Lucene search
K
DebianRecent

14407 matches found

Debian
Debian
•added 2020/03/05 5:43 p.m.•52 views

[SECURITY] [DLA 2134-1] pdfresurrect security update

Package : pdfresurrect Version : 0.12-5+deb8u1 CVE ID : CVE-2020-9549 Debian Bug : 952948 It was discovered that there was an out-of-bounds write vulnerability in pdfresurrect, a tool for extracting or scrubbing versioning data from PDF documents. For Debian 8 "Jessie", this issue has been fixed ...

7.8CVSS7.6AI score0.01337EPSS
Exploits1
Debian
Debian
•added 2020/03/04 6:14 p.m.•92 views

[SECURITY] [DLA 2133-1] tomcat7 security update

Package : tomcat7 Version : 7.0.56-3+really7.0.100-1 CVE ID : CVE-2019-17569 CVE-2020-1935 CVE-2020-1938 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2019-17569 The refactoring in 7.0.98 introduced a regression. The result of the regression was...

9.8CVSS9.2AI score0.9927EPSS
Exploits45
Debian
Debian
•added 2020/03/04 2:33 a.m.•61 views

[SECURITY] [DLA 2132-1] libzypp security update

Package : libzypp Version : 14.29.1-2+deb8u1 CVE ID : CVE-2019-18900 It was discovered that there was an issue where incorrect default permissions on a HTTP cookie store could have allowed local attackers to read private credentials. For Debian 8 "Jessie", this issue has been fixed in libzypp...

4CVSS3.6AI score0.00301EPSS
Exploits0
Debian
Debian
•added 2020/03/02 10:24 p.m.•86 views

[SECURITY] [DLA 2117-1] zsh security update

Package : zsh Version : 5.0.7-5+deb8u1 CVE ID : CVE-2019-20044 Debian Bug : 951458 A privilege escalation vulnerability was discovered in zsh, a shell with lots of features, whereby a user could regain a formerly elevated privelege level even when such an action should not be permitted. For Debia...

7.8CVSS7AI score0.00495EPSS
Exploits0
Debian
Debian
•added 2020/03/02 6:58 p.m.•96 views

[SECURITY] [DLA 2131-2] rrdtool regression update

Package : rrdtool Version : 1.4.8-1.2+deb8u2 CVE ID : CVE-2014-6262 Debian Bug : 952958 It was discovered that there was a regression in a previous fix, which resulted in the following error: ERROR: cannot compile regular expression: Error while compiling regular expression ^?:^%+|%%%+-...

7.5CVSS7.4AI score0.07247EPSS
Exploits0
Debian
Debian
•added 2020/03/02 6:26 p.m.•86 views

[SECURITY] [DLA 2115-2] proftpd-dfsg regression update

Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u7 CVE ID : CVE-2020-9273 It was discovered that there was a regression in a previous fix for a use-after-free vulnerability in the proftpd-dfsg FTP server. Exploitation of the original vulnerability within the memory pool handling could have...

9CVSS9AI score0.10985EPSS
Exploits1
Debian
Debian
•added 2020/03/02 6:14 p.m.•126 views

[SECURITY] [DLA 2114-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.210-1deb8u1 CVE ID : CVE-2018-13093 CVE-2018-13094 CVE-2018-20976 CVE-2018-21008 CVE-2019-0136 CVE-2019-2215 CVE-2019-10220 CVE-2019-14615 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15098...

10CVSS7.6AI score0.72105EPSS
Exploits38
Debian
Debian
•added 2020/03/01 8:41 p.m.•71 views

[SECURITY] [DLA 2131-1] rrdtool security update

Package : rrdtool Version : 1.4.8-1.2+deb8u1 CVE ID : CVE-2014-6262 Multiple format string vulnerabilities in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argume...

