6007 matches found
Updated tcpflow packages fix security vulnerability
Updated tcpflow package fixes security vulnerability: A stack-based buffer over-read exists in setbit at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an addresshistogram call or a gethistogram call CVE-2018-18409...
Updated mumble packages fix security vulnerability
It was discovered that insufficient restrictions in the connection handling of Mumble, a low latency encrypted VoIP client, could result in denial of service CVE-2018-20743...
Updated gpac packages fix security vulnerability
It was discovered that the GPAC MP4Box utility incorrectly handled certain memory operations. If an user or automated system were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service, or possibly execu...
Updated mbedtls packages fix security vulnerability
A vulnerability was found in mbedTLS which allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-ECDHE cipher suites CVE-2018-19608...
Updated jhead package fixes security vulnerabilities
The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling CVE-2018-16554. The ProcessGpsInfo...
Updated lcms2 packages fix security vulnerability
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. CVE-2018-16435...
Updated libcgroup packages fix security vulnerability
The cgrulesengd daemon cgred in libcgroup through version 0.41 creates log files /var/log/cgred with world readable and writable permissions 0o666 due to a reset of the file mode creation mask umask0 in the daemon/cgrulesengd.c:cgrestartdaemon function CVE-2018-14348...
Updated flash-player-plugin packages fix security vulnerability
Updated flash-player-plugin packages fix security vulnerability: Successful exploitation of the currently un-disclosed vulerability could lead to information disclosure CVE-2018-15967...
Updated rust packages fix security vulnerability
The Rust Programming Language rustdoc version before version 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the...
Updated roundcubemail packages fix security vulnerability
Updated roundcubemail package fixes security vulnerability: This update fixes a recently discovered IMAP command injection vulnerability caused by insufficient input validation within the archive plugin. CVE-2018-9846...
Updated miniupnpc packages fix security vulnerability
It was discovered that miniupnpc contained a heap buffer overflow in parseelt minixml.c - no CVE assigned. It was discovered that miniupnpc also contained a memory corruption invalid read, SIGSEGV in NameValueParserEndElt upnpreplyparse.c while handling two consecutive malformed SOAP requests...
Updated qpdf packages fix security vulnerability
A flaw was found in QPDF through 8.0.2. libqpdf.a mishandles certain 'expected dictionary key but found non-name object' cases, allowing remote attackers to cause a denial of service stack exhaustion, related to the QPDFObjectHandle and QPDFDictionary classes CVE-2018-9918...
Updated transmission packages fix a security vulnerability
Updated transmission packages fix security vulnerability: Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent client; insecure RPC handling between the Transmission daemon and the client interfaces may result in the execution of arbitrary code if a user visits a malicious...
Updated 389-ds-base packages fix security vulnerability
It was discovered that a lack of size check in slapictmemcmp function may lead to authentication bypass through pre-hashed userPassword attributes under highly specific circumstances CVE-2017-15135...
Updated jupyter-notebook packages fix security vulnerability
CVE-2018-8768: In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...
Updated zsh packages fix security vulnerabilities
Zsh has been updated to fix 4 security issues. In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 In utils.c in zsh before 5.4, symlink expansion had a buff...
Updated irssi packages fix security vulnerability
Null pointer dereference when an "empty" nick has been observed by Irssi CVE-2018-7050. Certain nick names could result in out of bounds access when printing theme strings CVE-2018-7051. When the number of windows exceed the available space, Irssi would crash due to Null pointer dereference...
Updated poppler packages fix security vulnerability
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. CVE-2017-1000456...
Updated backintime packages fix security vulnerability
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
Updated emacs packages fix security vulnerability
Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data e.g. when using Emacs-based mail clients CVE-2017-14482...
Updated xrdp packages fix security vulnerability
The scpv0saccept function in sesman/libscp/libscpv0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted input...
Updated libxcursor packages fix security vulnerability
Heap overflows when parsing malicious files. CVE-2017-16612...
Updated libidn packages fix security vulnerability
Integer overflow in the decodedigit function in punydecode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. CVE-2017-14062...
Updated groovy18 packages fix security vulnerability
When an application has Groovy on the classpath and that it uses standard Java serialization mechanism to communicate between servers, or to store local data, it is possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications whi...
Updated postgresql9.3/4/6 packages fix security vulnerabilities
libpq, and by extension any connection driver that utilizes libpq, ignores empty passwords and does not transmit them to the server. When using libpq or a libpq-based connection driver to perform password-based authentication methods, it would appear that setting an empty password would be the...
Updated flash-player-plugin packages fix security vulnerabilities
This update upgrades Flash Player to version 26.0.0.151. Security Fixes: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF fil...
Updated graphicsmagick packages fix security vulnerability
Invalid memory read in SetImageColorCallBack in image.c CVE-2017-12935. Use-after-free in ReadWMFImage in wmf.c CVE-2017-12936. Heap-based buffer overflow in ReadSUNImage in sun.c CVE-2017-12937...
Updated phpldapadmin packages fix security vulnerability
phpLDAPadmin through 1.2.3 has XSS in htdocs/entrychooser.php via the form, element, rdn, or container parameter CVE-2017-11107...
