Lucene search
K
DebianRecent

14409 matches found

Debian
Debian
added 2020/04/02 8:2 a.m.82 views

[SECURITY] [DLA 2168-1] libplist security update

Package : libplist Version : 1.11-3+deb8u1 CVE ID : CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-6435 CVE-2017-6436 CVE-2017-6439 CVE-2017-7982 Debian Bug : 851196 852385 854000 860945 libplist is a library for reading and writing the Apple binary and XML property lists format...

9.1CVSS7.6AI score0.03768EPSS
Exploits3
Debian
Debian
added 2020/04/01 5:53 p.m.85 views

[SECURITY] [DLA 2167-1] python-bleach security update

Package : python-bleach Version : 1.4-1+deb8u1 CVE ID : CVE-2020-6817 Debian Bug : 955388 A vulnerability was discovered in python-bleach, a whitelist-based HTML-sanitizing library. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to a regular expression...

7.5CVSS7.1AI score0.00718EPSS
Exploits1
Debian
Debian
added 2020/04/01 2:43 p.m.65 views

[SECURITY] [DLA 2166-1] libpam-krb5 security update

Package : libpam-krb5 Version : 4.6-3+deb8u1 CVE ID : CVE-2020-10595 The krb5 PAM module pamkrb5.so had a buffer overflow that might have caused remote code execution in situations involving supplemental prompting by a Kerberos library. It might have overflown a buffer provided by the underlying...

9.8CVSS10AI score0.04784EPSS
Exploits0
Debian
Debian
added 2020/03/31 5:36 p.m.54 views

[SECURITY] [DLA 2165-1] apng2gif security update

Package : apng2gif Version : 1.5-3+deb8u1 CVE ID : CVE-2017-6960 An issue has been found in apng2gif, a tool for converting APNG images to animated GIF format. One of the function contained an integer overflow resulting in a heap-based buffer over-read. For Debian 8 "Jessie", this problem has bee...

7.5CVSS7.6AI score0.01804EPSS
Exploits0
Debian
Debian
added 2020/03/31 5:35 p.m.46 views

[SECURITY] [DSA 4648-1] libpam-krb5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4648-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 31, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.04784EPSS
Exploits0
Debian
Debian
added 2020/03/31 5:31 p.m.77 views

[SECURITY] [DLA 2164-1] gst-plugins-bad0.10 security update

Package : gst-plugins-bad0.10 Version : 0.10.23-7.4+deb8u3 CVE ID : CVE-2015-0797 CVE-2016-9809 CVE-2017-5843 CVE-2017-5848 Several issues have been found in gst-plugins-bad0.10, a package containing GStreamer plugins from the "bad" set. All issues are about use-after-free, out of bounds reads or...

7.8CVSS8.5AI score0.0544EPSS
Exploits0
Debian
Debian
added 2020/03/31 1:17 p.m.38 views

[SECURITY] [DLA 2163-1] tinyproxy security update

Package : tinyproxy Version : 1.8.3-3+deb8u1 CVE ID : CVE-2017-11747 Debian Bug : 870307 948283 A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after...

5.5CVSS5.8AI score0.00292EPSS
Exploits0
Debian
Debian
added 2020/03/29 9:52 p.m.70 views

[SECURITY] [DLA 2162-1] php-horde-form security update

Package : php-horde-form Version : 2.0.8-2+deb8u2 CVE ID : CVE-2020-8866 Debian Bug : 955020 A remote code execution vulnerability was discovered in the Form API component of the Horde Application Framework. An authenticated remote attacker could use this flaw to upload arbitrary content to an...

6.5CVSS6.7AI score0.09579EPSS
Exploits4
Debian
Debian
added 2020/03/28 9:12 p.m.122 views

[SECURITY] [DLA 2161-1] tika security update

Package : tika Version : 1.5-1+deb8u1 CVE ID : CVE-2020-1950 CVE-2020-1951 Debian Bug : 954302 954303 Two security issues have been detected in tika and fixed. CVE-2020-1950: carefully crafted or corrupt PSD file can cause excessive memory usage in Apache. CVE-2020-1951: Infinite Loop DoS...

