Lucene search
K
OpensuseRecent

7848 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2014/12/05 10:6 a.m.37 views

Security update for flash-player (important)

flash-player was updated to fix one security issue. This security issue was fixed: - Hardening against a code execution flaw CVE-2014-8439...

10CVSS0.8AI score0.20008EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/12/05 10:4 a.m.39 views

Security update for clamav (important)

clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed: - Support f...

5CVSS0.6AI score0.04878EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2014/11/27 8:5 a.m.33 views

Security update for flashplayer to version 11.2.202.424 (critical)

Flash player was updated to latest version 11.2.202.424 which provide additional hardening against CVE-2014-8439...

10CVSS2AI score0.20008EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2014/11/18 12:4 p.m.50 views

Security update for flash-player (important)

flash-player was updated to version 11.2.202.418 to fix 18 security issues. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution CVE-2014-0576, CVE-2014-0581, CVE-2014-8440, CVE-2014-8441. - Use-after-free vulnerabilities that could lead to code...

10CVSS2.2AI score0.81943EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/10/29 4:5 p.m.42 views

update for openssl (important)

The following issues were fixed in this release: CVE-2014-3566: SSLv3 POODLE attack bnc901223 CVE-2014-3513, CVE-2014-3567: DTLS memory leak and session ticket memory leak...

7.1CVSS2.5AI score0.99999EPSS
Exploits7References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/10/09 1:9 p.m.36 views

xen: security and bugfix update (important)

XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...

8.3CVSS1.1AI score0.04554EPSS
Exploits0References14
OPENSUSE Linux
OPENSUSE Linux
added 2014/10/09 1:4 p.m.36 views

xen: security and bugfix update (important)

XEN was updated to fix various bugs and security issues. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-715...

8.3CVSS0.5AI score0.04554EPSS
Exploits0References18
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/29 2:4 p.m.62 views

bash (critical)

bash was updated to fix command injection via environment variables. CVE-2014-6271,CVE-2014-7169 Also a hardening patch was applied that only imports functions over BASHFUNC prefixed environment variables. Also fixed: CVE-2014-7186, CVE-2014-7187: bad handling of HERE documents and for loop issue...

10CVSS2.1AI score0.99999EPSS
Exploits141References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 9:4 p.m.50 views

update for bash (important)

This update for bash completely disables the importing of shell functions from the environment and thereby remove the exposure of the parser from untrusted/harmful environment...

3.3AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:10 p.m.65 views

bash (important)

The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...

10CVSS1.2AI score0.99999EPSS
Exploits141References3
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:9 p.m.76 views

Important security fix for bash that allows the injection of commands. (important)

This update fixes a bug in the bash shell that allows an attacker to execute arbitrary commands upon shell invocation if he can control the shell's environment. This is particularly dangerous if the shell is used as a cgi interpreter for a web server, or if the shell handles untrusted input...

10CVSS3.3AI score0.99999EPSS
Exploits130References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:7 p.m.30 views

mozilla-nss: update to avoid signature forgery (critical)

Mozilla NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates...

7.5CVSS3.4AI score0.1617EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:5 p.m.58 views

bash (important)

The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...

10CVSS1.2AI score0.99999EPSS
Exploits141References3
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:4 p.m.46 views

bash: security and bugfix update (critical)

bash was updated to fix a critical security issue, a minor security issue and bugs: In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash...

10CVSS0.6AI score0.99999EPSS
Exploits130References3
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/28 12:4 p.m.38 views

NSS update to avoid signature forgery (critical)

NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates...

7.5CVSS3.3AI score0.1617EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/22 3:4 p.m.35 views

chromium to 37.0.2062.94 (important)

Chromium was updated to 37.0.2062.94 containing security Fixes bnc893720. A full list of changes is available in the log: https://chromium.googlesource.com/chromium/src/+log/36.0.1985.0..37.0.2062. 0?pretty=full This update includes 50 security fixes. Below, we highlight fixes that were either...

