25946 lines
2.3 MiB
25946 lines
2.3 MiB
# $NetBSD: pkg-vulnerabilities,v 1.154 2024/03/25 03:09:27 jnemeth Exp $
|
|
#
|
|
#FORMAT 1.0.0
|
|
#
|
|
# Please read "Handling packages with security problems" in the pkgsrc
|
|
# guide before editing this file.
|
|
#
|
|
# Note: NEVER remove entries from this file; this should document *all*
|
|
# known package vulnerabilities so it is entirely appropriate to have
|
|
# multiple entries in this file for a single package, and to contain
|
|
# entries for packages which have been removed from pkgsrc.
|
|
#
|
|
# New entries should be added at the end of this file.
|
|
#
|
|
# Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after
|
|
# making changes to this file.
|
|
#
|
|
# The command to run for this update is "./pkg-vuln-update.sh", but it needs
|
|
# access to the private GPG key for pkgsrc-security.
|
|
#
|
|
# If you have comments/additions/corrections, please contact
|
|
# pkgsrc-security@NetBSD.org.
|
|
#
|
|
# Note: If this file format changes, please do not forget to update
|
|
# pkgsrc/mk/scripts/genreadme.awk which also parses this file.
|
|
#
|
|
# package type of exploit URL
|
|
cfengine<1.5.3nb3 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-013.txt.asc
|
|
navigator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html
|
|
navigator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc
|
|
communicator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html
|
|
communicator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc
|
|
pine<4.30 remote-user-shell http://www.securityfocus.com/bid/1709
|
|
pine<4.21nb1 denial-of-service http://www.securityfocus.com/advisories/2646
|
|
imap-uw<4.7c6 denial-of-service http://www.securityfocus.com/advisories/2646
|
|
screen<3.9.5nb1 local-root-shell http://www.securityfocus.com/advisories/2634
|
|
ntop<1.1 remote-root-shell http://www.securityfocus.com/advisories/2520
|
|
wu-ftpd<2.6.1 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-010.txt.asc
|
|
wu-ftpd<2.4.2b18.2 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc
|
|
xlockmore<4.17 local-root-file-view ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-003.txt.asc
|
|
lsof<4.41 local-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-005.txt.asc
|
|
wu-ftpd<2.6.0 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc
|
|
racoon<20001004a local-root-file-view http://mail-index.NetBSD.org/tech-net/2000/09/24/0000.html
|
|
global<3.56 remote-user-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=11165
|
|
apache<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3
|
|
apache6<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3
|
|
thttpd<2.20 remote-user-access http://www.dopesquad.net/security/advisories/20001002-thttpd-ssi.txt
|
|
bind<8.2.2.7 denial-of-service http://www.isc.org/products/BIND/bind-security.html
|
|
gnupg<1.0.4 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001017
|
|
pine<=4.21 remote-root-shell ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc
|
|
navigator<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc
|
|
navigator3<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc
|
|
openssh<2.3.0 weak-authentication http://www.openbsd.org/errata27.html#sshforwarding
|
|
ethereal<=0.8.13 remote-root-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Ffromthread%3D1%26end%3D2000-11-25%26mid%3D145761%26start%3D2000-11-19%26list%3D1%26threads%3D0%26
|
|
php<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3
|
|
php-gd<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3
|
|
php-ldap<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3
|
|
php-mysql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3
|
|
php-pgsql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3
|
|
php-snmp<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3
|
|
racoon<20001211a denial-of-service http://www.kame.net/
|
|
LPRng<3.6.25 remote-root-shell http://www.cert.org/advisories/CA-2000-22.html
|
|
jakarta-tomcat<3.1.1 remote-server-admin http://jakarta.apache.org/site/news.html
|
|
jakarta-tomcat<3.2.3 cross-site-html http://www.securityfocus.com/bid/2982
|
|
