Lucene search
K
OpensuseRecent

7843 matches found

OPENSUSE Linux
OPENSUSE Linux
•added 2011/11/14 10:8 p.m.•31 views

acroread (critical)

acrobat reader was updated to version 9.4.6 to fix several security issues CVE-2011-1353, CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434, CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439, CVE-2011-2440, CVE-2011-2441, CVE-2011-2442...

9.3CVSS3.4AI score0.07964EPSS
Exploits12References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/11/04 9:8 a.m.•55 views

apache2: Fixed several security issues (important)

This update fixes several security issues in the Apache webserver. The patch for the ByteRange remote denial of service attack CVE-2011-3192 was refined and the configuration options used by upstream were added. Introduce new config option: Allow MaxRanges Number of ranges requested, if exceeded,...

7.8CVSS3.6AI score0.98945EPSS
Exploits30References3
OPENSUSE Linux
OPENSUSE Linux
•added 2011/11/03 12:8 a.m.•36 views

pam: fixing stack overflow (CVE-2011-3148), a local DoS (CVE-2011-3149) and CVE-2010-3316. (important)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed CVE-2010-3316...

4.6CVSS4.3AI score0.00696EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
•added 2011/11/02 10:8 p.m.•37 views

pam: fixing stack overflow (CVE-2011-3148) and DoS (CVE-2011-3149) (important)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files...

4.6CVSS4.8AI score0.00696EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/11/02 8:8 p.m.•40 views

rpm (CVE-2011-3378) (important)

Specially crafted rpm packages can cause memory corruption in rpm when verifying signatures CVE-2011-3378...

9.3CVSS3.9AI score0.06042EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/10/24 6:8 p.m.•17 views

opera: Release 11.52 to fix memory corruption via SVG content (important)

This update of Opera fixes a memory flaw in the code that processes SVG content which could be exploited by attackers to execute arbitrary code through specially crafted websites...

6.2AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/10/24 2:8 p.m.•30 views

krb5: fixed kdc remote denial of service ( CVE-2011-1528, CVE-2011-1529) and unauthorized file access (CVE-2011-1526) (important)

The following issues have been fixed: - CVE-2011-1528: In releases krb5-1.8 and later, the KDC can crash due to an assertion failure. - CVE-2011-1529: In releases krb5-1.8 and later, the KDC can crash due to a null pointer dereference. Both bugs could be triggered by unauthenticated remote...

7.8CVSS5.4AI score0.04177EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/10/20 5:8 p.m.•20 views

ldns (CVE-2011-3581) (important)

A boundary error in ldnsrrnewfrmstrinternal could lead to a heap-based buffer overfow when processing RR records CVE-2011-3581...

6.8CVSS2.9AI score0.04106EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/10/18 7:8 p.m.•31 views

quagga: fixing multiple vulnerabilities (important)

This update fixes the following security issues: - 718056: OSPF6D buffer overflow while decoding Link State Update with Inter Area Prefix Lsa CVE-2011-3323 - 718058: OSPF6D DoS while decoding Database Description packet CVE-2011-3324 - 718059: OSPFD DoS while decoding Hello packet CVE-2011-3325 -...

7.5CVSS1.5AI score0.07615EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
•added 2011/10/14 3:8 p.m.•10 views

seamonkey: Update to Mozilla Seamonkey 2.4.1 (important)

Mozilla Seamonkey was updated to version 2.4.1, which fixes some regressions found in the 2.4 release...

4.1AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/10/04 3:8 p.m.•47 views

MozillaThunderbird: Update to Mozilla Thunderbird 3.1.14 (important)

Mozilla Thunderbird was updated to version 3.1.14, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory...

10CVSS0.8AI score0.05312EPSS
Exploits3References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/29 4:8 p.m.•49 views

MozillaFirefox: Update to Firefox 3.6.23 (important)

Mozilla Firefox was updated to version 3.6.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption...

10CVSS1.8AI score0.04379EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/29 3:8 p.m.•60 views

seamonkey: Update to Mozilla Seamonkey 2.4 (important)

Mozilla Seamonkey was updated to version 2.4, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption...

10CVSS1.5AI score0.05312EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/29 2:8 p.m.•63 views

mozilla-xulrunner192: Update to Mozilla XULRunner 1.9.2.23 (important)

Mozilla XULRunner was updated to version 1.9.2.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory...

