Lucene search
K
DebianRecent

14409 matches found

Debian
Debian
•added 2019/12/07 10:2 p.m.•193 views

[SECURITY] [DLA 2023-1] openjdk-7 security update

Package : openjdk-7 Version : 7u241-2.6.20-1deb8u1 CVE ID : CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 Several...

6.8CVSS7.8AI score0.03749EPSS
Exploits0
Debian
Debian
•added 2019/12/06 9:54 p.m.•191 views

[SECURITY] [DSA 4579-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4579-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 06, 2019 https://www.debian.org/security/faq -...

8.8CVSS9.5AI score0.02994EPSS
Exploits1
Debian
Debian
•added 2019/12/06 3:4 p.m.•61 views

[SECURITY] [DLA 2022-1] librabbitmq security update

Package : librabbitmq Version : 0.5.2-2+deb8u1 CVE ID : CVE-2019-18609 Debian Bug : 946005 It was discovered that there was an integer overflow vulnerability in librabbitmq, a library for robust messaging between applications and servers. For Debian 8 "Jessie", this issue has been fixed in...

9.8CVSS9.7AI score0.03317EPSS
Exploits0
Debian
Debian
•added 2019/12/05 6:48 p.m.•101 views

[SECURITY] [DLA 2021-1] libav security update

Package : libav Version : 6:11.12-1deb8u9 CVE ID : CVE-2017-17127 CVE-2017-18245 CVE-2018-19128 CVE-2018-19130 CVE-2019-14443 CVE-2019-17542 Several security issues were fixed in libav, a multimedia library for processing audio and video files. CVE-2017-17127 The vc1decodeframe function in...

9.8CVSS8.9AI score0.02305EPSS
Exploits3
Debian
Debian
•added 2019/12/04 11:43 a.m.•118 views

[SECURITY] [DLA 2020-1] libonig security update

Package : libonig Version : 5.9.5-3.2+deb8u4 CVE ID : CVE-2019-19012 CVE-2019-19204 CVE-2019-19246 Debian Bug : 944959 945313 Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-19012 An integer overflow in the searchinrange...

9.8CVSS10AI score0.10539EPSS
Exploits4
Debian
Debian
•added 2019/12/02 11:5 p.m.•64 views

[SECURITY] [DLA 2019-1] exiv2 security update

Package : exiv2 Version : 0.24-4.1+deb8u5 CVE ID : CVE-2019-17402 A corrupted or specially crafted CRW images might exceed the overall buffersize to cause a denial of service. For Debian 8 "Jessie", this problem has been fixed in version 0.24-4.1+deb8u5. We recommend that you upgrade your exiv2...

6.5CVSS6.7AI score0.01851EPSS
Exploits0
Debian
Debian
•added 2019/12/01 2:13 p.m.•85 views

[SECURITY] [DLA 2017-2] asterisk regression update

Package : asterisk Version : 1:11.13.1dfsg-2+deb8u8 The backport of the CVE-2019-13161 fix caused a regression and has been reverted. For Debian 8 "Jessie", this problem has been fixed in version 1:11.13.1dfsg-2+deb8u8. We recommend that you upgrade your asterisk packages. Further information abo...

5.3CVSS5.5AI score0.04031EPSS
Exploits0
Debian
Debian
•added 2019/11/30 9:13 p.m.•106 views

[SECURITY] [DLA 2018-1] proftpd-dfsg security update

Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u5 CVE ID : CVE-2019-19269 In modtls a crash with empty CRL was fixed. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5. We recommend that you upgrade your proftpd-dfsg packages. Further information about...

4.9CVSS6.2AI score0.01645EPSS
Exploits0
Debian
Debian
•added 2019/11/30 8:56 p.m.•107 views

[SECURITY] [DLA 2017-1] asterisk security update

Package : asterisk Version : 1:11.13.1dfsg-2+deb8u7 CVE ID : CVE-2019-13161 CVE-2019-18610 CVE-2019-18790 Several vulnerabilites are fixed in Asterisk, an Open Source PBX and telephony toolkit. CVE-2019-13161 An attacker was able to crash Asterisk when handling an SDP answer to an outgoing T.38...

