Debian - Page 187 of Debian Vulnerabilities List

Debian•added 2014/09/17 7:55 p.m.•32 views

[SECURITY] [DSA 3028-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3028-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 17, 2014 http://www.debian.org/security/faq -...

10CVSS7.5AI score0.05584EPSS

Debian•added 2014/09/17 7:54 p.m.•31 views

[SECURITY] [DSA 3027-1] libav security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3027-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 17, 2014 http://www.debian.org/security/faq -...

6.8CVSS6.1AI score0.01681EPSS

Debian•added 2014/09/17 12:59 p.m.•36 views

[SECURITY] [DLA 57-1] libstruts1.2-java security update

Package : libstruts1.2-java Version : 1.2.9-4+deb6u1 CVE ID : CVE-2014-0114 It was discovered that missing access checks in the Struts ActionForm object could result in the execution of arbitrary code. This update fixes this problem...

7.5CVSS7.1AI score0.95821EPSS

Debian•added 2014/09/17 12:5 p.m.•37 views

[SECURITY] [DLA 56-1] wordpress security update

Package : wordpress Version : 3.6.1+dfsg-1deb6u5 CVE ID : CVE-2014-2053 CVE-2014-5204 CVE-2014-5205 CVE-2014-5240 CVE-2014-5265 CVE-2014-5266 Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information...

7.5CVSS7.2AI score0.24385EPSS

Debian•added 2014/09/17 6:18 a.m.•22 views

[SECURITY] [DLA 49-1] acpi-support security update

Package : acpi-support Version : 0.137-5+deb6u2 CVE ID : CVE-2014-0484 During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a users environment...

7.2CVSS5.8AI score0.00373EPSS

Debian•added 2014/09/17 12:11 a.m.•24 views

[SECURITY] [DLA 55-1] nginx security update

Package : nginx Version : 0.7.67-3+squeeze4 CVE ID : CVE-2014-3616 Antoine Delignat-Lavaud discovered that it was possible to reuse SSL sessions in unrelated contexts if a shared SSL session cache or the same TLS session ticket key was used for multiple "server" blocks...

4.3CVSS5.8AI score0.05679EPSS

Debian•added 2014/09/16 6:34 p.m.•41 views

[SECURITY] [DSA 3026-1] dbus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3026-1 [email protected] http://www.debian.org/security/ Florian Weimer September 16, 2014 http://www.debian.org/security/faq -...

4.4CVSS6.9AI score0.00528EPSS

Debian•added 2014/09/16 4:51 p.m.•24 views

[SECURITY] [DLA 53-1] apt security update

Package : apt Version : 0.8.10.3+squeeze3 CVE ID : CVE-2014-0487 CVE-2014-0488 CVE-2014-0489 It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data CVE-2014-0488, performs incorrect verification of 304 replies CVE-2014-0487 and does not perfo...

7.5CVSS6.4AI score0.03614EPSS

Debian•added 2014/09/16 4:30 p.m.•26 views

[SECURITY] [DSA 3025-1] apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3025-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 16, 2014 http://www.debian.org/security/faq -...

7.5CVSS2AI score0.03614EPSS

Debian•added 2014/09/16 4:30 p.m.•26 views

[SECURITY] [DSA 3025-1] apt security update

7.5CVSS6.5AI score0.03614EPSS

Debian•added 2014/09/14 7:23 a.m.•32 views

[SECURITY] [DLA 53-1] gnupg security update

Package : gnupg Version : 1.4.10-4+squeeze6 CVE ID : CVE-2014-5270 Genkin, Pipman and Tromer discovered a side-channel attack on Elgamal encryption subkeys CVE-2014-5270. In addition, this update hardens GnuPGs behaviour when treating keyserver responses; GnuPG now filters keyserver responses to...

2.1CVSS6.7AI score0.00531EPSS

Debian•added 2014/09/11 8:47 p.m.•13 views

[SECURITY] [DLA 52-1] ia32-libs security update

Package : ia32-libs, ia32-libs-gtk Version : 20140911 The ia32-libs and ia32-libs-gtk packages contain 32 bit versions of various libraries for use on 64 bit systems. This update rolls in all security fixes made to these libraries since the start of Squeeze LTS...

7.2AI score

Debian•added 2014/09/11 8:39 p.m.•29 views

[SECURITY] [DSA 3023-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3023-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 11, 2014 http://www.debian.org/security/faq -...

2.6CVSS6AI score0.3278EPSS

Debian•added 2014/09/11 8:39 p.m.•29 views

[SECURITY] [DSA 3023-1] bind9 security update

2.6CVSS1.8AI score0.3278EPSS

Debian•added 2014/09/11 8:35 p.m.•21 views

[SECURITY] [DSA 3024-1] gnupg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3024-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 11, 2014 http://www.debian.org/security/faq -...