fsh<1.1 local-root-file-view http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1135
|
|
bitchx<1.0.3.17nb1 remote-user-shell http://www.securityfocus.com/bid/2087
|
|
namazu<1.3.0.11 remote-file-creation http://www.namazu.org/security.html.en
|
|
zope<2.2.5 weak-authentication http://www.zope.org/Products/Zope/
|
|
bind<8.2.3 remote-root-shell http://www.cert.org/advisories/CA-2001-02.html
|
|
suse{,32}_base<6.4nb2 local-root-shell http://www.suse.com/de/support/security/2001_001_glibc_txt.txt
|
|
ja-micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv
|
|
micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv
|
|
ssh<1.2.27nb1 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
|
|
ssh6<=1.2.31 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
|
|
openssh<2.3.0 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
|
|
camediaplay<20010211 local-user-shell ftp://ftp.itojun.org/pub/digi-cam/C-400/unix/README
|
|
analog<4.16 remote-user-shell http://www.analog.cx/security2.html
|
|
gnupg<1.0.4nb3 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001130
|
|
xemacs<21.1.14 remote-user-shell http://list-archive.xemacs.org/xemacs-announce/200102/msg00000.html
|
|
sudo<1.6.3p6 local-root-shell http://www.openbsd.org/errata36.html#sudo
|
|
Mesa-glx<=20000813 local-root-shell http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3?dis=7.2
|
|
apache<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html
|
|
apache6<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html
|
|
exmh<2.3 local-symlink-race http://www.beedub.com/exmh/symlink.html
|
|
samba<2.0.8 local-symlink-race http://www.securityfocus.com/templates/archive.pike?list=1&mid=177370
|
|
hylafax<4.1b3 local-root-shell http://www.securityfocus.com/archive/1/176716
|
|
squirrelmail<1.0.5 remote-user-access http://www.geocrawler.com/lists/3/SourceForge/599/500/5567091/
|
|
kdelibs-2.1 local-root-shell http://dot.kde.org/988663144/
|
|
icecast<1.3.10 remote-user-access http://www.securityfocus.com/bid/2264
|
|
joe<2.8nb1 local-file-write http://www.securityfocus.com/bid/1959
|
|
joe<2.8nb1 local-user-shell http://www.securityfocus.com/bid/2437
|
|
openssh<2.9.2 remote-file-write http://www.openbsd.org/errata.html#sshcookie
|
|
w3m<0.2.1.0.19nb1 remote-user-shell http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html
|
|
samba<2.0.10 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html
|
|
samba-2.2.0 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html
|
|
samba-2.2.0nb1 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html
|
|
fetchmail<5.8.8 remote-user-access http://www.securityfocus.com/vdb/?id=2877
|
|
openldap<1.2.12 denial-of-service http://www.cert.org/advisories/CA-2001-18.html
|
|
horde<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495
|
|
imp<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495
|
|
fetchmail<5.8.17 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D203165
|
|
windowmaker<0.65.1 remote-user-shell http://www.debian.org/security/2001/dsa-074
|
|
sendmail<8.11.6 local-root-shell ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES
|
|
gnut<0.4.27 remote-script-inject http://www.gnutelliums.com/linux_unix/gnut/
|
|
screen<3.9.10 local-root-shell http://lists.opensuse.org/opensuse-security-announce/2000-Sep/0005.html
|
|
openssh<2.9.9.2 remote-user-access http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=216702&start=2001-09-23&end=2001-09-29
|
|
w3m<0.2.1.0.19nb2 weak-authentication http://mi.med.tohoku.ac.jp/~satodai/w3m-dev/200109.month/2226.html
|
|
procmail<3.20 local-root-shell http://www.somelist.com/mail.php/282/view/1200950
|
|
slrn<0.9.7.2nb1 remote-script-inject http://slrn.sourceforge.net/patches/index.html#subsect_decode
|
|
nvi-m17n<1.79.19991117 local-user-shell http://www.securityfocus.com/archive/1/221880
|
|
mgetty<1.1.22 denial-of-service ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A71.mgetty.asc
|
|
kdeutils-2.2.1 local-root-shell http://lists.kde.org/?l=kde-announce&m=100535642201983&w=2
|
|
imp<2.2.7 remote-file-view http://www.securityfocus.com/archive/1/225686
|
|
libgtop<1.0.12nb1 remote-user-shell http://www.intexxia.com/
|
|