7.5CVSS7.9AI score0.10912EPSS
Exploits0
Debian
Debian
•added 2020/02/29 3:59 p.m.•128 views

[SECURITY] [DLA 2130-1] libapache2-mod-auth-openidc security

Package : libapache2-mod-auth-openidc Version : 1.6.0-1+deb8u3 CVE ID : CVE-2019-20479 An issue has been found in libapache2-mod-auth-openidc, an OpenID Connect authentication module for Apache. Due to insufficient validatation of URLs an Open Redirect vulnerability for URLs beginning with a slas...

6.1CVSS6.3AI score0.01846EPSS
Exploits0
Debian
Debian
•added 2020/02/29 3:52 p.m.•88 views

[SECURITY] [DLA 2129-1] firebird2.5 security update

Package : firebird2.5 Version : 2.5.3.26778.ds4-5+deb8u2 CVE ID : CVE-2017-11509 An issues has been found in firebird2.5, an RDBMS based on InterBase 6.0. As UDFs can be used for a remote authenticated code execution as user firebird, UDFs have been disabled in the default configuration which wil...

9CVSS8.8AI score0.06224EPSS
Exploits1
Debian
Debian
•added 2020/02/29 12:18 p.m.•106 views

[SECURITY] [DLA 2128-1] openjdk-7 security update

Package : openjdk-7 Version : 7u251-2.6.21-1deb8u1 CVE ID : CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, incorrect implementation of...

8.1CVSS8.2AI score0.04903EPSS
Exploits0
Debian
Debian
•added 2020/02/29 10:58 a.m.•99 views

[SECURITY] [DLA 2127-1] dojo security update

Package : dojo Version : 1.10.2+dfsg-1+deb8u2 CVE ID : CVE-2019-10785 Debian Bug : 952771 dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them. For Debian 8 "Jessie", this problem has been fix...

6.1CVSS6.4AI score0.01853EPSS
Exploits1
Debian
Debian
•added 2020/02/28 10:32 p.m.•119 views

[SECURITY] [DLA 2126-1] gst-plugins-base0.10 security update

Package : gst-plugins-base0.10 Version : 0.10.36-2+deb8u2 CVE ID : CVE-2016-9811 CVE-2017-5837 CVE-2017-5844 Some isses have been found in gst-plugins-base0.10, a package that provides GStreamer plugins from the "base" set. All issues are related to crafted ico-files that could result in an...

5.5CVSS6.3AI score0.02527EPSS
Exploits0
Debian
Debian
•added 2020/02/28 10:26 p.m.•111 views

[SECURITY] [DLA 2125-1] collabtive security update

Package : collabtive Version : 2.0+dfsg-5+deb8u1 CVE ID : CVE-2015-0258 An issue has been found in collabtive, a web-based project management software. Due to missing checks an attacker could upload scripts, which would execute code on the server by accessing for example avatar images. For Debian...

8.8CVSS8.7AI score0.03781EPSS
Exploits3
Debian
Debian
•added 2020/02/28 10:24 p.m.•136 views

[SECURITY] [DLA 2124-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u9 CVE ID : CVE-2020-7059 CVE-2020-7060 Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure...

9.1CVSS8.8AI score0.08888EPSS
Exploits2
Debian
Debian
•added 2020/02/28 9:7 p.m.•38 views

[SECURITY] [DSA 4636-1] python-bleach security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4636-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2020 https://www.debian.org/security/faq -...

4.3CVSS1.5AI score0.01688EPSS
Exploits1
Debian
Debian
•added 2020/02/28 9:7 p.m.•101 views

[SECURITY] [DSA 4636-1] python-bleach security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4636-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2020 https://www.debian.org/security/faq -...

6.1CVSS6.3AI score0.01688EPSS
Exploits1
Debian
Debian
•added 2020/02/28 12:1 a.m.•60 views

[SECURITY] [DLA 2123-1] pure-ftpd security update

Package : pure-ftpd Version : 1.0.36-3.2+deb8u1 CVE ID : CVE-2020-9274 Debian Bug : 925666 An uninitialized pointer vulnerability was discovered in pure-ftpd, a secure and efficient FTP server, which could result in an out-of-bounds memory read and potential information disclosure. For Debian 8...