Updated mpg123 packages fix security vulnerabilities
The nexttext function in src/libmpg123/id3.c in mpg123 1.24.0 allows remote attackers to cause a denial of service buffer over-read via a crafted mp3 file CVE-2017-9545. Invalid read of size 1 in ID3v2 parser due to forgotten offset from the frame flag bytes CVE-2017-10683. Extend pow tables for...
Updated libquicktime packages fix security vulnerabilities
A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed CVE-2017-9122. An invalid memory read in lqtframeduration via a crafted mp4 file was fixed CVE-2017-9123. A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed CVE-2017-9124. A DoS in...
Updated sane packages fix security vulnerability
saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory CVE-2017-6318...
Updated gstreamer packages fix security vulnerability
Out of bounds heap read in windowsicontypefind in gst/typefind/gsttypefindfunctions.c CVE-2016-9811...
Updated tar packages fix security vulnerability
Harry Sintonen discovered that GNU tar does not properly handle member names containing '..', thus allowing an attacker to bypass the path names specified on the command line and replace files and directories in the target directory CVE-2016-6321...
Updated quagga packages fix security vulnerability
It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages CVE-2016-1245...
Updated php-adodb packages fix security vulnerabilities
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting. CVE-2016-7405 Cross Site Scripting vulnerability in test script CVE-2016-4855...
Updated php-ZendFramework packages fix security vulnerability
The implementation of ORDER BY and GROUP BY in ZendDbSelect remained prone to SQL injection when a combination of SQL expressions and comments were used. This security patch provides a comprehensive solution that identifies and removes comments prior to checking validity of the statement to ensur...
Updated flash-player-plugin package fixes security vulnerabilities
Adobe Flash Player 11.2.202.637 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution CVE-2016-6992. This...
Updated jasper packages fix security vulnerability
A double-free issue in JasPer 1.900.1 in the jasperimagestopload function can cause a denial of service if a specially crafted JPEG image is loaded CVE-2015-5203. A use-after-free which leads to double-free vulnerability was found in Jasper JPEG-2000 library, in src/libjasper/mif/mifcod.c file...
Updated dhcpcd packages fix security vulnerability
The printoption function in dhcp-common.c in dhcpcd through 6.10.2 misinterprets the return value of the snprintf function, which allows remote DHCP servers to execute arbitrary code or cause a denial of service memory corruption via a crafted message CVE-2014-7913. The dhcpcd package has been...
Updated varnish packages fix CVE-2015-8852
Updated varnish packages fix security vulnerabilities: Régis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies CVE-2015-8852...
Updated moodle packages fix security vulnerability
In Moodle before 2.8.11, teachers who otherwise were not supposed to see students' emails could see them in the participants list CVE-2016-2151. In Moodle before 2.8.11, Moodle traditionally trusted content from external DB, however it was decided that external datasources may not be aware of web...
Updated phpmyadmin package fixes security vulnerability
Content spoofing vulnerability when redirecting user to an external site CVE-2015-7873...
Updated kdepim package fixes security vulnerability
This update fixes a security vulnerability in kdepim : kmail doesn't encrypt attachments when "automatic encryption" is selected CVE-2014-8878...
Updated rabbitmq-server packages fix security vulnerabilities
Updated rabbitmq-server package fixes security vulnerabilities: RabbitMQ before 3.4.1 does not prevent /api/ from returning text/html error messages which could act as an XSS vector CVE-2014-9649. RabbitMQ before 3.4.1 has a response-splitting vulnerability in /api/downloads CVE-2014-9650. In...
Updated jackrabbit packages fix CVE-2015-1833
Updated jackrabbit packages fix security vulnerability: In Apache Jackrabbit before 2.4.6, When processing a WebDAV request body containing XML, the XML parser can be instructed to read content from network resources accessible to the host, identified by URI schemes such as "https" or "file"...
Updated pdns & pdns-recursor packages fix CVE-2015-1868
Updated pdns and pdns-recursor packages fix security vulnerability: A bug was discovered in the label decompression code in PowerDNS and PowerDNS Recursor, making it possible for names to refer to themselves, thus causing a loop during decompression. On some platforms, this bug can be abused to...
Updated quassel packages fix security vulnerabilities
Updated quassel packages fix security vulnerabilities: Quassel could crash when receiving an overlength CTCP query containing only multibyte characters CVE-2015-2778. Quassel could incorrectly split a message in the middle of a multibyte character, leading to a denial of service CVE-2015-2779...
Updated less packages fix CVE-2014-9488
Updated less package fixes security vulnerability: Malformed UTF-8 data could have caused an out of bounds read in the UTF-8 decoding routines, causing an invalid read access CVE-2014-9488...
Updated ruby packages fix CVE-2014-8080
Updated ruby packages fix security vulnerability: Due to unrestricted entity expansion, when reading text nodes from an XML document, the REXML parser in Ruby can be coerced into allocating extremely large string objects which can consume all of the memory on a machine, causing a denial of servic...