wu-ftpd<=2.6.1 remote-root-shell http://msgs.securepoint.com/cgi-bin/get/bugtraq0111/199.html
|
|
radius-3.6B remote-user-shell http://xforce.iss.net/alerts/advise87.php
|
|
exim<3.34 remote-user-shell http://www.exim.org/pipermail/exim-announce/2001q4/000048.html
|
|
stunnel<3.22 remote-user-shell http://www.stunnel.org/patches/desc/formatbug_ml.html
|
|
mutt<1.2.5.1 remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html
|
|
mutt-1.3.1* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html
|
|
mutt-1.3.2[0-4]* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html
|
|
cyrus-sasl<1.5.27 remote-code-execution http://www.securityfocus.com/bid/3498
|
|
openldap<2.0.20 denial-of-service http://www.openldap.org/lists/openldap-announce/200201/msg00002.html
|
|
xchat<1.8.7 remote-command-injection http://xchat.org/
|
|
enscript<1.6.1nb1 local-file-write http://www.securityfocus.com/bid/3920
|
|
rsync<2.5.2 remote-code-execution http://lists.samba.org/pipermail/rsync-announce/2002-January/000005.html
|
|
squirrelmail-1.2.[0-3] remote-code-execution http://www.securityfocus.com/bid/3952
|
|
gnuchess<5.03 remote-user-shell http://linux.oreillynet.com/pub/a/linux/2002/01/28/insecurities.html
|
|
ucd-snmp<4.2.3 weak-authentication http://www.cert.org/advisories/CA-2002-03.html
|
|
ucd-snmp<4.2.3 denial-of-service http://www.cert.org/advisories/CA-2002-03.html
|
|
ucd-snmp<4.2.3nb1 remote-user-shell http://www.securityfocus.com/archive/1/248141
|
|
squid<2.4.4 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_1.txt
|
|
ap-php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.1pl2 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.3pl1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
ap-php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html
|
|
php-4.3.0 remote-code-execution http://www.php.net/release_4_3_1.php
|
|
radiusd-cistron<1.6.6 denial-of-service http://www.kb.cert.org/vuls/id/936683
|
|
radiusd-cistron<1.6.6 remote-code-execution http://www.kb.cert.org/vuls/id/589523
|
|
openssh<3.0.2.1nb2 local-root-shell http://www.pine.nl/advisories/pine-cert-20020301.txt
|
|
htdig<3.1.6 denial-of-service http://online.securityfocus.com/bid/3410
|
|
htdig<3.1.6 local-user-file-view http://online.securityfocus.com/bid/3410
|
|
fileutils<4.1.7 local-file-removal http://mail.gnu.org/pipermail/bug-fileutils/2002-March/002433.html
|
|
zlib<1.1.4 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt
|
|
rsync<2.5.3 remote-user-file-view http://lists.samba.org/pipermail/rsync-announce/2002-March/000006.html
|
|
suse{,32}_base<6.4nb5 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt
|
|
icecast<1.3.11 remote-root-shell http://www.debian.org/security/2001/dsa-089
|
|
sun-{jre,jdk}<1.3.1.0.2 remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba
|
|
analog<5.22 remote-script-inject http://www.analog.cx/docs/whatsnew.html
|
|
jakarta-tomcat<3.2.3nb1 cross-site-scripting http://httpd.apache.org/info/css-security/
|
|
sudo<1.6.6 local-root-shell http://www.sudo.ws/sudo/alerts/prompt.html
|
|
squirrelmail<1.2.6 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00414.html
|
|
analog<5.23 denial-of-service http://www.analog.cx/security5.html
|
|
icecast<1.3.12 denial-of-service http://online.securityfocus.com/bid/4415
|
|
qpopper<4.0.4 denial-of-service http://online.securityfocus.com/bid/4295
|
|
qpopper<4.0.4nb1 local-root-shell http://online.securityfocus.com/bid/4614
|
|
imap-uw<2001.1 local-root-shell http://online.securityfocus.com/bid/4713
|
|
fetchmail<5.9.10 remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146
|
|
gaim<0.58 local-user-file-view http://online.securityfocus.com/archive/1/272180
|
|
mozilla<1.0rc3 remote-user-file-view http://groups.google.com/groups?as_umsgid=3CD095D4.9050003%40mozilla.org&hl=en
|
|
ethereal<0.9.4 remote-user-access http://www.ethereal.com/appnotes/enpa-sa-00004.html
|
|
bind-9.[01].* denial-of-service http://www.cert.org/advisories/CA-2002-15.html
|
|
bind-9.2.0* denial-of-service http://www.cert.org/advisories/CA-2002-15.html
|
|
bind-9.2.1rc* denial-of-service http://www.cert.org/advisories/CA-2002-15.html
|
|
bind-8.3.0 denial-of-service http://www.isc.org/products/BIND/bind8.html
