Lucene search
K
DebianRecent

14409 matches found

Debian
Debian
•added 2020/01/26 9:36 p.m.•88 views

[SECURITY] [DLA 2075-1] jsoup security update

Package : jsoup Version : 1.8.1-1+deb8u1 CVE ID : CVE-2015-6748 An issue has been found in jsoup, a Java HTML parser that makes sense of real-world HTML soup. Due to bad handling of missing at EOF a cross-site scripting XSS vulnerability could appear. For Debian 8 "Jessie", this problem has been...

6.1CVSS6.1AI score0.02207EPSS
Exploits0
Debian
Debian
•added 2020/01/23 10:3 p.m.•75 views

[SECURITY] [DSA 4609-1] python-apt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4609-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 23, 2020 https://www.debian.org/security/faq -...

4.7CVSS5.3AI score0.00496EPSS
Exploits0
Debian
Debian
•added 2020/01/23 9:3 p.m.•57 views

[SECURITY] [DLA 2074-1] python-apt security update

Package : python-apt Version : 0.9.3.13 CVE ID : CVE-2019-15795 CVE-2019-15796 Debian Bug : 944696 Several issues have been found in python-apt, a python interface to libapt-pkg. CVE-2019-15795 It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. I...

4.7CVSS4.9AI score0.00496EPSS
Exploits0
Debian
Debian
•added 2020/01/23 2:27 p.m.•67 views

[SECURITY] [DLA 2059-1] git security update

Package : git Version : 1:2.1.4-2.1+deb8u8 CVE ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1353 CVE-2019-1387 Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git...

9.8CVSS7.1AI score0.34007EPSS
Exploits0
Debian
Debian
•added 2020/01/21 9:45 p.m.•83 views

[SECURITY] [DSA 4608-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4608-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 21, 2020 https://www.debian.org/security/faq -...

8.8CVSS8.6AI score0.04204EPSS
Exploits0
Debian
Debian
•added 2020/01/21 9:42 p.m.•72 views

[SECURITY] [DLA 2073-1] transfig security update

Package : transfig Version : 1:3.2.5.e-4+deb8u2 CVE ID : CVE-2018-16140 CVE-2019-14275 CVE-2019-19555 Several issues have been found in transfig, a XFig figure files converter. CVE-2018-16140 Buffer underwrite vulnerability in getline allows an attacker to write prior to the beginning of the buff...

7.8CVSS6.9AI score0.01381EPSS
Exploits2
Debian
Debian
•added 2020/01/20 8:50 p.m.•55 views

[SECURITY] [DSA 4607-1] openconnect security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4607-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 20, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.03445EPSS
Exploits0
Debian
Debian
•added 2020/01/20 8:50 p.m.•22 views

[SECURITY] [DSA 4607-1] openconnect security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4607-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 20, 2020 https://www.debian.org/security/faq -...

7.5CVSS1.7AI score0.03445EPSS
Exploits0
Debian
Debian
•added 2020/01/20 1:55 p.m.•55 views

[SECURITY] [DLA 2072-1] gpac security update

Package : gpac Version : 0.5.0+svn5324dfsg1-1+deb8u5 CVE ID : CVE-2018-21015 CVE-2018-21016 CVE-2019-13618 CVE-2019-20161 CVE-2019-20162 CVE-2019-20163 CVE-2019-20165 CVE-2019-20170 CVE-2019-20171 CVE-2019-20208 Debian Bug : 940882 932242 Multiple issues were found in gpac, a multimedia framework...

7.5CVSS6.7AI score0.02344EPSS
Exploits10
Debian
Debian
•added 2020/01/20 11:59 a.m.•35 views

[SECURITY] [DSA 4606-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4606-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 20, 2020 https://www.debian.org/security/faq -...

