Lucene search
K
DebianRecent

14409 matches found

Debian
Debian
•added 2020/06/09 7:44 p.m.•52 views

[SECURITY] [DSA 4698-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4698-1 [email protected] https://www.debian.org/security/ Ben Hutchings June 09, 2020 https://www.debian.org/security/faq -...

7.2CVSS1AI score0.10114EPSS
Exploits8
Debian
Debian
•added 2020/06/09 6:29 p.m.•55 views

[SECURITY] [DLA 2243-1] firefox-esr security update [REVISED]

Package : firefox-esr Version : 68.9.0esr-1deb8u2 CVE ID : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic...

9.3CVSS8.2AI score0.01537EPSS
Exploits1
Debian
Debian
•added 2020/06/09 6:25 p.m.•62 views

[SECURITY] [DLA 2243-1] firefox-esr security update

Package : firefox-esr Version : 68.9.0esr-1deb8u2 CVE ID : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic...

9.3CVSS8.2AI score0.01537EPSS
Exploits1
Debian
Debian
•added 2020/06/09 6:11 p.m.•53 views

[SECURITY] [DLA 2240-1] bluez security update

Package : bluez Version : 5.43-2+deb9u2deb8u1 CVE ID : CVE-2020-0556 Debian Bug : 953770 It was reported that the BlueZs HID and HOGP profile implementations dont specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target...

7.1CVSS6.8AI score0.01033EPSS
Exploits0
Debian
Debian
•added 2020/06/08 3:1 p.m.•42 views

[SECURITY] [DLA 2239-1] libpam-tacplus security update

Package : libpam-tacplus Version : 1.3.8-2+deb8u1 CVE ID : CVE-2020-13881 It was discovered that there was an issue in libpam-tacplus a security module for using the TACACS+ authentication service where shared secrets such as private server keys were being added in the clear to various logs. For...

7.5CVSS7.8AI score0.01673EPSS
Exploits0
Debian
Debian
•added 2020/06/08 7:59 a.m.•47 views

[SECURITY] [DLA 2238-1] libupnp security update

Package : libupnp Version : 1.6.19+git20141001-1+deb8u2 CVE ID : CVE-2020-13848 Debian Bug : 962282 libupnp, the portable SDK for UPnP Devices allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions...

7.5CVSS7.4AI score0.03469EPSS
Exploits0
Debian
Debian
•added 2020/06/07 4:27 p.m.•90 views

[SECURITY] [DLA 2237-1] cups security update

Package : cups Version : 1.7.5-11+deb8u8 CVE ID : CVE-2019-8842 CVE-2020-3898 The following CVEs were reported against src:cups. CVE-2019-8842 The ippReadIO function may under-read an extension field. CVE-2020-3898 There was a heap based buffer overflow in libcupss ppdFindOption in ppd-mark.c. Th...

7.8CVSS7.4AI score0.02006EPSS
Exploits0
Debian
Debian
•added 2020/06/07 1:39 p.m.•76 views

[SECURITY] [DLA 2236-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u11 CVE ID : CVE-2020-12672 Debian Bug : 960000 A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that results in a heap buffer overwrite when magnifying MNG images. For Debian 8 "Jessie", this problem has bee...

7.5CVSS7.6AI score0.02853EPSS
Exploits1
Debian
Debian
•added 2020/06/06 5:16 p.m.•26 views

[SECURITY] [DSA 4697-1] gnutls28 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4697-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 06, 2020 https://www.debian.org/security/faq -...

5.8CVSS2AI score0.17507EPSS
Exploits3
Debian
Debian
•added 2020/06/06 5:16 p.m.•102 views

[SECURITY] [DSA 4697-1] gnutls28 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4697-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 06, 2020 https://www.debian.org/security/faq -...

7.4CVSS7.6AI score0.17507EPSS
Exploits3
Debian
Debian
•added 2020/06/06 11:6 a.m.•147 views

[SECURITY] [DSA 4696-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4696-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 06, 2020 https://www.debian.org/security/faq -...

