Lucene search
K
DebianRecent

14407 matches found

Debian
Debian
•added 2019/10/21 2:14 p.m.•59 views

[SECURITY] [DLA 1961-1] milkytracker security update

Package : milkytracker Version : 0.90.85+dfsg-2.2+deb8u1 CVE ID : CVE-2019-14464 CVE-2019-14496 CVE-2019-14497 Debian Bug : 933964 Fredric discovered a couple of buffer overflows in MilkyTracker, of which, a brief description is given below. CVE-2019-14464 XMFile::read in XMFile.cpp in milkyplay ...

7.8CVSS7.1AI score0.01387EPSS
Exploits3
Debian
Debian
•added 2019/10/21 9:4 a.m.•82 views

[SECURITY] [DLA 1968-1] imagemagick security update

Package : imagemagick Version : 8:6.8.9.9-5+deb8u18 CVE ID : CVE-2019-11470 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-11470 Uncontrolled resource consumption caused by insufficiently sanitized image...

8.8CVSS8.8AI score0.04104EPSS
Exploits3
Debian
Debian
•added 2019/10/20 9:34 p.m.•85 views

[SECURITY] [DSA 4546-1] openjdk-11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4546-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 20, 2019 https://www.debian.org/security/faq -...

6.8CVSS7.7AI score0.03749EPSS
Exploits0
Debian
Debian
•added 2019/10/19 7:13 p.m.•123 views

[SECURITY] [DLA 1966-1] aspell security update

Package : aspell Version : 0.60.720110707-1.3+deb8u1 CVE ID : CVE-2019-17544 It was discovered that Aspell, the GNU spell checker, incorrectly handled certain inputs which leads to a stack-based buffer over-read. An attacker could potentially access sensitive information. For Debian 8 "Jessie",...

9.1CVSS9.2AI score0.03259EPSS
Exploits0
Debian
Debian
•added 2019/10/19 2:42 p.m.•123 views

[SECURITY] [DLA 1965-1] nfs-utils security update

Package : nfs-utils Version : 1.2.8-9+deb8u1 CVE ID : CVE-2019-3689 Debian Bug : 940848 In the nfs-utils package, providing support files for Network File System NFS including the rpc.statd daemon, the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and manag...

10CVSS7.4AI score0.01499EPSS
Exploits0
Debian
Debian
•added 2019/10/18 6:4 p.m.•159 views

[SECURITY] [DSA 4545-1] mediawiki security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4545-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 18, 2019 https://www.debian.org/security/faq -...

5.3CVSS5.1AI score0.01768EPSS
Exploits1
Debian
Debian
•added 2019/10/18 6:44 a.m.•200 views

[SECURITY] [DLA 1963-2] poppler regression update

Package : poppler Version : 0.180.26.5-2+deb8u13 CVE ID : CVE-2019-10871 Debian Bug : 942503 The fix for CVE-2019-10871 broke xpdf. This change has been reverted until a better fix can be developed. For Debian 8 "Jessie", this problem has been fixed in version 0.180.26.5-2+deb8u13. We recommend...

6.5CVSS6.7AI score0.02486EPSS
Exploits1
Debian
Debian
•added 2019/10/17 9:17 p.m.•156 views

[SECURITY] [DLA 1963-1] poppler security update

Package : poppler Version : 0.26.5-2+deb8u12 CVE ID : CVE-2019-9959 CVE-2019-10871 Two buffer allocation issues were identified in poppler. CVE-2019-9959 An unexpected negative length value can cause an integer overflow, which in turn making it possible to allocate a large memory chunk on the hea...

6.5CVSS7.5AI score0.02486EPSS
Exploits1
Debian
Debian
•added 2019/10/17 8:21 p.m.•43 views

[SECURITY] [DLA 1960-1] wordpress security update

Package : wordpress Version : 4.1.27+dfsg-0+deb8u1 CVE ID : CVE-2019-16217 CVE-2019-16218 CVE-2019-16219 CVE-2019-16220 CVE-2019-16221 CVE-2019-16222 CVE-2019-16223 Debian Bug : 939543 Several cross-site scripting XSS vulnerabilities were discovered in Wordpress, a popular content management...