9CVSS7AI score0.29645EPSS
Exploits0
Debian
Debian
•added 2019/11/30 8:41 p.m.•231 views

[SECURITY] [DLA 1698-2] file regression update

Package : file Version : 1:5.22+15-2+deb8u7 This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause. For Debian 8 "Jessie", this problem has been fixed in version...

6.8AI score
Exploits0
Debian
Debian
•added 2019/11/29 7:19 p.m.•128 views

[SECURITY] [DLA 2005-1] tnef security update

Package : tnef Version : 1.4.9-1+deb8u4 CVE ID : CVE-2019-18849 Debian Bug : 944851 In tnef, an attacker may be able to write to the victims .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving...

5.5CVSS6.5AI score0.01203EPSS
Exploits1
Debian
Debian
•added 2019/11/29 7:18 p.m.•148 views

[SECURITY] [DLA 2004-1] 389-ds-base security update

Package : 389-ds-base Version : 1.3.3.5-4+deb8u7 CVE ID : CVE-2019-14824 Debian Bug : 944150 A flaw was found in the deref plugin of 389-ds-base where it could use the search permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private...

6.5CVSS6.6AI score0.013EPSS
Exploits0
Debian
Debian
•added 2019/11/29 3:53 p.m.•154 views

[SECURITY] [DLA 2016-1] ssvnc security update

Package : ssvnc Version : 1.0.29-2+deb8u1 CVE ID : CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20024 Debian Bug : 945827 Several vulnerabilities have been identified in the VNC code of ssvnc, an encryption-capable VNC client.. The vulnerabilities referenced below are issues that have...

9.8CVSS7AI score0.08553EPSS
Exploits0
Debian
Debian
•added 2019/11/29 3:50 p.m.•171 views

[SECURITY] [DLA 2015-1] nss security update

Package : nss Version : 2:3.26-1+debu8u8 CVE ID : CVE-2019-17007 Debian Bug : Handling of Netscape Certificate Sequences in CERTDecodeCertPackage may haved crash with a NULL deref leading to a Denial-of-Service. For Debian 8 "Jessie", this problem has been fixed in version 2:3.26-1+debu8u8. We...

7.5CVSS6.8AI score0.01382EPSS
Exploits1
Debian
Debian
•added 2019/11/29 8:30 a.m.•166 views

[SECURITY] [DLA 2014-1] vino security update

Package : vino Version : 3.14.0-2+deb8u1 CVE ID : CVE-2014-6053 CVE-2018-7225 CVE-2019-15681 Debian Bug : 945784 Several vulnerabilities have been identified in the VNC code of vino, a desktop sharing utility for the GNOME desktop environment. The vulnerabilities referenced below are issues that...

9.8CVSS6.9AI score0.07563EPSS
Exploits1
Debian
Debian
•added 2019/11/28 7:47 p.m.•138 views

[SECURITY] [DSA 4578-1] libvpx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4578-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2019 https://www.debian.org/security/faq -...

7.5CVSS8.2AI score0.05092EPSS
Exploits0
Debian
Debian
•added 2019/11/28 8:20 a.m.•22 views

[SECURITY] [DSA 4577-1] haproxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4577-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 28, 2019 https://www.debian.org/security/faq -...

7.5CVSS1AI score0.03955EPSS
Exploits0
Debian
Debian
•added 2019/11/28 8:20 a.m.•144 views

[SECURITY] [DSA 4577-1] haproxy security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4577-1 [email protected] https://www.debian.org/security/ Sebastien Delafond November 28, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.03955EPSS
Exploits0
Debian
Debian
•added 2019/11/27 9:39 p.m.•137 views

[SECURITY] [DLA 2013-1] libvorbis security update

Package : libvorbis Version : 1.3.4-2+deb8u2 CVE ID : CVE-2017-14160 CVE-2018-10392 CVE-2018-10393 Several issues have been found in libvorbis, a decoder library for Vorbis General Audio Compression Codec. The fix for CVE-2017-14160 and CVE-2018-10393 improve the bound checking for very low sampl...