5.5CVSS6.2AI score0.02834EPSS
Exploits0
Debian
Debian
added 2020/03/26 10:37 p.m.28 views

[SECURITY] [DSA 4647-1] bluez security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4647-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 26, 2020 https://www.debian.org/security/faq -...

5.8CVSS1.2AI score0.01033EPSS
Exploits0
Debian
Debian
added 2020/03/26 10:37 p.m.75 views

[SECURITY] [DSA 4647-1] bluez security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4647-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 26, 2020 https://www.debian.org/security/faq -...

7.1CVSS6.9AI score0.01033EPSS
Exploits0
Debian
Debian
added 2020/03/26 9:25 p.m.93 views

[SECURITY] [DLA 2160-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u10 CVE ID : CVE-2020-7062 CVE-2020-7063 Two security issues have been identified and fixed in php5, a server-side, HTML-embedded scripting language. CVE-2020-7062 is about a possible null pointer derefernce, which would likely lead to a crash, during a...

7.5CVSS8.3AI score0.0351EPSS
Exploits2
Debian
Debian
added 2020/03/25 7:1 p.m.36 views

[SECURITY] [DLA 2159-1] okular security update

Package : okular Version : 4:4.14.2-2+deb8u2 CVE ID : CVE-2020-9359 Debian Bug : 954891 Mickael Karatekin from Sysdream Labs discovered that the Okular document viewer allows code execution via an action link in a PDF document. For Debian 8 "Jessie", this problem has been fixed in version...

6.8CVSS5.4AI score0.01452EPSS
Exploits0
Debian
Debian
added 2020/03/25 4:27 p.m.52 views

[SECURITY] [DSA 4646-1] icu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4646-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 25, 2020 https://www.debian.org/security/faq -...

6.8CVSS3.1AI score0.02669EPSS
Exploits0
Debian
Debian
added 2020/03/25 4:27 p.m.69 views

[SECURITY] [DSA 4646-1] icu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4646-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 25, 2020 https://www.debian.org/security/faq -...

8.8CVSS9.3AI score0.02669EPSS
Exploits0
Debian
Debian
added 2020/03/25 1:22 p.m.47 views

[SECURITY] [DLA 2158-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u9 CVE ID : CVE-2016-2338 An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer "head" allocation is made based on tags array length. Specially constructe...

9.8CVSS9.7AI score0.04644EPSS
Exploits3
Debian
Debian
added 2020/03/24 9:8 p.m.67 views

[SECURITY] [DLA 2157-1] weechat security update

Package : weechat Version : 1.0.1-1+deb8u3 CVE ID : CVE-2020-8955 CVE-2020-9759 CVE-2020-9760 Several issues have been found in weechat, a fast, light and extensible chat client. All issues are about crafted messages, that could result in a buffer overflow and application crash. This could cause ...

9.8CVSS8.4AI score0.03684EPSS
Exploits1
Debian
Debian
added 2020/03/24 9:4 p.m.90 views

[SECURITY] [DLA 2156-1] e2fsprogs security update

Package : e2fsprogs Version : 1.42.12-2+deb8u2 CVE ID : CVE-2019-5188 An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can...

7.5CVSS7.5AI score0.01025EPSS
Exploits1
Debian
Debian
added 2020/03/24 1:23 p.m.62 views

[SECURITY] [DLA 2155-1] tomcat8 security update

Package : tomcat8 Version : 8.0.14-1+deb8u16 CVE ID : CVE-2019-12418 Tomcat8 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture...

7CVSS7.6AI score0.01221EPSS
Exploits0
Debian
Debian
added 2020/03/23 1:41 a.m.80 views

[SECURITY] [DSA 4645-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4645-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 22, 2020 https://www.debian.org/security/faq -...