9.3CVSS8.4AI score0.07646EPSS
Exploits1
Debian
Debian
•added 2020/06/05 3:33 p.m.•87 views

[SECURITY] [DLA 2235-1] dbus security update

Package : dbus Version : 1.8.22-0+deb8u3 CVE ID : CVE-2020-12049 It was discovered that there was a file descriptor leak in the D-Bus message bus. An unprivileged local attacker could use this to attack the system DBus daemon, leading to denial of service for all users of the machine. For Debian ...

5.5CVSS5.8AI score0.00569EPSS
Exploits1
Debian
Debian
•added 2020/06/04 4:24 p.m.•64 views

[SECURITY] [DLA 2234-1] netqmail security update

Package : netqmail Version : 1.06-6.2deb8u1 CVE ID : CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811 CVE-2020-3812 Debian Bug : 961060 There were several CVE bugs reported against src:netqmail. CVE-2005-1513 Integer overflow in the strallocreadyplus function in qmail, when running on 64 b...

9.8CVSS9.4AI score0.10789EPSS
Exploits8
Debian
Debian
•added 2020/06/04 3:36 p.m.•73 views

[SECURITY] [DLA 2233-1] python-django security update

Package : python-django Version : 1.7.11-1+deb8u9 CVE IDs : CVE-2020-13254 CVE-2020-13596 It was discovered that there were two issues in Django, the Python web development framework: CVE-2020-13254: Potential a data leakage via malformed memcached keys. In cases where a memcached backend does no...

9.8CVSS6.8AI score0.3481EPSS
Exploits7
Debian
Debian
•added 2020/06/03 6:13 p.m.•88 views

[SECURITY] [DSA 4695-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4695-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 03, 2020 https://www.debian.org/security/faq -...

9.3CVSS8.3AI score0.01537EPSS
Exploits1
Debian
Debian
•added 2020/06/01 4:20 p.m.•71 views

[SECURITY] [DLA 2232-1] python-httplib2 security update

Package : python-httplib2 Version : 0.9+dfsg-2+deb8u1 CVE ID : CVE-2020-11078 In httplib2, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses...

6.8CVSS6.6AI score0.02593EPSS
Exploits0
Debian
Debian
•added 2020/05/31 9:20 p.m.•58 views

[SECURITY] [DLA 2231-1] sane-backends security update

Package : sane-backends Version : 1.0.24-8+deb8u3 CVE ID : CVE-2020-12867 Debian Bug : 961302 Remote denial of service and several memory management issues were fixed in the epson2 driver. For Debian 8 "Jessie", this problem has been fixed in version 1.0.24-8+deb8u3. We recommend that you upgrade...

5.5CVSS5.8AI score0.00497EPSS
Exploits1
Debian
Debian
•added 2020/05/31 8:41 p.m.•56 views

[SECURITY] [DLA 2230-1] php-horde security update

Package : php-horde Version : 5.2.1+debian0-2+deb8u6 CVE ID : CVE-2020-8035 The image view functionality in Horde Groupware Webmail Edition was affected by a stored Cross-Site Scripting XSS vulnerability via an SVG image upload containing a JavaScript payload. An attacker could have obtained acce...

6.1CVSS6.3AI score0.00881EPSS
Exploits0
Debian
Debian
•added 2020/05/31 3:53 p.m.•71 views

[SECURITY] [DLA 2228-2] json-c regression update

Package : json-c Version : 0.11-4+deb8u2 CVE ID : CVE-2020-12762 Debian Bug : 960326 The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. This follow-up version now uses an upstream sanctioned patch that was...

7.8CVSS6.7AI score0.01888EPSS
Exploits1
Debian
Debian
•added 2020/05/31 2:51 p.m.•59 views

[SECURITY] [DLA 2229-1] php-horde-gollem security update

Package : php-horde-gollem Version : 3.0.3-2+deb8u1 CVE ID : CVE-2020-8034 Debian Bug : 961649 Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting XSS vulnerability via the HTTP GET dir parameter in the browser functionality...