7.5CVSS7AI score0.05813EPSS
Exploits0
Debian
Debian
•added 2020/02/27 10:8 p.m.•60 views

[SECURITY] [DLA 2122-1] libusbmuxd security update

Package : libusbmuxd Version : 1.0.9-1+deb8u1 CVE ID : CVE-2016-5104 Debian Bug : 825554 It was discovered that libusbmuxd incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations. For Debian 8 "Jessie", this proble...

5.3CVSS5.4AI score0.02994EPSS
Exploits0
Debian
Debian
•added 2020/02/27 9:18 p.m.•63 views

[SECURITY] [DLA 2121-1] libimobiledevice security update

Package : libimobiledevice Version : 1.1.6+dfsg-3.1+deb8u1 CVE ID : CVE-2016-5104 Debian Bug : 825553 It was discovered that libimobiledevice incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations. For Debian 8...

5.3CVSS5.4AI score0.02994EPSS
Exploits0
Debian
Debian
•added 2020/02/26 10:46 p.m.•37 views

[SECURITY] [DSA 4635-1] proftpd-dfsg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4635-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 26, 2020 https://www.debian.org/security/faq -...

9CVSS3.4AI score0.10985EPSS
Exploits1
Debian
Debian
•added 2020/02/26 10:46 p.m.•95 views

[SECURITY] [DSA 4635-1] proftpd-dfsg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4635-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 26, 2020 https://www.debian.org/security/faq -...

9CVSS8.7AI score0.10985EPSS
Exploits1
Debian
Debian
•added 2020/02/26 9:34 p.m.•69 views

[SECURITY] [DSA 4634-1] opensmtpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4634-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 26, 2020 https://www.debian.org/security/faq -...

10CVSS9.5AI score0.88535EPSS
Exploits10
Debian
Debian
•added 2020/02/26 9:33 p.m.•58 views

[SECURITY] [DLA 2120-1] rake security update

Package : rake Version : 10.3.2-2+deb8u1 CVE ID : CVE-2020-8130 There is an OS command injection vulnerability in Rake a ruby make-like utility 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character |. For Debian 8 "Jessie", this problem has been fixed in version...

6.9CVSS6.9AI score0.01359EPSS
Exploits1
Debian
Debian
•added 2020/02/26 11:17 a.m.•52 views

[SECURITY] [DLA 2119-1] python-pysaml2 security update

Package : python-pysaml2 Version : 2.0.0-1+deb8u3 CVE ID : CVE-2020-5390 Debian Bug : 949322 It was discovered that pysaml2, a Python implementation of SAML to be used in a WSGI environment, was susceptible to XML signature wrapping attacks, which could result in a bypass of signature verificatio...

7.5CVSS7.4AI score0.01207EPSS
Exploits0
Debian
Debian
•added 2020/02/24 7:45 p.m.•117 views

[SECURITY] [DSA 4633-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4633-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini February 22, 2020 https://www.debian.org/security/faq -...

9.8CVSS10AI score0.49739EPSS
Exploits1
Debian
Debian
•added 2020/02/24 5:3 p.m.•89 views

[SECURITY] [DLA 2118-1] otrs2 security update

Package : otrs2 Version : 3.3.18-1+deb8u14 CVE ID : CVE-2019-11358 Debian Bug : 927385 It was discovered that the jQuery version embedded in OTRS, a ticket request system, was prone to a cross site scripting vulnerability in jQuery.extend. For Debian 8 "Jessie", this problem has been fixed in...

6.1CVSS6.5AI score0.87218EPSS
Exploits4
Debian
Debian
•added 2020/02/22 5:33 p.m.•97 views

[SECURITY] [DLA 2116-1] libpam-radius-auth security update

Package : libpam-radius-auth Version : 1.3.16-4.4+deb8u1 CVE ID : CVE-2015-9542 Debian Bug : 951396 A vulnerability was found in pamradius: the password length check was done incorrectly in the addpassword function in pamradiusauth.c, resulting in a stack based buffer overflow. This could be used...