8.8CVSS8.8AI score0.04575EPSS
Exploits1
Debian
Debian
•added 2019/11/26 10:30 p.m.•48 views

[SECURITY] [DLA 2012-1] libvpx security update

Package : libvpx Version : 1.3.0-3+deb8u2 CVE ID : CVE-2019-9232 CVE-2019-9433 Several issues have been found in libvpx, a VP8 and VP9 video codec. CVE-2019-9232 There is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no addition...

7.5CVSS7.6AI score0.05092EPSS
Exploits0
Debian
Debian
•added 2019/11/26 9:33 p.m.•60 views

[SECURITY] [DLA 2011-1] xmlrpc-epi security update

Package : xmlrpc-epi Version : 0.54.2-1.1+deb8u1 CVE ID : CVE-2016-6296 An issue in xmlrpc-epi, an XML-RPC request serialisation/deserialisation library, has been found. An integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi could be used for a heap based...

9.8CVSS8.1AI score0.06271EPSS
Exploits1
Debian
Debian
•added 2019/11/26 9:29 p.m.•53 views

[SECURITY] [DLA 2010-1] bsdiff security update

Package : bsdiff Version : 4.3-15+deb8u1 CVE ID : CVE-2014-9862 An issue in bsdiff, a tool to generate/apply a patch between two binary files, has been found. Using a crafted patch file an integer signedness error in bspatch could be used for a heap based buffer overflow and possibly execution of...

7.8CVSS8.1AI score0.06762EPSS
Exploits0
Debian
Debian
•added 2019/11/26 9:24 p.m.•76 views

[SECURITY] [DLA 2009-1] tiff security update

Package : tiff Version : 4.0.3-12.3+deb8u10 CVE ID : CVE-2017-17095 CVE-2018-12900 CVE-2018-18661 CVE-2019-6128 CVE-2019-17546 Several issues have been found in tiff, a Tag Image File Format library. CVE-2019-17546 The RGBA interface contains an integer overflow that might lead to heap buffer...

8.8CVSS9.2AI score0.25183EPSS
Exploits4
Debian
Debian
•added 2019/11/25 11:15 p.m.•61 views

[SECURITY] [DLA 2008-1] nss security update

Package : nss Version : 2:3.26-1+debu8u7 CVE ID : CVE-2019-11745 A vulnerability has been discovered in nss, the Mozilla Network Security Service library. An out-of-bounds write can occur when passing an output buffer smaller than the block size to NSCEncryptUpdate. For Debian 8 "Jessie", this...

8.8CVSS6.8AI score0.02994EPSS
Exploits0
Debian
Debian
•added 2019/11/25 9:24 p.m.•70 views

[SECURITY] [DLA 2007-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u8 CVE ID : CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 Several flaws have been found in ruby2.1, an interpreter of an object-oriented scripting language. CVE-2019-15845 Path matching might pass in File.fnmatch and File.fnmatch? due to a NUL...

8.1CVSS8AI score0.0576EPSS
Exploits1
Debian
Debian
•added 2019/11/25 9:20 p.m.•40 views

[SECURITY] [DLA 2006-1] libxdmcp security update

Package : libxdmcp Version : 1:1.1.1-1+deb8u1 CVE ID : CVE-2017-2625 It has been found, that libxdmcp, an X11 Display Manager Control Protocol library, uses weak entropy to generate keys. Using arc4randombuf from libbsd should avoid this flaw. For Debian 8 "Jessie", this problem has been fixed in...

6.5CVSS6.2AI score0.00538EPSS
Exploits3
Debian
Debian
•added 2019/11/25 3:45 p.m.•21 views

[SECURITY] [DSA 4576-1] php-imagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4576-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2019 https://www.debian.org/security/faq -...

7.5CVSS2.9AI score0.01972EPSS
Exploits0
Debian
Debian
•added 2019/11/25 3:45 p.m.•43 views

[SECURITY] [DSA 4576-1] php-imagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4576-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2019 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.01972EPSS
Exploits0
Debian
Debian
•added 2019/11/25 4:3 a.m.•30 views

[SECURITY] [DSA 4575-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4575-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 24, 2019 https://www.debian.org/security/faq -...