6.8CVSS0.6AI score0.15537EPSS
Exploits7
Debian
Debian
•added 2020/01/20 11:59 a.m.•60 views

[SECURITY] [DSA 4606-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4606-1 [email protected] https://www.debian.org/security/ Michael Gilbert January 20, 2020 https://www.debian.org/security/faq -...

8.8CVSS9AI score0.15537EPSS
Exploits7
Debian
Debian
•added 2020/01/20 11:40 a.m.•64 views

[SECURITY] [DLA 2071-1] thunderbird security update

Package : thunderbird Version : 1:68.4.1-1deb8u1 CVE ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or information disclosure. For Debian 8...

8.8CVSS9AI score0.46589EPSS
Exploits8
Debian
Debian
•added 2020/01/19 9:52 p.m.•90 views

[SECURITY] [DSA 4605-1] openjdk-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4605-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 19, 2020 https://www.debian.org/security/faq -...

8.1CVSS8.3AI score0.04903EPSS
Exploits0
Debian
Debian
•added 2020/01/19 9:49 p.m.•91 views

[SECURITY] [DSA 4604-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4604-1 [email protected] https://www.debian.org/security/ Hugo Lefeuvre January 19, 2020 https://www.debian.org/security/faq -...

8.1CVSS7.9AI score0.35041EPSS
Exploits2
Debian
Debian
•added 2020/01/19 12:50 p.m.•80 views

[SECURITY] [DLA 2070-1] ruby-excon security update

Package : ruby-excon Version : 0.33.0-2+deb8u1 CVE ID : CVE-2019-16779 Debian Bug : 946904 In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would leave data on the socket. Subsequent requests wou...

5.9CVSS5.7AI score0.014EPSS
Exploits0
Debian
Debian
•added 2020/01/18 2:1 p.m.•116 views

[SECURITY] [DLA 2069-1] cacti security update

Package : cacti Version : 0.8.8b+dfsg-8+deb8u9 CVE ID : CVE-2020-7106 It was discovered that there were a number of cross-site scripting vulnerabilities in cacti, a web interface for monitoring systems. For Debian 8 "Jessie", this issue has been fixed in cacti version 0.8.8b+dfsg-8+deb8u9. We...

6.1CVSS7.5AI score0.02139EPSS
Exploits1
Debian
Debian
•added 2020/01/18 4:38 a.m.•183 views

[SECURITY] [DLA 2068-1] linux security update

Package : linux Version : 3.16.81-1 CVE ID : CVE-2019-2215 CVE-2019-10220 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15098 CVE-2019-15217 CVE-2019-15291 CVE-2019-15505 CVE-2019-16746 CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056 CVE-2019-1713...

10CVSS7.6AI score0.72105EPSS
Exploits34
Debian
Debian
•added 2020/01/17 9:40 p.m.•152 views

[SECURITY] [DSA 4603-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4603-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 17, 2020 https://www.debian.org/security/faq -...

8.8CVSS9.1AI score0.46589EPSS
Exploits8
Debian
Debian
•added 2020/01/15 8:41 p.m.•58 views

[SECURITY] [DLA 2063-1] debian-lan-config security update

Package : debian-lan-config Version : 0.19+deb8u2 CVE ID : CVE-2019-3467 Debian Bug : 947459 In debian-lan-config 0.26, configured too permissive ACLs for the Kerberos admin server allowed password changes for other Kerberos user principals. For Debian 8 "Jessie", this problem has been fixed in...

7.8CVSS7AI score0.00503EPSS
Exploits1
Debian
Debian
•added 2020/01/15 8:39 p.m.•76 views

[SECURITY] [DLA 2060-1] phpmyadmin security update

Package : phpmyadmin Version : 4:4.2.12-2+deb8u8 CVE ID : CVE-2020-5504 Debian Bug : 948718 In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. ...