6.1CVSS6.3AI score0.00974EPSS
Exploits0
Debian
Debian
•added 2020/05/31 1:48 p.m.•113 views

[SECURITY] [DLA 2228-1] json-c security update

Package : json-c Version : 0.11-4+deb8u1 CVE ID : CVE-2020-12762 Debian Bug : 960326 The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. For Debian 8 "Jessie", this problem has been fixed in version 0.11-4+deb8u1. ...

7.8CVSS6.7AI score0.01888EPSS
Exploits1
Debian
Debian
•added 2020/05/30 8:31 p.m.•131 views

[SECURITY] [DLA 2227-1] bind9 security update

Package : bind9 Version : 1:9.9.5.dfsg-9+deb8u19 CVE ID : CVE-2020-8616 CVE-2020-8617 Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2020-8616 It was discovered that BIND does not sufficiently limit the number of fetches performed when processing referrals. An...

8.6CVSS8.6AI score0.93422EPSS
Exploits6
Debian
Debian
•added 2020/05/30 3:54 p.m.•90 views

[SECURITY] [DLA 2226-1] gst-plugins-ugly0.10 security update

Package : gst-plugins-ugly0.10 Version : 0.10.19-2.1+deb8u1 CVE ID : CVE-2017-5846 CVE-2017-5847 Two memory management issues were found in the asfdemux element of the GStreamer "ugly" plugin collection, which can be triggered via a maliciously crafted file. For Debian 8 "Jessie", these problems...

7.5CVSS6.9AI score0.03734EPSS
Exploits0
Debian
Debian
•added 2020/05/30 3:50 p.m.•87 views

[SECURITY] [DLA 2225-1] gst-plugins-good0.10 security update

Package : gst-plugins-good0.10 Version : 0.10.31-3+nmu4+deb8u3 CVE ID : CVE-2016-10198 CVE-2017-5840 Two memory handling issues were found in gst-plugins-good0.10, a collection of GStreamer plugins from the "good" set: CVE-2016-10198 An invalid read can be triggered in the aacparse element via a...

7.5CVSS7AI score0.04717EPSS
Exploits0
Debian
Debian
•added 2020/05/30 3:45 p.m.•85 views

[SECURITY] [DLA 2224-1] dosfstools security update

Package : dosfstools Version : 3.0.27-1+deb8u1 CVE ID : CVE-2015-8872 CVE-2016-4804 It was discovered that there was both an invalid memory and heap overflow vulnerability in dosfstools, a collection of utilities for making and checking MS-DOS FAT filesystems. For Debian 8 "Jessie", these problem...

6.2CVSS7AI score0.00448EPSS
Exploits0
Debian
Debian
•added 2020/05/30 4:21 a.m.•121 views

[SECURITY] [DLA 2223-1] salt security update

Package : salt Version : 2014.1.13+ds-3+deb8u1 CVE ID : CVE-2020-11651 CVE-2020-11652 Debian Bug : 959684 Several vulnerabilities were discovered in package salt, a configuration management and infrastructure automation software. CVE-2020-11651 The salt-master process ClearFuncs class does not...

9.8CVSS9.6AI score0.96405EPSS
Exploits25
Debian
Debian
•added 2020/05/28 5:53 p.m.•140 views

[SECURITY] [DLA 2209-1] tomcat8 security update

Package : tomcat8 Version : 8.0.14-1+deb8u17 CVE ID : CVE-2019-17563 CVE-2020-1935 CVE-2020-1938 CVE-2020-9484 Debian Bug : 961209 952436 952437 952438 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. WARNING: The fix for CVE-2020-1938 may disrupt servic...

9.8CVSS8.6AI score0.9927EPSS
Exploits59
Debian
Debian
•added 2020/05/28 2:29 p.m.•82 views

[SECURITY] [DLA 2222-1] libexif security update

Package : libexif Version : 0.6.21-2+deb8u3 CVE ID : CVE-2018-20030 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 Debian Bug : 918730 961407 961409 961410 Various minor vulnerabilities have been addredd in libexif, a library to parse EXIF metadata files. CVE-2018-20030 This issue had already been...

9.1CVSS6.8AI score0.03798EPSS
Exploits0
Debian
Debian
•added 2020/05/26 9:26 p.m.•69 views

[SECURITY] [DSA 4694-1] unbound security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4694-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 26, 2020 https://www.debian.org/security/faq -...