6.8CVSS0.6AI score0.0149EPSS
Exploits0
Debian
Debian
•added 2019/11/25 4:3 a.m.•83 views

[SECURITY] [DSA 4575-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4575-1 [email protected] https://www.debian.org/security/ Michael Gilbert November 24, 2019 https://www.debian.org/security/faq -...

8.8CVSS9.5AI score0.0149EPSS
Exploits0
Debian
Debian
•added 2019/11/24 9:43 p.m.•73 views

[SECURITY] [DSA 4571-2] enigmail update

------------------------------------------------------------------------- Debian Security Advisory DSA-4571-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 24, 2019 https://www.debian.org/security/faq -...

6.7AI score
Exploits0
Debian
Debian
•added 2019/11/24 6:13 p.m.•89 views

[SECURITY] [DLA 2003-1] isc-dhcp security update

Package : isc-dhcp Version : 4.3.1-6+deb8u4 CVE ID : CVE-2016-2774 An issue has been found in isc-dhcp, a server for automatic IP address assignment. The number of simultaneous open TCP connections to OMAPI port of the server has to be limited to 200 in order to avoid a denial of service. For...

7.1CVSS6AI score0.73622EPSS
Exploits0
Debian
Debian
•added 2019/11/23 7:4 p.m.•92 views

[SECURITY] [DLA 2002-1] libice security update

Package : libice Version : 2:1.0.9-1+deb8u1 CVE ID : CVE-2017-2626 It has been found, that libice, an X11 Inter-Client Exchange library, uses weak entropy to generate keys. Using arc4randombuf from libbsd should avoid this flaw. For Debian 8 "Jessie", this problem has been fixed in version...

5.5CVSS5.6AI score0.00464EPSS
Exploits2
Debian
Debian
•added 2019/11/23 9:22 a.m.•96 views

[SECURITY] [DLA 2001-1] libofx security update

Package : libofx Version : 1:0.9.10-1+deb8u2 CVE ID : CVE-2019-9656 Debian Bug : 924350 There is a NULL pointer dereference in the function OFXApplication::startElement in the file lib/ofxsgml.cpp, as demonstrated by ofxdump. For Debian 8 "Jessie", this problem has been fixed in version...

8.8CVSS8.6AI score0.02141EPSS
Exploits1
Debian
Debian
•added 2019/11/23 8:57 a.m.•107 views

[SECURITY] [DLA 2000-1] pam-python security update

Package : pam-python Version : 1.0.4-1.1+deb8u1 CVE ID : CVE-2019-16729 Debian Bug : 942514 It was discovered that pam-python, a PAM Module that runs the Python interpreter, has an issue in regard to the default environment variable handling of Python. This issue could allow for local root...

7.8CVSS7.6AI score0.00356EPSS
Exploits0
Debian
Debian
•added 2019/11/19 7:3 p.m.•45 views

[SECURITY] [DSA 4574-1] redmine security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4574-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 19, 2019 https://www.debian.org/security/faq -...

6.5CVSS7AI score0.04338EPSS
Exploits2
Debian
Debian
•added 2019/11/19 1:38 a.m.•106 views

[SECURITY] [DLA 1999-1] symfony security update

Package : symfony Version : 2.3.21+dfsg-4+deb8u6 CVE ID : CVE-2019-18886 CVE-2019-18887 CVE-2019-18888 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian ...

8.1CVSS7.1AI score0.02248EPSS
Exploits0
Debian
Debian
•added 2019/11/18 10:4 p.m.•94 views

[SECURITY] [DSA 4573-1] symfony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4573-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.8AI score0.33247EPSS
Exploits0
Debian
Debian
•added 2019/11/18 10:3 p.m.•107 views

[SECURITY] [DSA 4572-1] slurm-llnl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4572-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.0268EPSS
Exploits0
Debian
Debian
•added 2019/11/18 6:55 p.m.•101 views

[SECURITY] [DLA 1998-1] python-psutil security update

Package : python-psutil Version : 2.1.1-1+deb8u1 CVE ID : CVE-2019-18874 Debian Bug : 944605 It was discovered that there were multiple double free vulnerabilities in python-psutil, a Python module providing convenience functions for accessing system process data. This was caused by incorrect...

