Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
DebianRecent
RecentMost viewed

14355 matches found

Debian
Debian•added 2014/10/19 4:52 p.m.•22 views

[SECURITY] [DLA 72-1] rsylog security update

Package : rsylog Version : 4.6.4-2+deb6u1 CVE ID : CVE-2014-3634 CVE-2014-3683 CVE-2014-3634 Fix remote syslog vulnerability due to improper handling of invalid PRI values. CVE-2014-3683 Followup fix for CVE-2014-3634. The initial patch was incomplete. It did not cover cases where PRI values MAXI...

7.5CVSS8.2AI score0.07546EPSS
Exploits2
Debian
Debian•added 2014/10/18 5:31 p.m.•29 views

[SECURITY] [DSA 3050-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3050-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 15, 2014 http://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.04991EPSS
Exploits0
Debian
Debian•added 2014/10/17 4:55 p.m.•49 views

[BSA-098] Security update for drupal7

Gunnar Wolf uploaded new packages for Drupal7 which fixed the following security problems: CVE 2014-3704 / SA-CORE-2014-005: Highly critical: Pre Auth SQL injection The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared...

7.5CVSS7AI score0.99974EPSS
Exploits20
Debian
Debian•added 2014/10/16 3:48 p.m.•42 views

[SECURITY] [DSA 3053-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3053-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 16, 2014 http://www.debian.org/security/faq -...

7.1CVSS5.2AI score0.99999EPSS
Exploits5
Debian
Debian•added 2014/10/16 10:10 a.m.•54 views

[SECURITY] [DLA 71-1] apache2 security update

Package : apache2 Version : 2.2.16-6+squeeze14 CVE ID : CVE-2013-5704 CVE-2014-3581 This update fixes two security issues with apache2. CVE-2013-5704 Disable the possibility to replace HTTP headers with HTTP trailers as this could be used to circumvent earlier header operations made by other...

5CVSS6.7AI score0.60205EPSS
Exploits2
Debian
Debian•added 2014/10/16 4:2 a.m.•38 views

[SECURITY] [DSA 3052-1] wpa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3052-1 [email protected] http://www.debian.org/security/ Michael Gilbert October 15, 2014 http://www.debian.org/security/faq -...

6.8CVSS2.2AI score0.04945EPSS
Exploits0
Debian
Debian•added 2014/10/16 4:2 a.m.•35 views

[SECURITY] [DSA 3052-1] wpa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3052-1 [email protected] http://www.debian.org/security/ Michael Gilbert October 15, 2014 http://www.debian.org/security/faq -...

6.8CVSS5.9AI score0.04945EPSS
Exploits0
Debian
Debian•added 2014/10/15 6:37 p.m.•59 views

[SECURITY] [DSA 3051-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3051-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 15, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.4AI score0.99974EPSS
Exploits20
Debian
Debian•added 2014/10/14 7:35 p.m.•31 views

[SECURITY] [DSA 3049-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3049-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 14, 2014 http://www.debian.org/security/faq -...

5CVSS6.7AI score0.03409EPSS
Exploits0
Debian
Debian•added 2014/10/14 9:47 a.m.•29 views

[SECURITY] [DLA 58-2] apt regression fix

Package : apt Version : 0.8.10.3+squeeze6 CVE ID : CVE-2014-6273 This update fixes a regression introduced in 0.8.10.3+squeeze5 where apt would send invalid HTTP requests when sending If-Range queries. Thanks to Steven McDonald who reported1 the regression and to Michael Vogt for having uploaded ...

6.8CVSS7.3AI score0.02437EPSS
Exploits0
Debian
Debian•added 2014/10/08 4:21 p.m.•27 views

[SECURITY] [DSA 3048-1] apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3048-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst October 08, 2014 http://www.debian.org/security/faq -...