7.5CVSS8.4AI score0.03588EPSS
Exploits0
Debian
Debian
•added 2020/05/26 9:8 p.m.•119 views

[SECURITY] [DSA 4693-1] drupal7 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4693-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 26, 2020 https://www.debian.org/security/faq -...

6.9CVSS8.1AI score0.99019EPSS
Exploits11
Debian
Debian
•added 2020/05/26 9:44 a.m.•125 views

[SECURITY] [DLA 2221-1] sqlite3

Package : sqlite3 Version : 3.8.7.1-1+deb8u6 CVE ID : CVE-2020-13434 An integer overflow vulnerability was found in the sqlite3strvappendf function of the src/printf.c file of sqlite3 from version 3.8.3. For Debian 8 "Jessie", this problem has been fixed in version 3.8.7.1-1+deb8u6. We recommend...

5.5CVSS7.1AI score0.01013EPSS
Exploits1
Debian
Debian
•added 2020/05/24 5:44 p.m.•102 views

[SECURITY] [DLA 2220-1] cracklib2 security update

Package : cracklib2 Version : 2.9.2-1+deb8u1 CVE ID : CVE-2016-6318 It was discovered that there was a stack-based buffer overflow when parsing large GECOS fields in cracklib2, a pro-active password checker library. For Debian 8 "Jessie", this problem has been fixed in version 2.9.2-1+deb8u1. We...

7.8CVSS8AI score0.00747EPSS
Exploits0
Debian
Debian
•added 2020/05/24 5:39 p.m.•99 views

[SECURITY] [DLA 2219-1] feh security update

Package : feh Version : 2.12-1+deb8u1 CVE ID : CVE-2017-7875 Tobias Stoeckmann discovered that it was possible to trigger an out-of-boundary heap write with the image viewer feh while receiving an IPC message. For Debian 8 "Jessie", this problem has been fixed in version 2.12-1+deb8u1. We recomme...

9.8CVSS9.5AI score0.02266EPSS
Exploits0
Debian
Debian
•added 2020/05/24 5:34 p.m.•96 views

[SECURITY] [DLA 2218-1] transmission security update

Package : transmission Version : 2.84-0.2+deb8u2 CVE ID : CVE-2018-10756 Tom Richards reported that by using a crafted torrent file one could cause a use-after-free, which might result in a denial of service crash or possible execution of arbitrary code. For Debian 8 "Jessie", this problem has be...

7.8CVSS7.6AI score0.02632EPSS
Exploits2
Debian
Debian
•added 2020/05/24 7:4 a.m.•26 views

[SECURITY] [DSA 4692-1] netqmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4692-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2020 https://www.debian.org/security/faq -...

5CVSS2AI score0.10789EPSS
Exploits8
Debian
Debian
•added 2020/05/24 7:4 a.m.•115 views

[SECURITY] [DSA 4692-1] netqmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4692-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 24, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.2AI score0.10789EPSS
Exploits8
Debian
Debian
•added 2020/05/23 5:27 p.m.•148 views

[SECURITY] [DLA 2217-1] tomcat7 security update

Package : tomcat7 Version : 7.0.56-3+really7.0.100-1+deb8u1 CVE ID : CVE-2020-9484 Debian Bug : 961209 It was discovered that there was a potential remote code execution via deserialization in tomcat7, a server for HTTP and Java "servlets". For Debian 8 "Jessie", this issue has been fixed in...

7CVSS7.7AI score0.56636EPSS
Exploits15
Debian
Debian
•added 2020/05/22 6:32 p.m.•103 views

[SECURITY] [DLA 2216-1] ruby-rack security update

Package : ruby-rack Version : 1.5.2-3+deb8u3 CVE ID : CVE-2020-8161 There was a possible directory traversal vulnerability in the Rack::Directory app that is bundled with Rack. If certain directories exist in a director that is managed by Rack::Directory, an attacker could, using this...