6.1CVSS7.2AI score0.05181EPSS
Exploits5
Debian
Debian
•added 2019/10/17 8:14 p.m.•48 views

[SECURITY] [DLA 1964-1] sudo security update

Package : sudo Version : 1.8.10p3-1+deb8u6 CVE ID : CVE-2019-14287 Debian Bug : 942322 In sudo, a program that provides limited super user privileges to specific users, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can caus...

9CVSS8.9AI score0.63917EPSS
Exploits10
Debian
Debian
•added 2019/10/17 9:46 a.m.•81 views

[SECURITY] [DLA 1714-2] libsdl2 regression update

Package : libsdl2 Version : 2.0.2+dfsg1-6+deb8u2 CVE ID : CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 The update of libsdl2 released as DLA 1714-1 led to several regressions, as reported ...

8.8CVSS8.8AI score0.03299EPSS
Exploits11
Debian
Debian
•added 2019/10/17 9:45 a.m.•74 views

[SECURITY] [DLA 1713-2] libsdl1.2 regression update

Package : libsdl1.2 Version : 1.2.15-10+deb8u2 CVE ID : CVE-2019-7572 CVE-2019-7573 CVE-2019-7574 CVE-2019-7575 CVE-2019-7576 CVE-2019-7577 CVE-2019-7578 CVE-2019-7635 CVE-2019-7636 CVE-2019-7637 CVE-2019-7638 The update of libsdl1.2 released as DLA 1713-1 led to a regression, caused by an...

8.8CVSS8.7AI score0.03299EPSS
Exploits11
Debian
Debian
•added 2019/10/16 5:29 a.m.•31 views

[SECURITY] [DSA 4544-1] unbound security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4544-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 16, 2019 https://www.debian.org/security/faq -...

5CVSS1.4AI score0.03506EPSS
Exploits0
Debian
Debian
•added 2019/10/16 5:29 a.m.•81 views

[SECURITY] [DSA 4544-1] unbound security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4544-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 16, 2019 https://www.debian.org/security/faq -...

7.5CVSS7.6AI score0.03506EPSS
Exploits0
Debian
Debian
•added 2019/10/15 9:12 p.m.•44 views

[SECURITY] [DSA 4509-3] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4509-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 15, 2019 https://www.debian.org/security/faq -...

4.3CVSS1.9AI score0.81466EPSS
Exploits4
Debian
Debian
•added 2019/10/15 9:12 p.m.•94 views

[SECURITY] [DSA 4509-3] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4509-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 15, 2019 https://www.debian.org/security/faq -...

6.1CVSS8AI score0.81466EPSS
Exploits4
Debian
Debian
•added 2019/10/14 8:49 p.m.•82 views

[SECURITY] [DLA 1959-1] xtrlock security update

Package : xtrlock Version : 2.6+deb8u1 CVE ID : CVE-2016-10894 Debian Bug : 830726 It was discovered that multitouch devices were not being disabled by the "xtrlock" screen locking utility. xtrlock did not block multitouch events so an attacker could still input and thus control various programs...

4.6CVSS4.6AI score0.00364EPSS
Exploits0
Debian
Debian
•added 2019/10/14 7:5 p.m.•35 views

[SECURITY] [DSA 4543-1] sudo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4543-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 14, 2019 https://www.debian.org/security/faq -...

9CVSS3.2AI score0.63917EPSS
Exploits10
Debian
Debian
•added 2019/10/14 7:5 p.m.•148 views

[SECURITY] [DSA 4543-1] sudo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4543-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 14, 2019 https://www.debian.org/security/faq -...

9CVSS9.1AI score0.63917EPSS
Exploits10
Debian
Debian
•added 2019/10/14 11:28 a.m.•75 views

[SECURITY] [DLA 1953-2] clamav regression update

Package : clamav Version : 0.101.4+dfsg-0+deb8u2 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 942172 The update of clamav released as DLA 1953-1 led to permission issues on /var/run/clamav. This caused several users to experience issues restarting the clamav daemon. This regression is caus...