3.6CVSS5.7AI score0.00386EPSS
Exploits0
Debian
Debian•added 2014/10/08 11:9 a.m.•22 views

[SECURITY] [DSA 3047-1] rsyslog security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3047-1 [email protected] http://www.debian.org/security/ Luciano Bello October 08, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.2AI score0.07546EPSS
Exploits2
Debian
Debian•added 2014/10/05 6:33 p.m.•20 views

[SECURITY] [DLA 70-1] tryton-server security update

Package : tryton-server Version : 1.6.1-2+squeeze2 CVE ID : CVE-2014-6633 duesenfranz discovered, that safeeval in trytond could be used to execute arbitrary commands, mainly via the webdav interface. The patches applied do not allow double underscores in safeeval and avoid double evaluation from...

9CVSS7.2AI score0.02605EPSS
Exploits0
Debian
Debian•added 2014/10/05 3:32 p.m.•22 views

[SECURITY] [DSA 3046-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3046-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 05, 2014 http://www.debian.org/security/faq -...

3.5CVSS2AI score0.01568EPSS
Exploits0
Debian
Debian•added 2014/10/05 3:32 p.m.•22 views

[SECURITY] [DSA 3046-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3046-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 05, 2014 http://www.debian.org/security/faq -...

3.5CVSS5.8AI score0.01568EPSS
Exploits0
Debian
Debian•added 2014/10/04 7:27 p.m.•30 views

[SECURITY] [DSA 3045-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3045-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 04, 2014 http://www.debian.org/security/faq -...

8.6CVSS8.3AI score0.02116EPSS
Exploits4
Debian
Debian•added 2014/10/04 7:26 p.m.•60 views

[SECURITY] [DSA 3044-1] qemu-kvm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3044-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 04, 2014 http://www.debian.org/security/faq -...

8.6CVSS8.3AI score0.02116EPSS
Exploits4
Debian
Debian•added 2014/10/04 9:34 a.m.•17 views

[SECURITY] [DSA 3042-1] exuberant-ctags security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3042-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 04, 2014 http://www.debian.org/security/faq -...

5CVSS6AI score0.04276EPSS
Exploits1
Debian
Debian•added 2014/10/03 1:37 p.m.•21 views

[SECURITY] [DLA 69-1] exuberant-ctags security update

Package : exuberant-ctags Version : 1:5.8-3squeeze2 CVE ID : CVE-2014-7204 Debian Bug : 742605 Stefano Zacchiroli discovered that certain JavaScript input files cause ctags to enter an infinite loop until it runs out of disk space. This update fixes the JavaScript parser...

5CVSS5.8AI score0.04276EPSS
Exploits1
Debian
Debian•added 2014/10/01 12:22 p.m.•37 views

[SECURITY] [DSA 3041-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3041-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 01, 2014 http://www.debian.org/security/faq -...

8.3CVSS6.9AI score0.01058EPSS
Exploits0
Debian
Debian•added 2014/09/30 9:13 p.m.•32 views

[SECURITY] [DSA 3040-1] rsyslog security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3040-1 [email protected] http://www.debian.org/security/ September 30, 2014 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

7.5CVSS6AI score0.07546EPSS
Exploits1
Debian
Debian•added 2014/09/30 8:33 p.m.•37 views

[SECURITY] [DLA 68-1] fex security update

Package : fex Version : 20100208+debian1-1+squeeze4 CVE ID : CVE-2014-3875 CVE-2014-3876 CVE-2014-3877 CVE-2014-3875 When inserting encoded newline characters into a request to rup, additional HTTP headers can be injected into the reply, as well as new HTML code on the top of the website...

6.1CVSS6.1AI score0.01914EPSS
Exploits5
Debian
Debian•added 2014/09/30 7:41 a.m.•40 views

[SECURITY] [DLA 67-1] php5 security update

Package : php5 Version : 5.3.3-7+squeeze22 CVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-3538 It was discovered that the original fix for CVE-2013-7345 did not sufficiently address the problem. A remote attacker could still cause a denial of service CPU consumption via a...

6.8CVSS9.2AI score0.20237EPSS
Exploits3
Debian
Debian•added 2014/09/29 1:40 p.m.•55 views

[SECURITY] [DLA 66-1] apache2 security update

Package : apache2 Version : 2.2.16-6+squeeze13 CVE ID : CVE-2013-6438 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-0231: prevent denial of service in modcgid. CVE-2014-0226: prevent denial of service via race in modstatus. CVE-2014-0118: fix resource consumption via moddeflate body...