8.8CVSS9.2AI score0.03498EPSS
Exploits7
Debian
Debian
added 2020/03/23 1:41 a.m.51 views

[SECURITY] [DSA 4645-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4645-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 22, 2020 https://www.debian.org/security/faq -...

9.3CVSS0.5AI score0.03498EPSS
Exploits7
Debian
Debian
added 2020/03/22 5:40 p.m.67 views

[SECURITY] [DLA 2154-1] phpmyadmin security update

Package : phpmyadmin Version : 4:4.2.12-2+deb8u9 CVE ID : CVE-2020-10802 CVE-2020-10803 Debian Bug : 954665 954666 The following packages CVEs were reported against phpmyadmin. CVE-2020-10802 In phpMyAdmin 4.x before 4.9.5, a SQL injection vulnerability has been discovered where certain parameter...

8CVSS7.7AI score0.02115EPSS
Exploits0
Debian
Debian
added 2020/03/22 12:3 p.m.72 views

[SECURITY] [DLA 2153-1] jackson-databind security update

Package : jackson-databind Version : 2.4.2-2+deb8u13 CVE ID : CVE-2020-10672 CVE-2020-10673 The following CVEs were reported against jackson-databind. CVE-2020-10672 FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS9.8AI score0.07963EPSS
Exploits0
Debian
Debian
added 2020/03/21 10:30 p.m.85 views

[SECURITY] [DLA 2152-1] graphicsmagick security update

Package : graphicsmagick Version : 1.3.20-3+deb8u9 CVE ID : CVE-2019-12921 A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that allows allows an attacker to read arbitrary files via a crafted image because of TranslateTextEx for SVG. For Debian 8 "Jessie"...

6.5CVSS7AI score0.08005EPSS
Exploits0
Debian
Debian
added 2020/03/20 8:29 p.m.113 views

[SECURITY] [DSA 4644-1] tor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4644-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2020 https://www.debian.org/security/faq -...

7.8CVSS7.4AI score0.03146EPSS
Exploits0
Debian
Debian
added 2020/03/20 8:3 p.m.34 views

[SECURITY] [DSA 4643-1] python-bleach security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4643-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2020 https://www.debian.org/security/faq -...

4.3CVSS1.5AI score0.01301EPSS
Exploits1
Debian
Debian
added 2020/03/20 8:3 p.m.117 views

[SECURITY] [DSA 4643-1] python-bleach security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4643-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2020 https://www.debian.org/security/faq -...

6.1CVSS6.2AI score0.01301EPSS
Exploits1
Debian
Debian
added 2020/03/20 7:56 p.m.178 views

[SECURITY] [DLA 2148-1] amd64-microcode security update

Package : amd64-microcode Version : 3.20181128.1deb8u1 CVE ID : CVE-2017-5715 Debian Bug : 886382 It was discovered that systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user acce...

5.6CVSS6.6AI score0.74041EPSS
Exploits8
Debian
Debian
added 2020/03/20 12:16 p.m.59 views

[SECURITY] [DLA 2151-1] icu security update

Package : icu Version : 52.1-8+deb8u8 CVE ID : CVE-2020-10531 Debian Bug : 953747 It was discovered that an integer overflow in the International Components for Unicode ICU library could result in denial of service and potentially the execution of arbitrary code. For Debian 8 "Jessie", this probl...

8.8CVSS9.3AI score0.02669EPSS
Exploits0
Debian
Debian
added 2020/03/20 10:0 a.m.82 views

[SECURITY] [DLA 2150-1] thunderbird security update

Package : thunderbird Version : 1:68.6.0-1deb8u1 CVE ID : CVE-2019-20503 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807. CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. For Debian 8...