8.6CVSS8.5AI score0.03593EPSS
Exploits0
Debian
Debian
•added 2020/05/21 9:21 p.m.•69 views

[SECURITY] [DSA 4691-1] pdns-recursor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4691-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 21, 2020 https://www.debian.org/security/faq -...

7.5CVSS7.6AI score0.02434EPSS
Exploits0
Debian
Debian
•added 2020/05/20 7:49 p.m.•34 views

[SECURITY] [DSA 4690-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4690-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 20, 2020 https://www.debian.org/security/faq -...

5CVSS1.8AI score0.08153EPSS
Exploits5
Debian
Debian
•added 2020/05/20 7:49 p.m.•73 views

[SECURITY] [DSA 4690-1] dovecot security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4690-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 20, 2020 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.08153EPSS
Exploits5
Debian
Debian
•added 2020/05/19 11:28 p.m.•68 views

[SECURITY] [DLA 2215-1] clamav security update

Package : clamav Version : 0.101.5+dfsg-0+deb8u2 CVE ID : CVE-2020-3327 CVE-2020-3341 The following CVEs were found in src:clamav package. CVE-2020-3327 A vulnerability in the ARJ archive parsing module in Clam AntiVirus ClamAV could allow an unauthenticated, remote attacker to cause a denial of...

7.5CVSS8.4AI score0.05063EPSS
Exploits0
Debian
Debian
•added 2020/05/19 7:48 p.m.•46 views

[SECURITY] [DSA 4689-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4689-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 19, 2020 https://www.debian.org/security/faq -...

5CVSS1.4AI score0.93422EPSS
Exploits6
Debian
Debian
•added 2020/05/19 7:48 p.m.•121 views

[SECURITY] [DSA 4689-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4689-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 19, 2020 https://www.debian.org/security/faq -...

8.6CVSS8.8AI score0.93422EPSS
Exploits6
Debian
Debian
•added 2020/05/18 6:2 p.m.•50 views

[SECURITY] [DSA 4688-1] dpdk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4688-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 18, 2020 https://www.debian.org/security/faq -...

6.7CVSS7.7AI score0.00378EPSS
Exploits0
Debian
Debian
•added 2020/05/18 3:39 p.m.•119 views

[SECURITY] [DLA 2213-1] exim4 security update

Package : exim4 Version : 4.84.2-2+deb8u7 CVE ID : CVE-2020-12783 It was discovered that exim4, a mail transport agent, suffers from a authentication bypass vulnerability in the spa authentication driver. The spa authentication driver is not enabled by default. For Debian 8 "Jessie", this problem...

7.5CVSS7.1AI score0.04467EPSS
Exploits2
Debian
Debian
•added 2020/05/18 5:12 a.m.•39 views

[SECURITY] [DLA 2214-1] libexif security update

Package : libexif Version : 0.6.21-2+deb8u2 CVE ID : CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2020-0093 CVE-2020-12767 Debian Bug : 960199 918730 876466 873022 Various vulnerabilities have been addressed in libexif, a library to parse EXIF metadata files. CVE-2016-6328 An integer overflow...

9.1CVSS7AI score0.03798EPSS
Exploits1
Debian
Debian
•added 2020/05/16 2:45 p.m.•98 views

[SECURITY] [DSA 4687-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4687-1 [email protected] https://www.debian.org/security/ Florian Weimer May 16, 2020 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.04467EPSS
Exploits2
Debian
Debian
•added 2020/05/16 9:27 a.m.•83 views

[SECURITY] [DLA 2212-1] openconnect security update

Package : openconnect Version : 6.00-2+deb8u2 CVE ID : CVE-2020-12823 Debian Bug : 960620 OpenConnect, a VPN software, had a buffer overflow, causing a denial of service application crash or possibly unspecified other impact, via crafted certificate data to getcertname in gnutls.c. For Debian 8...

9.8CVSS7.5AI score0.04622EPSS
Exploits1
Debian
Debian
•added 2020/05/15 10:17 p.m.•46 views

[SECURITY] [DSA 4686-1] apache-log4j1.2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4686-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 16, 2020 https://www.debian.org/security/faq -...

7.5CVSS3.1AI score0.6906EPSS
Exploits3
Total number of security vulnerabilities14409