|
|
xchat<1.8.9 remote-user-shell http://www.linuxsecurity.com/advisories/redhat_advisory-2107.html
|
|
apache<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt
|
|
apache6<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt
|
|
apache-2.0.1? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt
|
|
apache-2.0.2? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt
|
|
apache-2.0.3[0-8]* remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt
|
|
irssi<0.8.5 denial-of-service http://online.securityfocus.com/archive/1
|
|
#ap-ssl<2.8.10 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt
|
|
ap-ssl<2.8.10 remote-root-shell http://www.modssl.org/news/changelog.html
|
|
apache<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt
|
|
apache6<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt
|
|
bind<4.9.7nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
#compat12<=1.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
#compat13<=1.3.3nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
compat14<1.4.3.2 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
openssh<3.4 remote-root-shell https://nvd.nist.gov/vuln/detail/CVE-2002-0639
|
|
#bind<=9.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
bind<8.3.3 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
socks5<1.0.2nb2 remote-root-shell http://online.securityfocus.com/archive/1/9842
|
|
socks5-1.0.[3-9]* remote-root-shell http://online.securityfocus.com/archive/2/9842
|
|
socks5-1.0.1[0-1]* remote-root-shell http://online.securityfocus.com/archive/2/9842
|
|
ipa<1.2.7 local-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=17434
|
|
ethereal<0.9.5 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00005.html
|
|
squid<2.4.7 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_3.txt
|
|
nn<6.6.4 remote-user-shell http://online.securityfocus.com/bid/5160
|
|
inn<2.3.0 remote-user-shell http://online.securityfocus.com/bid/2620
|
|
cvsup-gui<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
cvsup<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
xpilot<4.5.1 remote-user-shell http://online.securityfocus.com/bid/4534
|
|
gnut<0.4.28 remote-user-shell http://online.securityfocus.com/bid/3267/
|
|
wwwoffle<2.7c denial-of-service http://bespin.org/~qitest1/adv/wwwoffle-2.7b.asc
|
|
png<1.2.4 remote-user-shell ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207
|
|
php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html
|
|
ap-php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html
|
|
srp_client<1.7.5 unknown http://www-cs-students.stanford.edu/~tjw/srp/download.html
|
|
hylafax<4.1.3 remote-root-shell http://www.securityfocus.com/bid/3357
|
|
openssl<0.9.6e remote-root-shell http://www.openssl.org/news/secadv_20020730.txt
|
|
libmm<1.2.1 local-root-shell http://online.securityfocus.com/bid/5352
|
|
openssl<0.9.6f denial-of-service http://www.openssl.org/news/secadv_20020730.txt
|
|
png<=1.0.12 remote-user-shell http://online.securityfocus.com/bid/5409
|
|
kdelibs-2.1.* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2
|
|
kdelibs-2.2.1* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2
|
|
kdelibs-2.2.2{,nb1} weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2
|
|
kdelibs-3.0.[12] weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2
|
|
arla<0.35.9 denial-of-service http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html
|
|
arla<0.35.9 remote-root-shell http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html
|
|
ethereal<0.9.6 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00006.html
|
|
bind<4.9.10 remote-root-shell http://www.kb.cert.org/vuls/id/738331
|
|
compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331
|
|
compat14-crypto<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331
|
|
netbsd32_compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331
|
|
compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331
|
|
netbsd32_compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331
|
|
postgresql-server<7.2.2 remote-code-execution http://online.securityfocus.com/archive/1/288998
|
|
gaim<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235