9.8CVSS9AI score0.03191EPSS
Exploits2
Debian
Debian
added 2020/03/20 12:10 a.m.62 views

[SECURITY] [DLA 2149-1] rails security update

Package : rails Version : 2:4.1.8-1+deb8u6 CVE ID : CVE-2020-5267 Debian Bug : 954304 In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionViews JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to X...

4.8CVSS5.7AI score0.01543EPSS
Exploits1
Debian
Debian
added 2020/03/19 10:32 p.m.89 views

[SECURITY] [DSA 4642-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4642-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 19, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.1AI score0.03191EPSS
Exploits2
Debian
Debian
added 2020/03/19 5:13 p.m.58 views

[SECURITY] [DLA 2145-2] twisted security update

Package : twisted Version : 14.0.2-3+deb8u2 CVE IDs : CVE-2020-10108 CVE-2020-10109 Debian Bug : 953950 It was discovered that there were was a regression introduced in DLA-2145-1 due to the incorrect application of the upstream patch for CVE-2020-10108 & CVE-2020-10109 regarding a number of HTTP...

9.8CVSS10AI score0.04083EPSS
Exploits2
Debian
Debian
added 2020/03/18 8:47 p.m.82 views

[SECURITY] [DLA 2147-1] gdal security update

Package : gdal Version : 1.10.1+dfsg-8+deb8u2 CVE ID : CVE-2019-17546 tifgetimage.c in LibTIFF, as used in GDAL has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition. For Debian 8 "Jessie", this problem...

8.8CVSS9AI score0.03356EPSS
Exploits0
Debian
Debian
added 2020/03/17 7:43 p.m.80 views

[SECURITY] [DLA 2146-1] libvncserver security update

Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u7 CVE ID : CVE-2019-15690 Debian Bug : 954163 In libvncserver, through libvncclient/cursor.c, there is a possibility of a heap overflow, as reported by Pavel Cheremushkin. For Debian 8 "Jessie", this problem has been fixed in version...

8.8CVSS9.2AI score0.00733EPSS
Exploits0
Debian
Debian
added 2020/03/17 6:3 p.m.82 views

[SECURITY] [DLA 2145-1] twisted security update

Package : twisted Version : 14.0.2-3+deb8u1 CVE IDs : CVE-2020-10108 CVE-2020-10109 Debian Bug : 953950 It was discovered that there were a number of HTTP request splitting vulnerabilities in Twisted, an Python event-based framework for building various types of internet applications. For more...

9.8CVSS10AI score0.04083EPSS
Exploits2
Debian
Debian
added 2020/03/16 9:15 p.m.101 views

[SECURITY] [DSA 4641-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4641-1 [email protected] https://www.debian.org/security/ Alberto Garcia March 16, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.05028EPSS
Exploits0
Debian
Debian
added 2020/03/16 1:18 p.m.81 views

[SECURITY] [DLA 2144-1] qemu security update

Package : qemu Version : 1:2.1+dfsg-12+deb8u14 CVE ID : CVE-2020-1711 CVE-2020-8608 Two out-of-bounds heap buffer accesses were found in QEMU, a fast processor emulator, which could result in denial of service or abitrary code execution. For Debian 8 "Jessie", these problems have been fixed in...

7.7CVSS7.9AI score0.04018EPSS
Exploits0
Debian
Debian
added 2020/03/16 12:8 p.m.75 views

[SECURITY] [DLA 2143-1] slurm-llnl security update

Package : slurm-llnl Version : 14.03.9-5+deb8u5 CVE ID : CVE-2019-6438 CVE-2019-12838 Debian Bug : 920997 931880 Several issue were found in Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system. CVE-2019-6438 SchedMD Slurm mishandles 32-bit...