8.8CVSS7.3AI score0.38778EPSS
Exploits4
Debian
Debian
•added 2020/01/14 12:36 p.m.•69 views

[SECURITY] [DLA 2067-1] wordpress security update

Package : wordpress Version : 4.1.29+dfsg-0+deb8u1 CVE ID : CVE-2019-20041 Debian Bug : 946905 An input sanitization bypass was discovered in Wordpress, a popular content management framework. An attacker can use this flaw to send malicious scripts to an unsuspecting user. For Debian 8 "Jessie",...

9.8CVSS9.4AI score0.04654EPSS
Exploits1
Debian
Debian
•added 2020/01/14 9:3 a.m.•49 views

[SECURITY] DLA-2066-1 gthumb security update

Package : gthumb Version : 3:3.3.1-2.1+deb8u2 CVE ID : CVE-2019-20326 A heap-based buffer overflow in cairoimagesurfacecreatefromjpeg in extensions/cairoio/cairo-image-surface-jpeg.c in gThumb and Pix allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file...

7.8CVSS5AI score0.02149EPSS
Exploits2
Debian
Debian
•added 2020/01/14 9:0 a.m.•19 views

[SECURITY] DLA-2066-1 gthumb security update

Package : gthumb Version : 3:3.3.1-2.1+deb8u2 CVE ID : CVE-2019-20326 A heap-based buffer overflow in cairoimagesurfacecreatefromjpeg in extensions/cairoio/cairo-image-surface-jpeg.c in gThumb and Pix allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file...

7.8CVSS5AI score0.02149EPSS
Exploits2
Debian
Debian
•added 2020/01/13 10:27 p.m.•80 views

[SECURITY] [DSA 4602-1] xen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4602-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 13, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.2AI score0.03133EPSS
Exploits0
Debian
Debian
•added 2020/01/12 10:27 p.m.•210 views

[SECURITY] [DLA 2065-1] apache-log4j1.2 security update

Package : apache-log4j1.2 Version : 1.2.17-5+deb8u1 CVE ID : CVE-2019-17571 Debian Bug : 947124 Included in Log4j 1.2, a logging library for Java, is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combine...

9.8CVSS9.1AI score0.6906EPSS
Exploits3
Debian
Debian
•added 2020/01/10 3:6 p.m.•59 views

[SECURITY] [DLA 2064-1] ldm security update

Package : ldm Version : 2:2.2.15-2+deb8u1 CVE ID : CVE-2019-20373 Debian Bug : 948538 It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation. For...

7.8CVSS7.4AI score0.00427EPSS
Exploits0
Debian
Debian
•added 2020/01/09 9:43 p.m.•103 views

[SECURITY] [DSA 4601-1] ldm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4601-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 09, 2020 https://www.debian.org/security/faq -...

6.7AI score
Exploits0
Debian
Debian
•added 2020/01/09 5:0 p.m.•63 views

[SECURITY] [DLA 2062-1] sa-exim security update

Package : sa-exim Version : 4.2.1-14+deb8u1 CVE ID : CVE-2019-19920 Debian Bug : 946829 It was found that sa-exim, the SpamAssassin filter for Exim, allows attackers to execute arbitrary code if users are allowed to run custom rules. A similar issue was fixed in spamassassin, CVE-2018-11805, whic...

9CVSS7.9AI score0.0316EPSS
Exploits0
Debian
Debian
•added 2020/01/09 10:22 a.m.•101 views

[SECURITY] [DLA 2061-1] firefox-esr security update

Package : firefox-esr Version : 68.4.0esr-1deb8u1 CVE ID : CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, data exfiltration o...

8.8CVSS8.8AI score0.46589EPSS
Exploits8
Debian
Debian
•added 2020/01/09 9:21 a.m.•107 views

[SECURITY] [DSA 4600-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4600-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 09, 2020 https://www.debian.org/security/faq -...