2.1CVSS5.6AI score0.00531EPSS

Debian•added 2014/09/11 3:56 a.m.•19 views

[SECURITY] [DLA 51-1] gnupg2 security update

Package : gnupg2 Version : 2.0.14-2+squeeze3 CVE ID : CVE-2014-4617 Debian Bug : 752498 Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that GnuPG, the GNU Privacy Guard, did not properly parse certain garbled compressed data packets. A remote attacker could use this flaw to moun...

5CVSS6.9AI score0.03305EPSS

Debian•added 2014/09/10 9:28 p.m.•61 views

[SECURITY] [DSA 3021-2] file regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3021-2 [email protected] http://www.debian.org/security/ Luciano Bello September 10, 2014 http://www.debian.org/security/faq -...

6.5CVSS10AI score0.20805EPSS

Debian•added 2014/09/10 5:51 p.m.•28 views

[SECURITY] [DSA 3022-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3022-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 10, 2014 http://www.debian.org/security/faq -...

5CVSS8.5AI score0.07432EPSS

Debian•added 2014/09/10 3:52 p.m.•48 views

[SECURITY] [DLA 50-1] file security update

Package : file Version : 5.04-5+squeeze7 CVE ID : CVE-2014-3538 CVE-2014-3587 Debian Bug : - CVE-2014-3538 file does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service CPU consumption. CVE-2014-3587 Integer overflow in t...

5CVSS8.7AI score0.20237EPSS

Debian•added 2014/09/10 2:51 p.m.•24 views

[SECURITY] [DSA 3020-1] acpi-support security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3020-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 10, 2014 http://www.debian.org/security/faq -...

7.2CVSS6.1AI score0.00373EPSS

Debian•added 2014/09/09 1:10 p.m.•41 views

[SECURITY] [DSA 3021-1] file security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3021-1 [email protected] http://www.debian.org/security/ Luciano Bello September 09, 2014 http://www.debian.org/security/faq -...

6.5CVSS10AI score0.20805EPSS

Debian•added 2014/09/05 7:30 p.m.•34 views

[SECURITY] [DLA 48-1] bind9 security update

Package : bind9 Version : 9.7.3.dfsg-1squeeze12 CVE ID : CVE-2014-0591 Debian Bug : 735190 Fix denial of service attack when processing NSEC3-signed zone queries, fixed by not calling memcpy with overlapping ranges in bin/named/query.c. - patch backported from 9.8.6-P2 by Marc Deslauriers from th...

2.6CVSS6.8AI score0.3278EPSS

Debian•added 2014/09/05 4:1 p.m.•28 views

[SECURITY] [DLA 47-1] lua5.1 security update

Package : lua5.1 Version : 5.1.4-5+deb6u1 CVE ID : CVE-2014-5461 Fix stack overflow in vararg functions...

5CVSS5.8AI score0.11572EPSS

Debian•added 2014/09/04 9:5 p.m.•20 views

[SECURITY] [DLA-46-1] procmail update

Debian Security Advisory DLA-0023-1 https://wiki.debian.org/LTS Package : procmail Version : 3.22-19+deb6u1 CVE ID : CVE-2014-3618 Debian Bug : 704675 760443 Boris pi Piwinger and Tavis Ormandy reported a heap overflow vulnerability in procmails formail utility when processing specially-crafted...

7.5CVSS7AI score0.08525EPSS

Debian•added 2014/09/04 8:38 p.m.•23 views

[SECURITY] [DSA 3019-1] procmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3019-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 04, 2014 http://www.debian.org/security/faq -...

7.5CVSS2.4AI score0.08525EPSS

Debian•added 2014/09/04 8:38 p.m.•19 views

[SECURITY] [DSA 3019-1] procmail security update

7.5CVSS9.8AI score0.08525EPSS

Debian•added 2014/09/04 6:46 p.m.•44 views

[SECURITY] [DLA 45-1] squid3 security update

Package : squid3 Version : 3.1.6-1.2+squeeze4 CVE ID : CVE-2014-3609 CVE-2014-3609: Denial of Service in Range header processing. Ignore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid...

5CVSS7.1AI score0.5622EPSS

Debian•added 2014/09/03 4:46 p.m.•25 views

[SECURITY] [DLA 44-1] libwpd security update

Package : libwpd Version : 0.8.14-1+deb6u1 CVE ID : CVE-2012-2149 Fix arbitrary code execution by remote attackers via crafted Wordperfect .WPD documents...

7.5CVSS6.4AI score0.13391EPSS

Debian•added 2014/09/03 10:44 a.m.•41 views

[SECURITY] [DSA 3018-1] iceweasel security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3018-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 03, 2014 http://www.debian.org/security/faq -...