9.8CVSS10AI score0.0268EPSS
Exploits0
Debian
Debian
added 2020/03/15 10:20 p.m.126 views

[SECURITY] [DSA 4640-1] graphicsmagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4640-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 15, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.2AI score0.0377EPSS
Exploits12
Debian
Debian
added 2020/03/13 10:20 a.m.91 views

[SECURITY] [DLA 2142-1] slirp security update

Package : slirp Version : 1:1.0.17-7+deb8u2 CVE ID : CVE-2020-8608 It was discovered that there was a buffer overflow vulnerability in slirp, a SLIP/PPP emulator for using a dial up shell account. This was caused by the incorrect usage of return values from snprintf3. For Debian 8 "Jessie", this...

6.8CVSS7.1AI score0.02486EPSS
Exploits0
Debian
Debian
added 2020/03/12 8:46 p.m.56 views

[SECURITY] [DLA 2141-1] yubikey-val security update

Package : yubikey-val Version : 2.27-1+deb8u1 CVE ID : CVE-2020-10184 CVE-2020-10185 The following CVEs were reported against yubikey-val. CVE-2020-10184 The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a...

8.6CVSS8.6AI score0.01504EPSS
Exploits2
Debian
Debian
added 2020/03/11 9:34 p.m.72 views

[SECURITY] [DLA 2140-1] firefox-esr security update

Package : firefox-esr Version : 68.6.0esr-1deb8u1 CVE ID : CVE-2019-20503 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary...

9.8CVSS8.9AI score0.03191EPSS
Exploits2
Debian
Debian
added 2020/03/11 7:17 p.m.75 views

[SECURITY] [DSA 4639-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4639-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 11, 2020 https://www.debian.org/security/faq -...

9.8CVSS9AI score0.03191EPSS
Exploits2
Debian
Debian
added 2020/03/11 7:14 p.m.56 views

[SECURITY] [DLA 2139-1] dojo security update

Package : dojo Version : 1.10.2+dfsg-1+deb8u3 CVE ID : CVE-2020-5258 CVE-2020-5259 Debian Bug : 953585 953587 The following CVEs were reported against dojo: CVE-2020-5258 In affected versions of dojo, the deepCopy method is vulnerable to Prototype Pollution. An attacker could manipulate these...

8.6CVSS8.4AI score0.04023EPSS
Exploits2
Debian
Debian
added 2020/03/11 4:35 p.m.56 views

[SECURITY] [DLA 2137-1] sleuthkit security update

Package : sleuthkit Version : 4.1.3-4+deb8u2 CVE ID : CVE-2020-10232 In version 4.8.0 and earlier of The Sleuth Kit TSK, there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfsistat in fs/yaffs.c. For Debian 8 "Jessie", this problem has been fixed in...

9.8CVSS9.7AI score0.02419EPSS
Exploits0
Debian
Debian
added 2020/03/11 4:34 p.m.48 views

[SECURITY] [DLA 2138-1] wpa security update

Package : wpa Version : 2.3-1+deb8u10 CVE ID : CVE-2019-10064 Similar to CVE-2016-10743 the host access point daemon, hostapd, in EAP mode used a low quality pseudorandom number generator that leads to insufficient entropy. The problem was resolved by using the osgetrandom function which provides...

7.5CVSS7.5AI score0.03748EPSS
Exploits1
Debian
Debian
added 2020/03/11 12:54 a.m.96 views

[SECURITY] [DSA 4638-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4638-1 [email protected] https://www.debian.org/security/ Michael Gilbert March 10, 2020 https://www.debian.org/security/faq -...

8.8CVSS8.9AI score0.78808EPSS
Exploits28
Debian
Debian
added 2020/03/09 8:9 p.m.26 views

[SECURITY] [DSA 4637-1] network-manager-ssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4637-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2020 https://www.debian.org/security/faq -...

7.5CVSS2.4AI score0.02174EPSS
Exploits0
Debian
Debian
added 2020/03/09 8:9 p.m.65 views

[SECURITY] [DSA 4637-1] network-manager-ssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4637-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 09, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.02174EPSS
Exploits0
Total number of security vulnerabilities14409