|
|
gaim-gnome<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235
|
|
mozilla<1.1 remote-file-read http://archives.neohapsis.com/archives/bugtraq/2002-07/0259.html
|
|
mozilla<1.1 remote-file-read http://www.geocities.co.jp/SiliconValley/1667/advisory03e.html
|
|
freebsd_lib<=2.2.7 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html
|
|
opera<6.03 remote-user-shell http://www.opera.com/linux/changelog/log603.html
|
|
wmnet<1.06nb3 local-root-shell http://www.securiteam.com/unixfocus/5HP0F1P8AM.html
|
|
apache-2.0.3[0-9]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042
|
|
apache-2.0.4[0-1]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042
|
|
fetchmail<6.1.0 remote-code-execution http://security.e-matters.de/advisories/032002.html
|
|
unzip<=5.42 local-file-write http://online.securityfocus.com/archive/1/196445
|
|
apache-2.0.3[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840
|
|
apache-2.0.4[0-2]* remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840
|
|
net-snmp<5.0.5 denial-of-service http://sourceforge.net/forum/forum.php?forum_id=215540
|
|
sendmail<8.12.6nb1 local-user-shell http://www.sendmail.org/smrsh.adv.txt
|
|
apache<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843
|
|
apache<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839
|
|
apache<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840
|
|
apache6<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843
|
|
apache6<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839
|
|
apache6<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840
|
|
gv<3.5.8nb2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569
|
|
logsurfer<1.5.2 local-user-shell http://www.cert.dfn.de/eng/team/wl/logsurf/
|
|
suse{,32}_base<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html
|
|
suse{,32}_devel<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html
|
|
kdegraphics<2.2.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt
|
|
kdegraphics-3.0.[123]* remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt
|
|
kdenetwork-3.0.[123]* remote-file-read http://www.kde.org/info/security/advisory-20021008-2.txt
|
|
gtar-base<1.13.25 local-file-write http://online.securityfocus.com/archive/1/196445
|
|
kth-krb4<1.2.1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt
|
|
inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/6049
|
|
inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/4501
|
|
fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5825
|
|
fetchmail<6.1.0 denial-of-service http://online.securityfocus.com/bid/5826
|
|
fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5827
|
|
squirrelmail<1.2.8 remote-script-inject http://online.securityfocus.com/bid/5763
|
|
bind<4.9.10nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html
|
|
bind<8.3.3nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html
|
|
samba-2.2.[2-6]* remote-root-shell http://www.samba.org/samba/whatsnew/samba-2.2.7.html
|
|
windowmaker<0.80.2 remote-user-shell http://www.windowmaker.org/
|
|
ssh<3.2.2 local-root-shell http://www.kb.cert.org/vuls/id/740619
|
|
w3m<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html
|
|
w3m-img<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html
|
|
Canna-server-bin<3.5.2nb3 remote-root-shell http://canna.sourceforge.jp/sec/Canna-2002-01.txt
|
|
windowmaker<0.80.2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277
|
|
kdelibs-2.1.* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt
|
|
kdelibs-2.2.1* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt
|
|
kdelibs-2.2.2{,nb[123]} remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt
|
|
kdelibs-3.0.[123]* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt
|
|
kdelibs-3.0.4 remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt
|
|
kdenetwork-2.[12]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt
|
|
kdenetwork-3.0.[123]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt
|
|
kdenetwork-3.0.4{,nb1} remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt
|
|
cyrus-imapd<2.0.17 remote-code-execution http://www.securityfocus.com/bid/6298
|
|
