGImage function in...

8.8CVSS8.5AI score0.25065EPSS

Debian•added 2017/08/31 11:58 a.m.•39 views

[SECURITY] [DLA 1079-1] libdbd-mysql-perl security update

Package : libdbd-mysql-perl Version : 4.021-1+deb7u3 CVE ID : CVE-2017-10788 CVE-2017-10789 Debian Bug : 866818 866821 The Perl library for communicating with MySQL database, used in the "mysql" commandline client is vulnerable to a man in the middle attack in SSL configurations and remote crash...

9.8CVSS7.5AI score0.07083EPSS