7.5CVSS7.5AI score0.03449EPSS
Exploits0
Debian
Debian
•added 2020/02/22 11:38 a.m.•73 views

[SECURITY] [DSA 4632-1] ppp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4632-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2020 https://www.debian.org/security/faq -...

7.5CVSS1.9AI score0.19431EPSS
Exploits3
Debian
Debian
•added 2020/02/22 11:38 a.m.•190 views

[SECURITY] [DSA 4632-1] ppp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4632-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 22, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.5AI score0.19431EPSS
Exploits3
Debian
Debian
•added 2020/02/21 8:32 p.m.•170 views

[SECURITY] [DLA 2115-1] proftpd-dfsg security update

Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u6 CVE ID : CVE-2020-9273 It was discovered that there was a a use-after-free vulnerability in in the proftpd-dfsg FTP server. Exploitation of this vulnerability within the memory pool handling could have allowed a remote attacker to execute...

9CVSS9AI score0.10985EPSS
Exploits1
Debian
Debian
•added 2020/02/21 8:22 p.m.•140 views

[SECURITY] [DSA 4631-1] pillow security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4631-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 21, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.8AI score0.04212EPSS
Exploits0
Debian
Debian
•added 2020/02/21 8:21 p.m.•115 views

[SECURITY] [DSA 4630-1] python-pysaml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4630-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 21, 2020 https://www.debian.org/security/faq -...

7.5CVSS7.4AI score0.01207EPSS
Exploits0
Debian
Debian
•added 2020/02/21 9:2 a.m.•74 views

[SECURITY] [DLA 2113-1] cloud-init security update

Package : cloud-init Version : 0.7.6bzr976-2+deb8u1 CVE ID : CVE-2020-8631 CVE-2020-8632 Debian Bug : 951362 951363 CVE-2020-8631 In cloud-init, relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls t...

5.5CVSS6.2AI score0.00438EPSS
Exploits0
Debian
Debian
•added 2020/02/20 3:46 p.m.•62 views

[SECURITY] [DLA 2111-1] jackson-databind security update

Package : jackson-databind Version : 2.4.2-2+deb8u11 CVE ID : CVE-2019-20330 CVE-2020-8840 It was found that jackson-databind, a Java library used to parse JSON and other data formats, could deserialize data without proper validation, allowing a maliciously client to perform remote code execution...

9.8CVSS10AI score0.26587EPSS
Exploits5
Debian
Debian
•added 2020/02/20 3:36 p.m.•47 views

[SECURITY] [DLA 2112-1] python-reportlab security update

Package : python-reportlab Version : 3.1.8-3+deb8u2 CVE ID : CVE-2019-17626 Debian Bug : 942763 It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian ...

9.8CVSS9.5AI score0.10231EPSS
Exploits1
Debian
Debian
•added 2020/02/19 6:4 p.m.•74 views

[SECURITY] [DLA 2110-1] netty-3.9 security update

Package : netty-3.9 Version : 3.9.0.Final-1+deb8u1 CVE ID : CVE-2014-0193 CVE-2014-3488 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 Debian Bug : 746639 941266 950966 950967 Several vulnerabilities were discovered in Netty, a Java NIO client/server socket framework: CVE-2014-0193...

9.1CVSS9.6AI score0.13474EPSS
Exploits5
Debian
Debian
•added 2020/02/19 6:4 p.m.•64 views

[SECURITY] [DLA 2109-1] netty security update

Package : netty Version : 1:3.2.6.Final-2+deb8u2 CVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 Debian Bug : 950966 950967 Several vulnerabilities were discovered in the HTTP server provided by Netty, a Java NIO client/server socket framework: CVE-2019-20444 HttpObjectDecoder.java allows an...

9.1CVSS9.5AI score0.13474EPSS
Exploits3
Debian
Debian
•added 2020/02/19 8:16 a.m.•30 views

[SECURITY] [DSA 4629-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4629-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 19, 2020 https://www.debian.org/security/faq -...