10CVSS1.7AI score0.04379EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/23 1:8 p.m.•33 views

jakarta-commons-daemon (important)

jsvc did not properly drop capabilities, therefore allowing applications to access files owned by the super user CVE-2011-2729...

5CVSS2.4AI score0.07243EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/09 5:8 p.m.•47 views

MozillaThunderbird: 3.1.13 (important)

This update brings Mozilla Thunderbird to 3.1.13. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml...

0.9AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/09 1:8 p.m.•11 views

MozillaFirefox: 6.0.2 (important)

This update brings Mozilla Firefox to 6.0.2. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml...

0.6AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/08 2:8 p.m.•48 views

mozilla-nss: Update 3.12.11 update (important)

This update updates mozilla nss to 3.12.11. It blacklists the lately compromised DigiNotar Certificate Authority...

2.5AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/07 5:8 p.m.•30 views

VUL-0: CVE-2011-3205: squid: buffer overflow in Gopher reply parser (important)

This update of squid3 fixes a buffer overflow vulnerability in the Gopher reply parser code CVE-2011-3205...

6.8CVSS4.5AI score0.27454EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/03 5:8 a.m.•57 views

Update SSL CA certificates (important)

This updates includes the latest SSL root certificates trusted by Mozilla as of 2011-08-31. This includes removing the DigiNotar CA...

2.4AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/09/02 6:8 p.m.•65 views

apache2: Fixed a remote denial of service via byte-ranges (important)

This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192...

7.8CVSS3.8AI score0.98945EPSS
Exploits17References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/29 9:8 p.m.•40 views

MozillaFirefox: Update to Firefox 6 (important)

Mozilla Firefox was updated to version 6. It brings new features, fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-29.ht ml Mozilla Foundation Security Advisory 2011-29 MFSA 2011-29 Miscellaneous memory safety hazards:...

10CVSS0.0544EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/29 8:8 p.m.•41 views

MozillaThunderbird: Update to 3.1.12 (important)

Mozilla Thunderbird was updated to 3.1.12 fixing various bugs and security issues: Mozilla Foundation Security Advisory 2011-32 MFSA 2011-32 http://www.mozilla.org/security/announce/2011/mfsa2011-32.ht ml Many of the issues listed below are not exploitable through mail since JavaScript is disable...

10CVSS0.3AI score0.05556EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/26 8:8 p.m.•50 views

MozillaFirefox: Update to Firefox 3.6.20 (important)

Mozilla Firefox was updated to version 3.6.20. It fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-30.ht ml Mozilla Foundation Security Advisory 2011-30 MFSA 2011-30 Miscellaneous memory safety hazards Mozilla developers...

10CVSS0.5AI score0.05556EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/26 8:8 p.m.•37 views

seamonkey: Update to Mozilla Seamonkey 2.3 (important)

Mozilla Seamonkey suite was updated to version 2.3. The update fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-33.ht ml Mozilla Foundation Security Advisory 2011-33 MFSA 2011-33 Mozilla Foundation Security Advisory 2011-...

10CVSS0.0544EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/24 9:8 p.m.•31 views

libmodplug: Fixed multiple vulnerabilities reported in <= 0.8.8.3 (important)

This update of libmodplug0 fixes the following issues: 1 An integer overflow error exists within the "CSoundFile::ReadWav" function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WA...

6.8CVSS2.7AI score0.11082EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/24 9:8 p.m.•38 views

xen: Fixed a security bug and various other bugs (important)

Security / Collective Update for Xen Xen: - bnc702025 - VUL-0: xen: VT-d PCI passthrough MSI trap injection CVE-2011-1898 - bnc703924 - update block-npiv scripts to support BFA HBA - bnc689954 - L3: Live migrations fail when guest crashes: domaincrashsync called from entry.S - bnc693472 - Bridge...

7.4CVSS6.9AI score0.00852EPSS
Exploits1References9
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/23 6:8 p.m.•46 views

mozilla-nss: Update to 3.12.11 (important)

The mozilla NSS libraries were updated to 3.12.11 to align with newer Mozilla seamonkey and Firefox releases. Interesting changes are: - blacklisting malicious root certificates - several bugfixes...

2.5AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/12 9:8 p.m.•42 views

ecryptfs-utils: Update to fix various symlink race attacks (important)

This update of ecryptfs-utils fixes several security problems: - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 -...

