Debian - Page 188 of Debian Vulnerabilities List

Debian•added 2014/08/21 6:22 a.m.•49 views

[SECURITY] [DSA 3008-1] php5 security update

6.8CVSS10AI score0.20237EPSS

Debian•added 2014/08/20 6:35 p.m.•18 views

[DLA 39-1] gpgme1.0 security update

Package : gpgme1.0 Version : 1.2.0-1.2+deb6u1 CVE ID : CVE-2014-3564 Debian Bug : 756651 Tomas Trnka discovered a heap-based buffer overflow within the gpgsm status handler of GPGME, a library designed to make access to GnuPG easier for applications. An attacker could use this issue to cause an...

6.8CVSS7.2AI score0.04289EPSS

Debian•added 2014/08/20 9:59 a.m.•24 views

[SECURITY] [DSA 3007-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3007-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 20, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.10773EPSS

Debian•added 2014/08/18 5:42 p.m.•29 views

[DLA 37-1] krb5 security update

Package : krb5 Version : 1.8.3+dfsg-4squeeze8 CVE ID : CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 Debian Bug : 753624 753625 755520 755521 757416 Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposure...

8.5CVSS10AI score0.08085EPSS

Debian•added 2014/08/18 12:41 p.m.•32 views

[SECURITY] [DSA 3006-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3006-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 18, 2014 http://www.debian.org/security/faq -...

7.4CVSS5.2AI score0.0081EPSS

Debian•added 2014/08/14 12:29 p.m.•22 views

[SECURITY] [DSA 3005-1] gpgme1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3005-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 14, 2014 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.04289EPSS

Debian•added 2014/08/14 12:29 p.m.•17 views

[SECURITY] [DSA 3005-1] gpgme1.0 security update

6.8CVSS6.7AI score0.04289EPSS

Debian•added 2014/08/13 6:15 a.m.•15 views

[DLA 25-3] python2.6 regression update

Package : python2.6 Version : 2.6.6-8+deb6u3 Debian Bug : 757776 The python2.6 packages distributed for squeeze-lts lacked some modules due to the package being built on systems running a 3.x version of the linux kernel...

5.5AI score

Debian•added 2014/08/11 8:10 p.m.•9 views

[SECURITY] [DSA 2984-2] acpi-support regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-2984-2 [email protected] http://www.debian.org/security/ Raphael Geissert August 11, 2014 http://www.debian.org/security/faq -...

7.2AI score

Debian•added 2014/08/11 5:31 p.m.•21 views

[DLA 36-1] polarssl security update

Package : polarssl Version : 1.2.9-1deb6u2 CVE ID : CVE-2014-4911 Debian Bug : 754655 Denial of Service against GCM enabled servers and clients...

5CVSS6.3AI score0.02427EPSS

Debian•added 2014/08/11 4:38 p.m.•31 views

[DLA 35-1] lzo2 security update

Package : lzo2 Version : 2.03-2+deb6u1 CVE ID : CVE-2014-4607 Debian Bug : 752861 Fix integer overflow in lzo1xdecompresssafe allowing denial of service or code execution...

8.8CVSS6.7AI score0.05315EPSS

Debian•added 2014/08/10 10:34 p.m.•37 views

[SECURITY] [DSA 3004-1] kde4libs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3004-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 11, 2014 http://www.debian.org/security/faq -...

6.9CVSS6.1AI score0.00359EPSS

Debian•added 2014/08/10 9:28 p.m.•32 views

[SECURITY] [DSA 3003-1] libav security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3003-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 10, 2014 http://www.debian.org/security/faq -...

9.3CVSS5.9AI score0.05715EPSS

Debian•added 2014/08/10 9:2 p.m.•28 views

[SECURITY] [DSA 3002-1] wireshark security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3002-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 10, 2014 http://www.debian.org/security/faq -...

5CVSS6.5AI score0.03252EPSS

Debian•added 2014/08/09 8:13 p.m.•11 views

[SECURITY] [DSA 3001-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3001-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq -...

1.9AI score

Debian•added 2014/08/09 8:13 p.m.•17 views

[SECURITY] [DSA 3001-1] wordpress security update

7.5AI score

Debian•added 2014/08/09 2:54 p.m.•30 views

[SECURITY] [DSA 3000-1] krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3000-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq -...

8.5CVSS1.2AI score0.08085EPSS

Debian•added 2014/08/09 2:54 p.m.•29 views

[SECURITY] [DSA 3000-1] krb5 security update

8.5CVSS10AI score0.08085EPSS

Debian•added 2014/08/09 1:56 p.m.•19 views

[DLA 34-1] libapache-mod-security security update

Package : libapache-mod-security Version : 2.5.12-1+squeeze4 CVE ID : CVE-2013-5705 Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing...