9.8CVSS8.8AI score0.08042EPSS
Exploits0
Debian
Debian
•added 2019/10/14 11:25 a.m.•98 views

[SECURITY] [DLA 1958-1] libdatetime-timezone-perl new upstream version

Package : libdatetime-timezone-perl Version : 1:1.75-2+2019c This update includes the changes in tzdata 2019c for the Perl bindings. For the list of changes, see DLA-1957-1. For Debian 8 "Jessie", this problem has been fixed in version 1:1.75-2+2019c. We recommend that you upgrade your...

6.8AI score
Exploits0
Debian
Debian
•added 2019/10/14 11:23 a.m.•72 views

[SECURITY] [DLA 1957-1] tzdata new upstream version

Package : tzdata Version : 2019c-0+deb8u1 This update includes the changes in tzdata 2018c. Notable changes are: - Brazil has canceled DST and will stay on standard time indefinitely. - Fijis next DST transitions will be 2019-11-10 and 2020-01-12 instead of 2019-11-03 and 2020-01-19. - Norfolk...

6.8AI score
Exploits0
Debian
Debian
•added 2019/10/13 7:41 a.m.•19 views

[SECURITY] [DSA 4539-3] openssl regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 13, 2019 https://www.debian.org/security/faq -...

1.8AI score
Exploits0
Debian
Debian
•added 2019/10/13 7:41 a.m.•186 views

[SECURITY] [DSA 4539-3] openssl regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 13, 2019 https://www.debian.org/security/faq -...

6.8AI score
Exploits0
Debian
Debian
•added 2019/10/11 8:27 p.m.•210 views

[SECURITY] [DLA 1955-1] tcpdump security update

Package : tcpdump Version : 4.9.3-1deb8u1 CVE ID : CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882...

9.8CVSS8AI score0.06816EPSS
Exploits0
Debian
Debian
•added 2019/10/11 5:15 a.m.•119 views

[SECURITY] [DLA 1956-1] ruby-openid security update

Package : ruby-openid Version : 2.5.0debian-1+deb8u1 CVE ID : CVE-2019-11027 ruby-openid performed discovery first, and then verification. This allowed an attacker to change the URL used for discovery and trick the server into connecting to the URL. This server in turn could be a private server n...

10CVSS9.3AI score0.02911EPSS
Exploits0
Debian
Debian
•added 2019/10/10 7:16 p.m.•118 views

[SECURITY] [DLA 1954-1] lucene-solr security update

Package : lucene-solr Version : 3.6.2+dfsg-5+deb8u3 CVE ID : CVE-2019-0193 A security vulnerability was discovered in lucene-solr, an enterprise search server. The DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole...

9CVSS7AI score0.83547EPSS
Exploits3
Debian
Debian
•added 2019/10/10 10:52 a.m.•68 views

[SECURITY] [DLA 1953-1] clamav security update

Package : clamav Version : 0.101.4+dfsg-0+deb8u1 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 34359 It was discovered that clamav, the open source antivirus engine, is affected by the following security vulnerabilities: CVE-2019-12625 Denial of Service DoS vulnerability, resulting from...

9.8CVSS9.3AI score0.08042EPSS
Exploits0
Debian
Debian
•added 2019/10/10 12:12 a.m.•130 views

[SECURITY] [DLA 1952-1] rsyslog security update

Package : rsyslog Version : 8.4.2-1+deb8u3 CVE IDs : CVE-2019-17041 CVE-2019-17042 Debian Bugs : 942065 942067 It was discovered that there were two vulnerabilities in the rsyslog system/kernel logging daemon in the parsers for AIX and Cisco log messages respectfully. For Debian 8 "Jessie", these...

9.8CVSS10AI score0.04568EPSS
Exploits0
Debian
Debian
•added 2019/10/09 9:16 p.m.•57 views

[SECURITY] [DLA 1951-1] libtomcrypt security update

Package : libtomcrypt Version : 1.17-6+deb8u1 CVE ID : CVE-2019-17362 It was discovered that there was a denial of service vulnerability in the libtomcrypt cryptographic library. An out-of-bounds read and crash could occur via carefully-crafted "DER" encoded data eg. by importing an X.509...