4.6CVSS0.8AI score0.00382EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/12 5:8 a.m.•36 views

flash-player (critical)

The update to Flash-Player 10.3.188.5 fixes various security issues: - CVE-2011-2130: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P - CVE-2011-2134: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P - CVE-2011-2135: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P - CVE-2011-2136: CVSS v2...

10CVSS2.7AI score0.82258EPSS
Exploits18References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/08/10 1:8 p.m.•32 views

apache2-mod_fcgid: fixed possible stack overflow due to wrong pointer arithmetic (CVE-2010-3872) (important)

A possible stack overflow in apache2-modfcgid due to wrong pointer arithmetic has been fixed. CVE-2010-3872 has been assigned to this issue...

7.2CVSS3.5AI score0.02772EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/07/28 12:8 a.m.•56 views

freetype: Fixed several off-by-one / length checks missing (important)

This freetype2 update fixes sign extension problems and missing length checks. This issue was used in one of the last jailbreakme exploits for Apple iPhone/iPad products. CVE-2011-0226...

9.3CVSS2.1AI score0.06646EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/07/27 4:8 p.m.•45 views

compat-openssl097g (important)

This update adds openssl patches since 2007 for: - CVE-2008-5077 - CVE-2009-0590 - CVE-2009-0789 - CVE-2009-3555 - CVE-2010-4180...

5.8CVSS1.7AI score0.87264EPSS
Exploits15References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/07/19 5:8 a.m.•39 views

kvm (important)

A privileged guest user could cause a buffer overflow in the virtio subsystem of the host, therefore crashing the guest or potentially execute arbitrary code on the host CVE-2011-2212, CVE-2011-2512...

7.4CVSS4.2AI score0.01903EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
•added 2011/07/19 1:6 a.m.•40 views

bind: fixing remote Denial of Service (CVE-2011-2464) (important)

A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers recursive as well as authoritative to exit. CVE-2011-2464 has been assigned to this issue...

5CVSS5.9AI score0.19265EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/07/19 1:6 a.m.•14 views

mariadb: Fixed missing innodb support after last update (critical)

The last security version upgrade of MariaDB a MySQL fork removed innodb support, breaking old databases. This update fixes this problem. - 704811: mariadb "security update" breaks database...

4AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/30 9:8 p.m.•39 views

MozillaThunderbird: Update to Thunderbird 3.1.11 (important)

Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues: MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards MFSA 2011-20/CVE-2011-2373 bmo617247 Use-after-fre...

10CVSS2.4AI score0.75691EPSS
Exploits19References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/28 1:8 p.m.•63 views

java-1_6_0-openjdk (important)

Icedtea as included in java-160-openjdk was updated to fix several security issues: S6213702, CVE-2011-0872: so non-blocking sockets with TCP urgent disabled get still selected for read ops win S6618658, CVE-2011-0865: Vulnerability in deserialization S7012520, CVE-2011-0815: Heap overflow...

10CVSS1.1AI score0.06277EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/24 9:8 p.m.•32 views

subversion: security udpate (important)

Subversion was updated to version 1.6.17 to fix several security issues: - CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes al...

5CVSS0.6AI score0.08483EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/24 9:8 p.m.•36 views

subversion security udpate (important)

CVE-2011-1752: The moddavsvn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The moddavsvn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The moddavsvn Apache...

5CVSS1.1AI score0.08483EPSS
Exploits2References3
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/24 3:8 p.m.•18 views

opera (important)

opera 11.11 fixes a security vulnerability. Citing http://www.opera.com/support/kb/view/992/: Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a memory corruption. To inject code, additional...

0.9AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/15 3:8 p.m.•31 views

flash-player: Update to 10.3.181.26 (critical)

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability CVE-2011-2110 could cause a crash and potentiall...

10CVSS4.9AI score0.86421EPSS
Exploits11References1
OPENSUSE Linux
OPENSUSE Linux
•added 2011/06/14 7:8 p.m.•53 views

Oracle Java 26 (critical)

Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujun e2011-313339.html CVE-2011-0862, CVE-2011-0873, CVE-2011-0815, CVE-2011-0817, CVE-2011-0863, CVE-2011-0864,...

10CVSS1.1AI score0.06277EPSS
Exploits0References1
Total number of security vulnerabilities7843