10CVSS0.2AI score0.09758EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/17 11:4 p.m.40 views

curl (important)

libcurl was updated to fix security issues: CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned or used for other numeric IP hosts if portions of the numerics were the same. CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains, making them to broad...

5CVSS0.8AI score0.07432EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/16 1:4 a.m.42 views

update flash-player to 11.2.202.40 (important)

Adobe Flash Player was updated to 11.2.202.406 bnc895856: APSB14-21, CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559 More information can be found on:...

10CVSS0.8AI score0.84178EPSS
Exploits7References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/15 9:4 a.m.29 views

LibreOffice: two security fixes (important)

This update fixes memory corruption vulnerability in DOCM import and data exposure using crafted OLE objects...

6.8CVSS2.4AI score0.09864EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/11 9:4 a.m.48 views

glibc (important)

glibc was updated to fix three security issues: - A directory traversal in locale environment handling was fixed CVE-2014-0475, bnc887022, GLIBC BZ 17137 - Disable gconv transliteration module loading which could be used for code execution CVE-2014-5119, bnc892073, GLIBC BZ 17187 - Fix crashes on...

7.5CVSS2.5AI score0.18099EPSS
Exploits5References3
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/11 9:4 a.m.22 views

procmail: fixed a heap overflow in formail (important)

procmail was updated to fix a heap-overflow in procmail's formail utility when processing specially-crafted email headers bnc894999, CVE-2014-3618...

7.5CVSS3.3AI score0.08525EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/10 5:4 p.m.41 views

flash-player to 11.2.202.40 (important)

Adobe Flash Player was updated to 11.2.202.406 bnc895856: APSB14-21, CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559 More information can be found on:...

10CVSS0.9AI score0.84178EPSS
Exploits7References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/09 6:4 p.m.91 views

Firefox update to 31.1esr (important)

This patch contains security updates for mozilla-nss 3.16.4 - The following 1024-bit root CA certificate was restored to allow more time to develop a better transition strategy for affected sites. It was removed in NSS 3.16.3, but discussion in the mozilla.dev.security.policy forum led to the...

10CVSS3AI score0.87264EPSS
Exploits276References72
OPENSUSE Linux
OPENSUSE Linux
added 2014/09/09 12:7 p.m.46 views

MozillaThunderbird: Update to 31.1 release (important)

MozillaThunderbird was updated to Thunderbird 31.1.0 bnc894370, fixinfg security issues: MFSA 2014-67/CVE-2014-1553/CVE-2014-1562 Miscellaneous memory safety hazards MFSA 2014-68/CVE-2014-1563 bmo1018524 Use-after-free during DOM interactions with SVG MFSA 2014-69/CVE-2014-1564 bmo1045977...

10CVSS1.6AI score0.05801EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/16 5:4 p.m.37 views

update for flash-player (critical)

This critical flash-player update fixes the following CVEs: - Security update to 11.2.202.400 bnc891688: APSB14-18, CVE-2014-0538, CVE-2014-0540, CVE-2014-0541, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545...

10CVSS2.1AI score0.07552EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/14 1:4 p.m.30 views

update for flash-player (critical)

This critical flash-player update fixes the following CVEs: - Security update to 11.2.202.400 bnc891688: APSB14-18, CVE-2014-0538, CVE-2014-0540, CVE-2014-0541, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545...

10CVSS2.1AI score0.07552EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/11 12:4 p.m.72 views

kernel: security and bugfix update (important)

The Linux kernel was updated to fix security issues and bugs: Security issues fixed: CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users ...

9.3CVSS3.8AI score0.05926EPSS
Exploits15References16
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/11 10:9 a.m.30 views

chromium: update to 36.0.1985.125 (important)

Chromium was updated to version 36.0.1985.125. New Functionality: Rich Notifications Improvements An Updated Incognito / Guest NTP design The addition of a Browser crash recovery bubble Chrome App Launcher for Linux Lots of under the hood changes for stability and performance Security Fixes...