6.8CVSS6.7AI score0.85744EPSS
Exploits6
Debian
Debian•added 2014/09/29 8:20 a.m.•34 views

[SECURITY] [DLA 65-1] python-django security update

Package : python-django Version : 1.2.3-3+squeeze11 CVE ID : CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 This update address an issue with reverse generating external URLs; a denial of service involving file uploads; a potential session hijacking issue in the remote-user middleware; a...

6CVSS5.8AI score0.02459EPSS
Exploits1
Debian
Debian•added 2014/09/28 6:48 p.m.•35 views

[SECURITY] [DSA 3039-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3039-1 [email protected] http://www.debian.org/security/ Michael Gilbert September 28, 2014 http://www.debian.org/security/faq -...

10CVSS0.5AI score0.09758EPSS
Exploits0
Debian
Debian•added 2014/09/28 6:48 p.m.•38 views

[SECURITY] [DSA 3039-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3039-1 [email protected] http://www.debian.org/security/ Michael Gilbert September 28, 2014 http://www.debian.org/security/faq -...

10CVSS7.8AI score0.09758EPSS
Exploits0
Debian
Debian•added 2014/09/27 3:52 p.m.•38 views

[SECURITY] [DSA 3038-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3038-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 27, 2014 http://www.debian.org/security/faq -...

5.8CVSS0.9AI score0.02751EPSS
Exploits0
Debian
Debian•added 2014/09/27 3:52 p.m.•44 views

[SECURITY] [DSA 3038-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3038-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 27, 2014 http://www.debian.org/security/faq -...

5.8CVSS9.4AI score0.02751EPSS
Exploits0
Debian
Debian•added 2014/09/26 9:36 p.m.•32 views

[SECURITY] [DLA 64-1] curl security update

Package : curl Version : 7.21.0-2.1+squeeze9 CVE ID : CVE-2014-3613 CVE-2014-3613 By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary site...

5CVSS9.5AI score0.07432EPSS
Exploits0
Debian
Debian•added 2014/09/26 7:31 p.m.•34 views

[SECURITY] [DSA 3037-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3037-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 26, 2014 http://www.debian.org/security/faq -...

7.5CVSS6AI score0.17004EPSS
Exploits0
Debian
Debian•added 2014/09/26 6:41 a.m.•25 views

[SECURITY] [DSA 3036-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3036-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 26, 2014 http://www.debian.org/security/faq -...

6.4AI score
Exploits0
Debian
Debian•added 2014/09/25 10:35 p.m.•63 views

[SECURITY] [DLA 63-1] bash security update

Package : bash Version : 4.1-3+deb6u2 CVE ID : CVE-2014-7169 Debian Bug : 762760 762761 Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into anothe...

10CVSS8.5AI score0.99999EPSS
Exploits139
Debian
Debian•added 2014/09/25 9:18 p.m.•61 views

[SECURITY] [DSA 3035-1] bash security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3035-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 25, 2014 http://www.debian.org/security/faq -...

10CVSS10AI score0.99999EPSS
Exploits139
Debian
Debian•added 2014/09/25 9:18 p.m.•52 views

[SECURITY] [DSA 3035-1] bash security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3035-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 25, 2014 http://www.debian.org/security/faq -...

10CVSS0.9AI score0.99999EPSS
Exploits139
Debian
Debian•added 2014/09/25 2:59 p.m.•30 views

[SECURITY] [DLA 62-1] nss security update

Package : nss Version : 3.12.8-1+squeeze9 CVE ID : CVE-2014-1568 Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS the Mozilla Network Security Service library was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. An attacker could craf...

7.5CVSS6.8AI score0.17004EPSS
Exploits0
Debian
Debian•added 2014/09/25 6:25 a.m.•45 views

[SECURITY] [DSA 3034-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3034-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 25, 2014 http://www.debian.org/security/faq -...