8.8CVSS8.4AI score0.46589EPSS
Exploits8
Debian
Debian
•added 2020/01/08 5:47 a.m.•117 views

[SECURITY] [DSA 4599-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4599-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 08, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.1AI score0.36503EPSS
Exploits9
Debian
Debian
•added 2020/01/08 5:47 a.m.•44 views

[SECURITY] [DSA 4599-1] wordpress security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4599-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 08, 2020 https://www.debian.org/security/faq -...

7.5CVSS1.1AI score0.36503EPSS
Exploits9
Debian
Debian
•added 2020/01/07 9:36 p.m.•95 views

[SECURITY] [DSA 4598-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4598-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 07, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.3481EPSS
Exploits7
Debian
Debian
•added 2020/01/07 9:36 p.m.•38 views

[SECURITY] [DSA 4598-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4598-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 07, 2020 https://www.debian.org/security/faq -...

5CVSS1.6AI score0.3481EPSS
Exploits7
Debian
Debian
•added 2020/01/06 11:25 p.m.•154 views

[SECURITY] [DLA 2058-1] nss security update

Package : nss Version : 2:3.26-1+debu8u10 CVE ID : CVE-2019-17006 It was found that certain cryptographic primitives in nss, the Network Security Service libraries, did not check the length of the input text. This could result in a potential heap-based buffer overflow. For Debian 8 "Jessie", this...

10CVSS9.7AI score0.03552EPSS
Exploits1
Debian
Debian
•added 2020/01/06 4:51 p.m.•63 views

[SECURITY] [DLA 2057-1] pillow security update

Package : pillow Version : 2.6.1-2+deb8u4 CVE IDs : CVE-2019-19911 CVE-2020-5312 CVE-2020-5313 Debian Bug : 948224 It was discovered that there were three vulnerabilities in Pillow, an imaging library for the Python programming language: CVE-2019-19911: Prevent a denial-of-service vulnerability...

9.8CVSS9.4AI score0.0369EPSS
Exploits0
Debian
Debian
•added 2020/01/03 2:58 p.m.•40 views

[SECURITY] [DSA 4597-1] netty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4597-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 03, 2020 https://www.debian.org/security/faq -...

5CVSS1.5AI score0.08415EPSS
Exploits1
Debian
Debian
•added 2020/01/03 2:58 p.m.•71 views

[SECURITY] [DSA 4597-1] netty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4597-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 03, 2020 https://www.debian.org/security/faq -...

7.5CVSS8.5AI score0.08415EPSS
Exploits1
Debian
Debian
•added 2020/01/01 1:52 p.m.•143 views

[SECURITY] [DLA 2056-1] waitress security update

Package : waitress Version : 0.8.9-2+deb8u1 Debian Bug : 765126 It was discovered that there was a HTTP request smuggling vulnerability in waitress, pure-Python WSGI server. If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end a...

6.8AI score
Exploits0
Debian
Debian
•added 2020/01/01 12:36 p.m.•104 views

[SECURITY] [DLA 1931-2] libgcrypt20 regression update

Package : libgcrypt20 Version : 1.6.3-2+deb8u8 CVE ID : CVE-2019-13627 It was discovered that the fix to address an ECDSA timing attack in the libgcrypt20 cryptographic library was incomplete. For Debian 8 "Jessie", this issue has been fixed in libgcrypt20 version 1.6.3-2+deb8u8. Thanks to Albert...

6.3CVSS6.7AI score0.0051EPSS
Exploits0
Debian
Debian
•added 2020/01/01 3:0 a.m.•128 views

[SECURITY] [DLA 2053-1] otrs2 security update

Package : otrs2 Version : 3.3.18-1+deb8u12 CVE ID : CVE-2019-18179 Debian Bug : 945251 An attacker who is logged into OTRS as an agent is able to list tickets assigned to other agents, which are in the queue where attacker doesn’t have permissions. For Debian 8 "Jessie", this problem has been fix...