9.1CVSS9.1AI score0.03195EPSS
Exploits1
Debian
Debian
•added 2019/10/08 2:10 p.m.•113 views

[SECURITY] [DLA 1950-1] openjpeg2 security update

Package : openjpeg2 Version : 2.1.0-2+deb8u8 CVE ID : CVE-2018-21010 Debian Bug : 939553 A heap buffer overflow vulnerability was discovered in openjpeg2, the open-source JPEG 2000 codec. This vulnerability is caused by insufficient validation of width and height of image components in...

8.8CVSS8.7AI score0.02091EPSS
Exploits0
Debian
Debian
•added 2019/10/08 12:40 p.m.•123 views

[SECURITY] [DLA 1949-1] xen security update

Package : xen Version : 4.4.4lts5-0+deb8u1 CVE ID : CVE-2018-19961 CVE-2018-19962 CVE-2018-19966 XSA ID : XSA-275 XSA-280 XSA-285 XSA-287 XSA-288 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalatio...

8.8CVSS6.8AI score0.00438EPSS
Exploits0
Debian
Debian
•added 2019/10/07 7:52 p.m.•21 views

[SECURITY] [DSA 4539-2] openssh regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 07, 2019 https://www.debian.org/security/faq -...

0.8AI score
Exploits0
Debian
Debian
•added 2019/10/07 7:52 p.m.•79 views

[SECURITY] [DSA 4539-2] openssh regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 07, 2019 https://www.debian.org/security/faq -...

6.8AI score
Exploits0
Debian
Debian
•added 2019/10/07 11:14 a.m.•61 views

[SECURITY] [DLA 1948-1] ruby-mini-magick security update

Package : ruby-mini-magick Version : 3.8.1-1+deb8u1 CVE ID : CVE-2019-13574 Debian Bug : 931932 In lib/minimagick/image.rb in ruby-mini-magick, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernelopen, which accepts a | charact...

7.8CVSS7.6AI score0.07639EPSS
Exploits1
Debian
Debian
•added 2019/10/07 7:23 a.m.•73 views

[SECURITY] [DLA 1942-2] phpbb3 regression update

This is a follow-up to DLA-1942-1. There was some confusion about the correct fix for CVE-2019-13776. The correct announcement for this DLA should have been: Package : phpbb3 Version : 3.0.12-5+deb8u4 CVE ID : CVE-2019-13776 CVE-2019-16993 CVE-2019-16993 In phpBB, includes/acp/acpbbcodes.php had...

8.8CVSS7.3AI score0.00804EPSS
Exploits0
Debian
Debian
•added 2019/10/06 11:31 a.m.•111 views

[SECURITY] [DLA 1947-1] libreoffice security update

Package : libreoffice Version : 1:4.3.3-2+deb8u13 CVE ID : CVE-2019-9848 CVE-2019-9849 CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 CVE-2019-9853 CVE-2019-9854 Several vulnerabilities were discovered in LibreOffice, the office productivity suite. CVE-2019-9848 Nils Emmerich discovered that malicious...

9.8CVSS7.2AI score0.78007EPSS
Exploits12
Debian
Debian
•added 2019/10/06 8:28 a.m.•102 views

[SECURITY] [DSA 4542-1] jackson-databind security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4542-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 06, 2019 https://www.debian.org/security/faq -...

9.8CVSS8.9AI score0.45205EPSS
Exploits3
Debian
Debian
•added 2019/10/06 8:28 a.m.•55 views

[SECURITY] [DSA 4542-1] jackson-databind security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4542-1 [email protected] https://www.debian.org/security/ Sebastien Delafond October 06, 2019 https://www.debian.org/security/faq -...

7.5CVSS3.4AI score0.45205EPSS
Exploits3
Debian
Debian
•added 2019/10/05 2:40 p.m.•149 views

[SECURITY] [DLA 1946-1] novnc security update

Package : novnc Version : 1:0.4+dfsg+1+20131010+gitf68af8af3d-4+deb8u1 CVE ID : CVE-2017-18635 An XSS vulnerability was discovered in noVNC in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server...