5CVSS6.3AI score0.02648EPSS

Exploits2

Debian•added 2014/08/09 7:11 a.m.•7 views

[SECURITY] [DSA 2999-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2999-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq -...

2.1AI score

Debian•added 2014/08/09 7:11 a.m.•11 views

[SECURITY] [DSA 2999-1] drupal7 security update

6.9AI score

Debian•added 2014/08/07 8:36 p.m.•63 views

[DLA 33-1] openssl security update

Package : openssl Version : 0.9.8o-4squeeze17 CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 Detailed descriptions of the vulnerabilities can be found at: https://www.openssl.org/news/secadv20140806.txt Its important that you upgrade the libssl0.9.8 package and not...

5CVSS6.6AI score0.51436EPSS

Debian•added 2014/08/07 6:21 p.m.•45 views

[DLA 32-1] nspr security update

Package : nspr Version : 4.8.6-1+squeeze2 CVE ID : CVE-2014-1545 Abhiskek Arya discovered an out of bounds write in the cvtt function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code...

10CVSS9.6AI score0.06381EPSS

Debian•added 2014/08/07 5:0 p.m.•35 views

[DLA 31-1] reportbug security update

Package : reportbug Version : 4.12.6+deb6u1 CVE ID : CVE-2014-0479 Fix CVE-2014-0479: Arbitrary code execution in compareversions. A man-in-the-middle attacker could put shell metacharacters in the version number, causing execution of code of their choice...

6.8CVSS6.2AI score0.02735EPSS

Debian•added 2014/08/07 2:48 p.m.•24 views

[DLA 20-1] munin security update

Package : munin Version : 1.4.5-3+deb6u1 CVE ID : CVE-2012-3512 CVE-2013-6048 CVE-2013-6359 Christoph Biedl munin-node: more secure state file handling, introducing a new plugin state directory root, owned by uid 0. Then each plugin runs in its own UID plugin state directory, owned by that UID...

7.2CVSS5.8AI score0.02502EPSS

Debian•added 2014/08/06 11:44 p.m.•41 views

[SECURITY] [DSA 2998-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2998-1 [email protected] http://www.debian.org/security/ Raphael Geissert August 07, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.5AI score0.7408EPSS

Debian•added 2014/08/05 6:8 p.m.•21 views

[SECURITY] [DSA 2997-1] reportbug security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2997-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 05, 2014 http://www.debian.org/security/faq -...

6.8CVSS2.1AI score0.02735EPSS

Debian•added 2014/08/05 6:8 p.m.•25 views

[SECURITY] [DSA 2997-1] reportbug security update

6.8CVSS6.5AI score0.02735EPSS

Debian•added 2014/08/05 11:20 a.m.•11 views

[DLA 25-2] python2.6 regression update

Package : python2.6 Version : 2.6.6-8+deb6u2 A regression has been identified in the python2.6 update of DLA-25-1, which may cause python applications to abort if they were running during the upgrade but they had not already imported the os module, and do so after the upgrade. This update fixes...

4.5AI score

Debian•added 2014/08/05 10:56 a.m.•19 views

[DLA 30-1] acpi-support security update

Package : acpi-support Version : 0.137-5+deb6u1 CVE ID : CVE-2014-1419 CESG discovered a race condition in acpi-support which may allow an unprivileged user to execute arbitrary code as a different user, including root...

6.9CVSS6.2AI score0.00272EPSS

Debian•added 2014/08/03 8:52 a.m.•33 views

[SECURITY] [DSA 2996-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2996-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 03, 2014 http://www.debian.org/security/faq -...

10CVSS9.9AI score0.06109EPSS

Debian•added 2014/08/03 7:37 a.m.•33 views

[SECURITY] [DSA 2995-1] lzo2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2995-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 03, 2014 http://www.debian.org/security/faq -...

6.8CVSS1.9AI score0.05315EPSS

Debian•added 2014/08/03 7:37 a.m.•29 views

[SECURITY] [DSA 2995-1] lzo2 security update

8.8CVSS8.7AI score0.05315EPSS

Debian•added 2014/08/01 11:13 a.m.•25 views

[DLA 29-1] puppet security update

Package : puppet Version : 2.6.2-5+squeeze10 CVE ID : CVE-2012-6120 It was discovered that the puppet package did not restrict the permissions and ownership of the /var/log/puppet directory, which may expose sensitive information...