4.3CVSS5.3AI score0.01313EPSS
Exploits0
Debian
Debian
•added 2019/12/31 7:5 p.m.•107 views

[SECURITY] [DLA 2055-1] igraph security update

Package : igraph Version : 0.7.1-2+deb8u1 CVE ID : CVE-2018-20349 An issue has been found in igraph, a library for creating and manipulating graphs. A NULL pointer dereference vulneribility was detected in igraphistrdiff. For Debian 8 "Jessie", this problem has been fixed in version 0.7.1-2+deb8u...

6.5CVSS6.3AI score0.01605EPSS
Exploits1
Debian
Debian
•added 2019/12/31 6:15 p.m.•117 views

[SECURITY] [DLA 2054-1] jhead security update

Package : jhead Version : 1:2.97-1+deb8u2 CVE ID : CVE-2018-16554 CVE-2018-17088 CVE-2019-1010301 CVE-2019-1010302 Debian Bug : 907925 908176 932145 932146 Multiple buffer overflows have been fixed in jhead, a program to manipulate the non-image part of Exif compliant JPEG files. For Debian 8...

7.8CVSS7AI score0.01766EPSS
Exploits4
Debian
Debian
•added 2019/12/30 10:38 p.m.•85 views

[SECURITY] [DLA 2052-1] libbsd security update

Package : libbsd Version : 0.7.0-2+deb8u1 CVE ID : CVE-2016-2090 An issues has been found in libbsd, a package containing utility functions from BSD systems. In function fgetwln an off-by-one error could triggers a heap buffer overflow. For Debian 8 "Jessie", this problem has been fixed in versio...

9.8CVSS9.5AI score0.03223EPSS
Exploits0
Debian
Debian
•added 2019/12/30 10:33 p.m.•957 views

[SECURITY] [DLA 2051-1] intel-microcode security update

Package : intel-microcode Version : 3.20191115.2deb8u1 CVE ID : CVE-2019-11135 CVE-2019-11139 This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the TAA TSX Asynchronous Abort vulnerability. For affected CPUs, to fully mitigate the...

6.5CVSS7.5AI score0.03133EPSS
Exploits0
Debian
Debian
•added 2019/12/29 10:47 p.m.•98 views

[SECURITY] [DLA 2050-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u8 CVE ID : CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenam...

6.5CVSS7.2AI score0.08818EPSS
Exploits3
Debian
Debian
•added 2019/12/29 12:30 p.m.•78 views

[SECURITY] [DLA 2049-1] imagemagick security update

Package : imagemagick Version : 8:6.8.9.9-5+deb8u19 CVE ID : CVE-2019-19948 CVE-2019-19949 Debian Bug : 947309 947308 Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-19948 Heap-buffer-overflow in WriteSGIImage coders/sgi.c caused by insufficient...

9.8CVSS10AI score0.03678EPSS
Exploits1
Debian
Debian
•added 2019/12/28 5:59 p.m.•132 views

[SECURITY] [DLA 2048-1] libxml2 security update

Package : libxml2 Version : 2.9.1+dfsg1-5+deb8u8 CVE ID : CVE-2019-19956 It was discovered that there was a potential denial of service vulnerability in libxml2, the GNOME XML parsing library. For Debian 8 "Jessie", this issue has been fixed in libxml2 version 2.9.1+dfsg1-5+deb8u8. We recommend...

7.5CVSS7.8AI score0.05515EPSS
Exploits0
Debian
Debian
•added 2019/12/27 10:15 p.m.•205 views

[SECURITY] [DSA 4596-1] tomcat8 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4596-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2019 https://www.debian.org/security/faq -...

9.8CVSS7.8AI score0.94494EPSS
Exploits6
Debian
Debian
•added 2019/12/27 10:14 p.m.•134 views

[SECURITY] [DSA 4595-1] debian-lan-config security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4595-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2019 https://www.debian.org/security/faq -...

7.8CVSS7.6AI score0.00503EPSS
Exploits1
Total number of security vulnerabilities14409