7.5CVSS0.4AI score0.01745EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/11 10:5 a.m.40 views

MozillaThunderbird: Update to 24.7.0 (important)

MozillaThunderbird was updated to Thunderbird 24.7.0 bnc887746 MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-61/CVE-2014-1555 bmo1023121 Use-after-free with FireOnStateChange event MFSA 2014-62/CVE-2014-1556 bmo1028891 Exploitable WebGL crash with Cesium...

10CVSS0.7AI score0.06109EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/07 11:4 p.m.56 views

security issues addressed, most notably the mod_security heap overflow known as CVE-2014-0226 (important)

apache2: - ECC support was added to modssl - fix for a race condition in modstatus known as CVE-2014-0226 can lead to information disclosure; modstatus is not active by default, and is normally only open for connects from localhost. - fix for bug known as CVE-2014-0098 that can crash the apache...

6.8CVSS0.2AI score0.85744EPSS
Exploits8References6
OPENSUSE Linux
OPENSUSE Linux
added 2014/08/01 3:4 p.m.51 views

kernel: security and bugfix update (important)

The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a...

6.9CVSS3.4AI score0.05926EPSS
Exploits16References11
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/31 8:19 a.m.33 views

ppc64-diag: fix for tmp races and information disclosure (important)

ppc64-diag was updated to fix tmp race issues CVE-2014-4038 and a file disclosure problem in snapshot tarball generation CVE-2014-4039...

4.4CVSS2.1AI score0.00377EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/30 9:20 p.m.38 views

ppc64-diag: fix for tmp races and information disclosure (important)

ppc64-diag was updated to fix tmp race issues CVE-2014-4038 and a file disclosure problem in snapshot tarball generation CVE-2014-4039...

4.4CVSS2.1AI score0.00377EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/30 8:47 p.m.62 views

Mozilla updates 07/2014 (important)

update to Firefox 24.7.0 and Thunderbird 24.7.0 including fixes for MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-61/CVE-2014-1555 bmo1023121 Use-after-free with FireOnStateChange event MFSA 2014-62/CVE-2014-1556 bmo1028891 Exploitable WebGL crash with...

10CVSS1.6AI score0.06109EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/30 8:43 p.m.60 views

MozillaFirefox: Update to Mozilla Firefox 31 (important)

MozillaFirefox was updated to version 31 to fix various security issues and bugs: MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback MFSA 2014-58/CVE-2014-1550 bmo1020411...

10CVSS0.5AI score0.06109EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/17 9:4 a.m.27 views

flash-player (critical)

Security update to 11.2.202.394 bnc886472: APSB14-17, CVE-2014-0537, CVE-2014-0539, CVE-2014-4671 - License update LICENSE - Flash%20Player14.0.pdf...

7.5CVSS1AI score0.23024EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/16 12:4 p.m.32 views

flash-player (critical)

Security update to 11.2.202.394 bnc886472: APSB14-17, CVE-2014-0537, CVE-2014-0539, CVE-2014-4671 - License update LICENSE - Flash%20Player14.0.pdf...

7.5CVSS1AI score0.23024EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/08 8:4 p.m.57 views

kernel update fixes local privilege escalation and a regression causing a crash if IPsec peer is unavailable (important)

kernel update for Evergreen 11.4 fixes local privilege escalation in futex code bnc880892 / CVE-2014-3153 and a regression causing a crash if IPsec peer is unavailable...

7.2CVSS2.9AI score0.37233EPSS
Exploits15References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/07/01 12:4 p.m.57 views

kernel: security and bugfix release (important)

The Linux kernel was updated to fix security issues and bugs: Security issues fixed: CVE-2014-3153: The futexrequeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEXREQUEUE...

7.2CVSS4.9AI score0.37233EPSS
Exploits27References8
OPENSUSE Linux
OPENSUSE Linux
added 2014/06/25 9:4 a.m.55 views

kernel: security and bugfix update (important)

The Linux kernel was updated to fix security issues and bugs. Security issues fixed: CVE-2014-3153: The futexrequeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEXREQUEUE...