7.5CVSS6AI score0.17004EPSS
Exploits0
Debian
Debian•added 2014/09/25 12:23 a.m.•30 views

[SECURITY] [DSA 3033-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3033-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 25, 2014 http://www.debian.org/security/faq -...

7.5CVSS6AI score0.17004EPSS
Exploits0
Debian
Debian•added 2014/09/24 7:46 p.m.•12 views

[SECURITY] [DLA 61-1] libplack-perl security update

Package : libplack-perl Version : 0.9941-1+deb6u1 CVE ID : CVE-2014-5269 Apply fix for CVE-2014-5269: Plack::App::File would previously strip trailing slashes off provided paths. This could under specific circumstances lead to the unintended delivery of files. For details see...

5CVSS5.8AI score0.02455EPSS
Exploits0
Debian
Debian•added 2014/09/24 4:14 p.m.•25 views

[SECURITY] [DLA 60-1] icinga security update

Package : icinga Version : 1.0.2-2+squeeze2 CVE ID : CVE-2013-7108 CVE-2014-1878 Two fixes for the Classic UI: - fix off-by-one memory access in processcgivars CVE-2013-7108 - prevent possible buffer overflows in cmd.cgi CVE-2014-1878...

5.5CVSS7.3AI score0.59546EPSS
Exploits0
Debian
Debian•added 2014/09/24 3:22 p.m.•60 views

[SECURITY] [email protected]

Package : bash Version : 4.1-3+deb6u1 CVE ID : CVE-2014-6271 Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash...

9.8CVSS3.5AI score0.99999EPSS
Exploits130
Debian
Debian•added 2014/09/24 3:22 p.m.•55 views

[SECURITY] [email protected]

Package : bash Version : 4.1-3+deb6u1 CVE ID : CVE-2014-6271 Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash...

10CVSS3.5AI score0.99999EPSS
Exploits130
Debian
Debian•added 2014/09/24 2:6 p.m.•53 views

[SECURITY] [DSA 3032-1] bash security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3032-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2014 http://www.debian.org/security/faq -...

10CVSS10AI score0.99999EPSS
Exploits130
Debian
Debian•added 2014/09/23 5:5 p.m.•28 views

[SECURITY] [DLA 58-1] apt security update

Package : apt Version : 0.8.10.3+squeeze5 CVE ID : CVE-2014-6273 The Google Security Team discovered a buffer overflow vulnerability in the HTTP transport code in apt-get. An attacker able to man-in-the-middle a HTTP request to an apt repository can trigger the buffer overflow, leading to a crash...

6.8CVSS9.7AI score0.02437EPSS
Exploits0
Debian
Debian•added 2014/09/23 4:18 p.m.•26 views

[SECURITY] [DSA 3031-1] apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3031-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 23, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.7AI score0.02437EPSS
Exploits0
Debian
Debian•added 2014/09/23 4:18 p.m.•27 views

[SECURITY] [DSA 3031-1] apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3031-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 23, 2014 http://www.debian.org/security/faq -...

6.8CVSS9.7AI score0.02437EPSS
Exploits0
Debian
Debian•added 2014/09/20 9:26 p.m.•74 views

[SECURITY] [DSA 3030-1] mantis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3030-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 20, 2014 http://www.debian.org/security/faq -...

7.5CVSS7.3AI score0.03141EPSS
Exploits3
Debian
Debian•added 2014/09/20 6:14 a.m.•20 views

[SECURITY] [DSA 3029-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3029-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 20, 2014 http://www.debian.org/security/faq -...

4.3CVSS2.1AI score0.05679EPSS
Exploits0
Debian
Debian•added 2014/09/20 6:14 a.m.•24 views

[SECURITY] [DSA 3029-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3029-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 20, 2014 http://www.debian.org/security/faq -...

4.3CVSS5.6AI score0.05679EPSS
Exploits0
Debian
Debian•added 2014/09/18 8:30 p.m.•26 views

[SECURITY] [DSA 3025-2] apt regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3025-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 18, 2014 http://www.debian.org/security/faq -...

7.5CVSS2.6AI score0.03614EPSS
Exploits0
Total number of security vulnerabilities14355