7.5CVSS7.7AI score0.03522EPSS
Exploits0
Debian
Debian
•added 2019/11/18 4:31 p.m.•86 views

[SECURITY] [DLA 1997-1] thunderbird security update

Package : thunderbird Version : 1:68.2.2-1deb8u1 CVE ID : CVE-2019-11755 CVE-2019-11757 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903 Multiple security issues have been found in Thunderbird which could potentially result in the execution ...

8.8CVSS9AI score0.06643EPSS
Exploits2
Debian
Debian
•added 2019/11/18 3:23 p.m.•70 views

[SECURITY] [DLA 1996-1] libapache2-mod-auth-openidc security update

Package : libapache2-mod-auth-openidc Version : 1.6.0-1+deb8u2 CVE ID : CVE-2019-14857 Debian Bug : 942165 A security vulnerability was found in libapache2-mod-auth-openidc, the OpenID Connect authentication module for the Apache HTTP server. Insufficient validation of URLs leads to an Open...

6.1CVSS6.3AI score0.01535EPSS
Exploits0
Debian
Debian
•added 2019/11/18 7:14 a.m.•68 views

[SECURITY] [DLA 1995-1] angular.js security update

Package : angular.js Version : 1.2.26-1+deb8u1 CVE ID : CVE-2019-14863 Earlier versions of this package package were vulnerable to Cross-site Scripting XSS due to no proper sanitization of xlink:href attributes. For Debian 8 "Jessie", this problem has been fixed in version 1.2.26-1+deb8u1. We...

7.1CVSS6.4AI score0.01382EPSS
Exploits0
Debian
Debian
•added 2019/11/17 9:55 p.m.•65 views

[SECURITY] [DSA 4571-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4571-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2019 https://www.debian.org/security/faq -...

8.8CVSS8.6AI score0.06643EPSS
Exploits2
Debian
Debian
•added 2019/11/17 4:13 p.m.•30 views

[SECURITY] [DSA 4570-1] mosquitto security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4570-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 17, 2019 https://www.debian.org/security/faq -...

4CVSS1.7AI score0.02742EPSS
Exploits0
Debian
Debian
•added 2019/11/17 4:13 p.m.•67 views

[SECURITY] [DSA 4570-1] mosquitto security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4570-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 17, 2019 https://www.debian.org/security/faq -...

6.5CVSS6.8AI score0.02742EPSS
Exploits0
Debian
Debian
•added 2019/11/15 7:21 p.m.•145 views

[SECURITY] [DLA-1994-1] postgresql-common security update

Package : postgresql-common Version : 165+deb8u4 CVE ID : CVE-2019-3466 Rich Mirch discovered that the pgctlcluster script didnt drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. For the oldoldstable distribution jessie, this...

7.8CVSS7AI score0.00499EPSS
Exploits1
Debian
Debian
•added 2019/11/15 2:10 p.m.•141 views

[SECURITY] [DLA 1993-1] mesa security update

Package : mesa Version : 10.3.2-1+deb8u2 CVE ID : CVE-2019-5068 Debian Bug : 944298 Tim Brown discovered a shared memory permissions vulnerability in the Mesa 3D graphics library. Some Mesa X11 drivers use shared-memory XImages to implement back buffers for improved performance, but Mesa creates...

5.1CVSS4.5AI score0.00504EPSS
Exploits1
Debian
Debian
•added 2019/11/15 2:16 a.m.•123 views

[SECURITY] [DLA 1992-1] ghostscript security update

Package : ghostscript Version : 9.26adfsg-0+deb8u6 CVE ID : CVE-2019-14869 Manfred Paul and Lukas Schauer reported that the .charkeys procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions...

8.8CVSS7AI score0.03434EPSS
Exploits0
Debian
Debian
•added 2019/11/14 9:37 p.m.•30 views

[SECURITY] [DSA 4569-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4569-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 14, 2019 https://www.debian.org/security/faq -...

6.8CVSS1.5AI score0.03434EPSS
Exploits0
Total number of security vulnerabilities14409