907365 matches found
DLA-896-1 icedove - security update
Bulletin has no description...
DLA-875-1 php5 - security update
Bulletin has no description...
DLA-731-1 imagemagick - security update
Bulletin has no description...
RUSTSEC-2016-0001 SSL/TLS MitM vulnerability due to insecure defaults
All versions of rust-openssl prior to 0.9.0 contained numerous insecure defaults including off-by-default certificate verification and no API to perform hostname verification. Unless configured correctly by a developer, these defaults could allow an attacker to perform man-in-the-middle attacks...
DLA-691-1 libxml2 - security update
Bulletin has no description...
DLA-661-1 libarchive - security update
Bulletin has no description...
DLA-634-1 dropbear - security update
Bulletin has no description...
DLA-626-1 phpmyadmin - security update
Bulletin has no description...
CVE-2016-2183
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...
DSA-3629-1 ntp - security update
Bulletin has no description...
DLA-479-1 xen - security update
Bulletin has no description...
DSA-3580-1 imagemagick - security update
Bulletin has no description...
DSA-3557-1 mysql-5.5 - security update
Bulletin has no description...
DSA-3456-1 chromium-browser - security update
Bulletin has no description...
DSA-3413-1 openssl - security update
Bulletin has no description...
DLA-240-1 libapache-mod-jk - security update
Bulletin has no description...
DLA-219-1 icu - security update
Bulletin has no description...
DSA-3197-2 openssl - regression update
Bulletin has no description...
DSA-3197-1 openssl - security update
Bulletin has no description...
DLA-50-1 file - security update
Bulletin has no description...
DSA-2873-1 file - several
Bulletin has no description...
DSA-2666-1 xen - several
Bulletin has no description...
DSA-2621-1 openssl - several vulnerabilities
Bulletin has no description...
DSA-2408-1 php5 - several
Bulletin has no description...
DSA-2301-2 rails - several
Bulletin has no description...
DSA-2356-1 openjdk-6 - several
Bulletin has no description...
DSA-2210-1 tiff - several
Bulletin has no description...
DSA-2143-1 mysql-dfsg-5.0 - several vulnerabilities
Bulletin has no description...
PYSEC-2010-23
FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command...
DSA-2120-1 postgresql-8.3 - privilege escalation
Bulletin has no description...
DSA-2051-1 postgresql-8.3 - several
Bulletin has no description...
DSA-1999-1 xulrunner - several vulnerabilities
Bulletin has no description...
DSA-1958-1 libtool - privilege escalation
Bulletin has no description...
DSA-1950-1 webkit - several vulnerabilities
Bulletin has no description...
DSA-1783-1 mysql-dfsg-5.0 - several vulnerabilities
Bulletin has no description...
DSA-1687-1 fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
Bulletin has no description...
DSA-1578-1 php4 - several vulnerabilities
Bulletin has no description...
DSA-1415-1 tk8.4 - buffer overflow
Bulletin has no description...
DSA-1233 kernel-source-2.6.8 - several
Bulletin has no description...
DSA-1192-1 mozilla
Bulletin has no description...
DSA-1046-1 mozilla - several
Bulletin has no description...
DSA-668-1 postgresql - privilege escalation
Bulletin has no description...
OPENSUSE-SU-2026:10913-1 golang-github-v2fly-v2ray-core-5.51.2-1.1 on GA media
These are all security issues fixed in the golang-github-v2fly-v2ray-core-5.51.2-1.1 package on the GA media of openSUSE Tumbleweed...
HSEC-2023-0009 git-annex command injection via malicious SSH hostname
git-annex command injection via malicious SSH hostname git-annex was vulnerable to the same class of security hole as git's CVE-2017-1000117. In several cases, git-annex parses a repository URL, and uses it to generate a ssh command, with the hostname to ssh to coming from the URL. If the hostnam...
ASB-A-395643490
In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
BIT-PYTHON-2025-0938 URL parser allowed square brackets in domain names
The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in...
DEBIAN-CVE-2022-49542
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 with LOGTRACEEVENT, the following hard lockup call trace hangs the system. Call Trace: rawspinlockirqsave+0x32/0x40...
SUSE-SU-2024:4367-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48853: swiotlb: fix info leak with DMAFROMDEVICE bsc1228015. - CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hcierrorreset bsc1222413. -...
GHSA-VRJR-P3XP-XX2X phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available
Summary Exposure of database ie postgreSQL server's credential when connection to DB fails. Details Exposed database credentials upon misconfig/DoS @ permalink: https://github.com/thorsten/phpMyFAQ/blob/main/phpmyfaq/src/phpMyFAQ/Setup/Installer.phpL694 PoC When postgreSQL server is unreachable, ...
RHSA-2024:9991 Red Hat Security Advisory: RHOSP 17.1.4 (openstack-tripleo-common and python-tripleoclient) security update
Bulletin has no description...