7.2CVSS3.6AI score0.37233EPSS
Exploits29References24
OPENSUSE Linux
OPENSUSE Linux
added 2014/06/16 8:4 a.m.39 views

Mozilla updates 2014/06 (critical)

These updates contain the latest security and maintenance updates for - Mozilla Firefox 24.6esr - Mozilla Thunderbird 24.6 - Mozilla NSPR is also updated to 4.10.6 to fix MFSA 2014-48/CVE-2014-1533/CVE-2014-1534 Miscellaneous memory safety hazards MFSA...

10CVSS1.3AI score0.06381EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/06/06 12:23 p.m.38 views

gnutls: Fixed possible memory corruption (important)

gnutls was patched to fix security vulnerability that could be used to disrupt service or potentially allow remote code execution. - Memory corruption during connect CVE-2014-3466 - NULL pointer dereference in gnutlsx509dnoidname CVE-2014-3465...

6.8CVSS3.8AI score0.11221EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/06/06 12:4 p.m.83 views

update to version 1.0.0m (critical)

The openssl library was updated to version 1.0.0m fixing various security issues and bugs: Security issues fixed: - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. -...

6.8CVSS2.8AI score0.99977EPSS
Exploits13References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/06/06 11:4 a.m.69 views

openssl: update to version 1.0.1h (critical)

The openssl library was updated to version 1.0.1h fixing various security issues and bugs: Security issues fixed: - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. -...

6.8CVSS2.7AI score0.99977EPSS
Exploits13References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/06/06 11:4 a.m.35 views

gnutls: Fixed possible memory corruption and NULL pointer dereference (important)

gnutls was patched to fix two security vulnerabilities that could be used to disrupt service or potentially allow remote code execution. - Memory corruption during connect CVE-2014-3466 - NULL pointer dereference in gnutlsx509dnoidname CVE-2014-3465...

6.8CVSS3.7AI score0.11221EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2014/05/19 2:10 p.m.40 views

kernel: security and bugfix update (important)

This Linux kernel security update fixes various security issues and bugs. The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed: A security issue in the tty layer that was fixed that could be used by local attackers for code execution CVE-2014-0196. Two...

10CVSS7.4AI score0.22475EPSS
Exploits11References40
OPENSUSE Linux
OPENSUSE Linux
added 2014/05/19 2:4 p.m.49 views

kernel: security and bugfix update (important)

The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed: A security issue in the tty layer that was fixed that could be used by local attackers for code execution CVE-2014-0196. Two security issues in the floppy driver were fixed that could be used by loca...

10CVSS7.6AI score0.22475EPSS
Exploits13References26
OPENSUSE Linux
OPENSUSE Linux
added 2014/05/01 9:4 p.m.31 views

update for flash-player (critical)

This flash-player update fixes a critical buffer overflow vulnerability that leads to arbitrary code execution. The flash-player package was updated to version 11.2.202.356. bnc875577, APSB14-13, CVE-2014-0515...

10CVSS5.7AI score0.94569EPSS
Exploits9References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/04/30 10:5 a.m.36 views

update for flash-player (critical)

This flash-player update fixes a critical buffer overflow vulnerability that leads to arbitrary code execution. The flash-player package was updated to version 11.2.202.356. bnc875577, APSB14-13, CVE-2014-0515...

10CVSS5.7AI score0.94569EPSS
Exploits9References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/04/30 9:4 a.m.50 views

MozillaThunderbird,seamonkey (important)

Mozilla Thunderbird was updated to 24.4.0. Mozilla SeaMonkey was updated to 2.25. MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards MFSA 2014-17/CVE-2014-1497 bmo966311 Out of bounds read during WAV file decoding MFSA 2014-18/CVE-2014-1498 bmo935618...

9.3CVSS1AI score0.83633EPSS
Exploits20References1
Total number of security vulnerabilities7848