10CVSS7.5AI score0.05584EPSS

Debian•added 2014/09/02 6:3 p.m.•48 views

[DLA 43-1] eglibc security update

Package : eglibc Version : 2.11.3-4+deb6u1 CVE ID : CVE-2014-0475 CVE-2014-5119 CVE-2014-0475 Stephane Chazelas discovered that the GNU C library, glibc, processed ".." path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as...

7.5CVSS8AI score0.18099EPSS

Debian•added 2014/09/02 4:40 p.m.•27 views

[SECURITY] [DSA 3017-1] php-cas security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3017-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 2, 2014 http://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.06057EPSS

Debian•added 2014/09/01 7:8 p.m.•19 views

[SECURITY] [DSA 3016-1] lua5.2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3016-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2014 http://www.debian.org/security/faq -...

5CVSS6AI score0.11572EPSS

Debian•added 2014/09/01 7:2 p.m.•27 views

[SECURITY] [DSA 3015-1] lua5.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3015-1 [email protected] http://www.debian.org/security/ Florian Weimer September 01, 2014 http://www.debian.org/security/faq -...

5CVSS6AI score0.11572EPSS

Debian•added 2014/08/31 9:8 p.m.•14 views

[SECURITY] [DSA 2987-2] openjdk-7 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-2987-2 [email protected] http://www.debian.org/security/ Florian Weimer August 31, 2014 http://www.debian.org/security/faq -...

6.8AI score

Debian•added 2014/08/29 3:7 a.m.•20 views

[DLA 42-1] live-config security update

Package : live-config Version : 2.0.15-1.1+deb6u1 Debian Bug : 741678 A vulnerability against Debian Live, the live systems project, was reported. The default, the live images include a SSH server allowing for log in with default user and password. This fix set PasswordAuthentication in...

7.3AI score

Debian•added 2014/08/28 3:36 p.m.•40 views

[SECURITY] [DSA 3014-1] squid3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3014-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 28, 2014 http://www.debian.org/security/faq -...

5CVSS2.2AI score0.5622EPSS

Debian•added 2014/08/28 3:36 p.m.•41 views

[SECURITY] [DSA 3014-1] squid3 security update

5CVSS5.7AI score0.5622EPSS

Debian•added 2014/08/27 7:32 p.m.•21 views

[SECURITY] [DSA 3013-1] s3ql security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3013-1 [email protected] http://www.debian.org/security/ Florian Weiemr August 27, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.3AI score0.0457EPSS

Debian•added 2014/08/27 5:51 a.m.•30 views

[SECURITY] [DSA 3012-1] eglibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3012-1 [email protected] http://www.debian.org/security/ Florian Weimer August 27, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.8AI score0.18099EPSS

Debian•added 2014/08/24 4:38 p.m.•28 views

[DLA 41-1] python-imaging security update

Package : python-imaging Version : 1.1.7-2+deb6u1 CVE ID : CVE-2014-3589 Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed...

5CVSS6.4AI score0.03587EPSS

Debian•added 2014/08/23 3:27 p.m.•20 views

[SECURITY] [DSA 3011-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3011-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.01774EPSS

Debian•added 2014/08/23 3:27 p.m.•43 views

[SECURITY] [DSA 3011-1] mediawiki security update

6.8CVSS6.5AI score0.01774EPSS

Debian•added 2014/08/22 8:52 p.m.•28 views

[SECURITY] [DSA 3010-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3010-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 22, 2014 http://www.debian.org/security/faq -...

6CVSS6.9AI score0.02459EPSS

Debian•added 2014/08/22 8:52 p.m.•38 views

[SECURITY] [DSA 3010-1] python-django security update

6CVSS1.3AI score0.02459EPSS

Debian•added 2014/08/22 5:44 p.m.•32 views

[DLA 40-1] cacti security update

Package : cacti Version : 0.8.7g-1+squeeze5 CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5261 CVE-2014-5262 Debian Bug : 755032 Multiple security issues cross-site scripting, missing input sanitizing and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring...

7.5CVSS9.2AI score0.10773EPSS

Debian•added 2014/08/21 6:9 p.m.•24 views

[SECURITY] [DSA 3009-1] python-imaging security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3009-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 21, 2014 http://www.debian.org/security/faq -...

5CVSS5.7AI score0.03587EPSS

Debian•added 2014/08/21 12:39 p.m.•38 views

[SECURITY] [DSA 3008-2] php5 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3008-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 21, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.20237EPSS

Debian•added 2014/08/21 12:39 p.m.•41 views

[SECURITY] [DSA 3008-2] php5 regression update

6.8CVSS10AI score0.20237EPSS

Debian•added 2014/08/21 6:39 a.m.•46 views

[SECURITY] [DSA 2940-1] libstruts1.2-java security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2940-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff Aug 21, 2014 http://www.debian.org/security/faq -...

7.5CVSS7.9AI score0.95821EPSS