6.1CVSS6.1AI score0.0481EPSS
Exploits1
Debian
Debian
•added 2019/10/04 9:50 p.m.•22 views

[SECURITY] [DSA 4541-1] libapreq2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4541-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 04, 2019 https://www.debian.org/security/faq -...

5CVSS2AI score0.03941EPSS
Exploits0
Debian
Debian
•added 2019/10/04 9:50 p.m.•175 views

[SECURITY] [DSA 4541-1] libapreq2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4541-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 04, 2019 https://www.debian.org/security/faq -...

7.5CVSS7.4AI score0.03941EPSS
Exploits0
Debian
Debian
•added 2019/10/04 1:31 a.m.•150 views

[SECURITY] [DLA 1945-1] openconnect security update

Package : openconnect Version : 6.00-2+deb8u1 CVE ID : CVE-2019-16239 Debian Bug : 940871 A vulnerability was discovered by Lukas Kupczyk of the Advanced Research Team at CrowdStrike Intelligence in OpenConnect, an open client for Cisco AnyConnect, Pulse, GlobalProtect VPN. A malicious HTTP serve...

9.8CVSS6.9AI score0.03445EPSS
Exploits0
Debian
Debian
•added 2019/10/03 10:49 a.m.•52 views

[SECURITY] [DLA 1944-1] libapreq2 security update

Package : libapreq2 Version : 2.13-4+deb8u1 CVE ID : CVE-2019-12412 Debian Bug : 939937 It was discovered that there was a remotely-exploitable null pointer dereference in libapreq2, a library for manipulating HTTP requests. For Debian 8 "Jessie", this issue has been fixed in libapreq2 version...

7.5CVSS7.5AI score0.03941EPSS
Exploits0
Debian
Debian
•added 2019/10/02 10:48 p.m.•337 views

[SECURITY] [DLA 1943-1] jackson-databind security update

Package : jackson-databind Version : 2.4.2-2+deb8u9 CVE ID : CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943 Debian Bug : 940498 941530 More deserialization flaws were discovered in jackson-databind relating to the classes in com.zaxxer.hikari.HikariConfig,...

9.8CVSS10AI score0.10676EPSS
Exploits1
Debian
Debian
•added 2019/10/02 7:52 p.m.•325 views

[SECURITY] [DSA 4509-2] subversion update

------------------------------------------------------------------------- Debian Security Advisory DSA-4509-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 2, 2019 https://www.debian.org/security/faq -...

6.9AI score
Exploits0
Debian
Debian
•added 2019/10/01 8:27 p.m.•122 views

[SECURITY] [DSA 4540-1] openssl1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4540-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 01, 2019 https://www.debian.org/security/faq -...

4.7CVSS6.5AI score0.03838EPSS
Exploits0
Debian
Debian
•added 2019/10/01 8:19 p.m.•119 views

[SECURITY] [DSA 4539-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4539-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 01, 2019 https://www.debian.org/security/faq -...

5.3CVSS6.5AI score0.06232EPSS
Exploits0
Debian
Debian
•added 2019/10/01 1:56 p.m.•109 views

[SECURITY] [DLA 1940-1] linux-4.9 security update

Package : linux-4.9 Version : 4.9.189-3+deb9u1deb8u1 CVE ID : CVE-2019-14821 CVE-2019-14835 CVE-2019-15117 CVE-2019-15118 CVE-2019-15902 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821...

8.8CVSS7AI score0.00763EPSS
Exploits2
Debian
Debian
•added 2019/09/30 11:44 p.m.•97 views

[SECURITY] [DLA 1942-1] phpbb3 security update

Package : phpbb3 Version : 3.0.12-5+deb8u4 CVE ID : CVE-2019-16993 In phpBB, includes/acp/acpbbcodes.php had improper verification of a CSRF token on the BBCode page in the Administration Control Panel. An actual CSRF attack was possible if an attacker also managed to retrieve the session id of a...

8.8CVSS7.2AI score0.00804EPSS
Exploits0
Total number of security vulnerabilities14407