2.1CVSS5.8AI score0.00387EPSS

Debian•added 2014/08/01 11:12 a.m.•30 views

[DLA 28-1] augeas security update

Package : augeas Version : 0.7.2-1+deb6u1 CVE ID : CVE-2012-0786 CVE-2012-0787 CVE-2013-6412 Debian Bug : 731111 731132 Multiple race conditions were discovered in augeas when saving configuration files which expose it to symlink attacks. Write access to the directory where the configuration file...

4.6CVSS5.8AI score0.00446EPSS

Debian•added 2014/07/31 9:43 p.m.•24 views

[DLA 17-1] tor: new upstream version

Package : tor Version : 0.2.4.23-1deb6u1 The Tor version previously in Debian squeeze, 0.2.2.39, is no longer supported by upstream. This update brings the currently stable version of Tor, 0.2.4.23, to Debian squeeze. Changes include use of stronger cryptographic primitives, always clearing bignu...

2.7AI score

Debian•added 2014/07/31 9:7 p.m.•40 views

[DLA 25-1] python2.6 security update

Package : python2.6 Version : 2.6.6-8+deb6u1 CVE ID : CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2013-4238 CVE-2014-1912 Multiple vulnerabilities were discovered in python2.6. The more relevant are: CVE-2013-4238 Incorrect handling of NUL bytes in...

7.5CVSS9.2AI score0.28112EPSS

Exploits16

Debian•added 2014/07/31 2:47 p.m.•48 views

[DLA 27-1] file security update

Package : file Version : 5.04-5+squeeze6 CVE ID : CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 Fix various denial of service attacks: CVE-2014-3487 The cdfreadpropertyinfo function does not properly validate a stream offset, which allows remote...

6.5CVSS7.2AI score0.20805EPSS

Debian•added 2014/07/31 11:51 a.m.•80 views

[SECURITY] [DSA 2994-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2994-1 [email protected] http://www.debian.org/security/ Raphael Geissert July 31, 2014 http://www.debian.org/security/faq -...

7.5CVSS8.2AI score0.04664EPSS

Debian•added 2014/07/31 11:25 a.m.•27 views

[DLA 26-1] python-scipy security update

Package : python-scipy Version : 0.7.2+dfsg1-1+deb6u1 CVE ID : CVE-2013-4251 Debian Bug : 726093 It was discovered that python-scipy did not correctly handle temporary directories, which may allow arbitrary code execution...

7.8CVSS7.3AI score0.00427EPSS

Debian•added 2014/07/31 11:24 a.m.•22 views

[DLA 24-1] poppler security update

Package : poppler Version : 0.12.4-1.2+squeeze4 CVE ID : CVE-2010-5110 Debian Bug : 722705 It was discovered that poppler did return program execution to the libjpeg library under error conditions, which is not expected by the library and results in application crash and possibly code execution...

4.3CVSS7.3AI score0.02978EPSS

Debian•added 2014/07/31 11:23 a.m.•30 views

[DLA 23-1] nss security update

Package : nss Version : 3.12.8-1+squeeze8 CVE ID : CVE-2013-1741 CVE-2013-5606 CVE-2014-1491 CVE-2014-1492 CVE-2013-1741 Runaway memset in certificate parsing on 64-bit computers leading to a crash by attempting to write 4Gb of nulls. CVE-2013-5606 Certificate validation with the verifylog mode d...

7.5CVSS6.4AI score0.04664EPSS

Debian•added 2014/07/31 10:34 a.m.•27 views

[SECURITY] [DSA 2993-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2993-1 [email protected] http://www.debian.org/security/ Peter Palfrader July 31, 2014 http://www.debian.org/security/faq -...

5.8CVSS6.1AI score0.02094EPSS

Debian•added 2014/07/31 10:34 a.m.•28 views

[SECURITY] [DSA 2993-1] tor security update

5.8CVSS0.1AI score0.02094EPSS

Debian•added 2014/07/31 7:47 a.m.•41 views

[DLA-0022-1] cups security update

Debian Security Advisory DLA-0022-1 https://wiki.debian.org/LTS - --------------------------------------------------------------------- Package : cups Version : 1.4.4-7+squeeze6 CVE ID : CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 It was discovered that the web interface in CUPS, the...

5CVSS7.3AI score0.02911EPSS

Debian•added 2014/07/29 9:44 a.m.•38 views

[DLA-0019-1] postgresql-8.4 update

Debian Security Advisory DLA-0019-1 https://wiki.debian.org/LTS - ---------------------------------------------------------------------------- Package : postgresql-8.4 Version : 8.4.22-0+deb6u1 CVE ID : CVE-2014-0067 New upstream minor release. Users should upgrade to this version at their next...

4.6CVSS0.1AI score0.00484EPSS