7.5CVSS2.3AI score0.65336EPSS
Exploits9
Debian
Debian
•added 2020/02/19 8:16 a.m.•69 views

[SECURITY] [DSA 4629-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4629-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 19, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.65336EPSS
Exploits9
Debian
Debian
•added 2020/02/18 10:0 p.m.•106 views

[SECURITY] [DSA 4628-1] php7.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4628-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 18, 2020 https://www.debian.org/security/faq -...

9.1CVSS8.7AI score0.08888EPSS
Exploits5
Debian
Debian
•added 2020/02/18 12:56 p.m.•47 views

[SECURITY] [DLA 2108-1] clamav security update

Package : clamav Version : 0.101.5+dfsg-0+deb8u1 CVE ID : CVE-2019-15961 Debian Bug : 945265 It was found that ClamAV, an antivirus software, was susceptible to a denial of service attack by unauthenticated users via inefficient MIME parsing of especially crafted email files. For Debian 8 "Jessie...

7.5CVSS7AI score0.03135EPSS
Exploits1
Debian
Debian
•added 2020/02/18 12:54 p.m.•50 views

[SECURITY] [DLA 2107-1] spamassassin security update

Package : spamassassin Version : 3.4.2-0+deb8u3 CVE ID : CVE-2020-1930 CVE-2020-1931 Debian Bug : 950258 Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could...

9.3CVSS9AI score0.07053EPSS
Exploits0
Debian
Debian
•added 2020/02/18 2:1 a.m.•59 views

[SECURITY] [DLA 2106-1] libgd2 security update

Package : libgd2 Version : 2.1.0-5+deb8u14 CVE ID : CVE-2018-14553 Debian Bug : 951287 A vulnerability was discovered in libgd2, the GD graphics library, whereby an attacker can employ a specific function call sequence to trigger a NULL pointer dereference, subsequently crash the application usin...

7.5CVSS6.6AI score0.03407EPSS
Exploits0
Debian
Debian
•added 2020/02/17 8:39 p.m.•98 views

[SECURITY] [DSA 4627-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4627-1 [email protected] https://www.debian.org/security/ Alberto Garcia February 17, 2020 https://www.debian.org/security/faq -...

9.3CVSS9AI score0.02655EPSS
Exploits0
Debian
Debian
•added 2020/02/17 8:39 p.m.•94 views

[SECURITY] [DSA 4626-1] php7.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4626-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 17, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.7AI score0.08888EPSS
Exploits5
Debian
Debian
•added 2020/02/17 11:28 a.m.•49 views

[SECURITY] [DLA 2105-1] postgresql-9.4 security update

Package : postgresql-9.4 Version : 9.4.26-0+deb8u1 CVE ID : CVE-2020-1720 Tom Lane discovered that "ALTER ... DEPENDS ON EXTENSION" sub commands in the PostgreSQL database did not perform authorisation checks. For Debian 8 "Jessie", this problem has been fixed in version 9.4.26-0+deb8u1. We...

6.5CVSS6.7AI score0.01183EPSS
Exploits0
Debian
Debian
•added 2020/02/17 10:8 a.m.•92 views

[SECURITY] [DLA 2104-1] thunderbird security update

Package : thunderbird Version : 1:68.5.0-1deb8u1 CVE ID : CVE-2020-6792 CVE-2020-6793 CVE-2020-6794 CVE-2020-6795 CVE-2020-6798 CVE-2020-6800 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For Debian 8 "Jessie", the...

8.8CVSS8.6AI score0.02274EPSS
Exploits1
Debian
Debian
•added 2020/02/15 9:1 p.m.•108 views

[SECURITY] [DSA 4625-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4625-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 15, 2020 https://www.debian.org/security/faq -...

8.8CVSS8.7AI score0.02274EPSS
Exploits1
Debian
Debian
•added 2020/02/14 11:0 p.m.•115 views

[SECURITY] [DSA 4624-1] evince security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4624-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 14, 2020 https://www.debian.org/security/faq -...

7.8CVSS8.9AI score0.02092EPSS
Exploits1
Total number of security vulnerabilities14407