cyrus-imapd-2.1.9{,nb1} remote-code-execution http://www.securityfocus.com/bid/6298
|
|
imap-uw<2002.1rc1 remote-code-execution http://www.kb.cert.org/vuls/id/961489
|
|
cyrus-sasl-2.1.9{,nb[12]} remote-code-execution http://online.securityfocus.com/archive/1/302603
|
|
fetchmail<6.2.0 remote-code-execution http://security.e-matters.de/advisories/052002.html
|
|
mysql-client<3.23.49nb2 remote-code-execution http://security.e-matters.de/advisories/042002.html
|
|
mysql-server<3.23.49nb1 remote-code-execution http://security.e-matters.de/advisories/042002.html
|
|
pine<4.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320
|
|
w3m{,-img}<0.3.2.2 remote-file-read http://sourceforge.net/project/shownotes.php?group_id=39518&release_id=126233
|
|
ethereal<0.9.8 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00007.html
|
|
wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344
|
|
wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345
|
|
ssh<=3.2.2 denial-of-service http://www.rapid7.com/advisories/R7-0009.txt
|
|
cups<1.1.18 remote-root-shell http://www.idefense.com/advisory/12.19.02.txt
|
|
png<1.2.5nb2 unknown ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212
|
|
leafnode<1.9.30 denial-of-service http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0123.html
|
|
cups<1.1.18 local-code-execution http://online.securityfocus.com/bid/6475
|
|
xpdf<=2.01 local-code-execution http://online.securityfocus.com/bid/6475
|
|
mhonarc<2.5.14 cross-site-scripting http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@mcguire.earlhood.com
|
|
libmcrypt<2.5.5 remote-user-shell http://online.securityfocus.com/archive/1/305162/2003-01-01/2003-01-07/0
|
|
kdebase<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdegames<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdegraphics<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdelibs<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdemultimedia<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdenetwork<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdepim<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdesdk<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
kdeutils<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt
|
|
cvs<1.11.4nb1 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=51
|
|
gabber<0.8.7nb4 privacy-leak http://online.securityfocus.com/archive/1/307430
|
|
spamassassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html
|
|
p5-Mail-SpamAssassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html
|
|
squirrelmail<1.2.11 cross-site-scripting http://www.squirrelmail.org/
|
|
openssl<0.9.6gnb1 weak-encryption http://www.openssl.org/news/secadv_20030219.txt
|
|
php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
|
|
php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
|
|
php-4.2.3{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
|
|
sendmail<8.11.6nb3 remote-code-execution http://www.cert.org/advisories/CA-2003-07.html
|
|
sendmail-8.12.[0-7] remote-code-execution http://www.cert.org/advisories/CA-2003-07.html
|
|
sendmail-8.12.[0-7]nb* remote-code-execution http://www.cert.org/advisories/CA-2003-07.html
|
|
snort<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785
|
|
snort-pgsql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785
|
|
snort-mysql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785
|
|
hypermail<2.1.7 remote-code-execution http://www.hypermail.org/mail-archive/2003/Feb/0025.html
|
|
zlib<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107
|
|
ethereal-0.8.[7-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html
|
|
ethereal-0.9.[0-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html
|
|
qpopper<4.0.5 remote-user-shell http://archives.neohapsis.com/archives/bugtraq/2003-03/0152.html
|
|
ircII<20030313 remote-code-execution http://eterna.com.au/ircii/
|
|
samba<2.2.8 remote-code-execution http://us1.samba.org/samba/whatsnew/samba-2.2.8.html
|
|
openssl<0.9.6gnb2 remote-key-theft http://www.openssl.org/news/secadv_20030317.txt
|
|
openssl<0.9.6gnb2 remote-use-of-secret http://www.openssl.org/news/secadv_20030319.txt
|
|
mutt<1.4.1 remote-code-execution http://www.securityfocus.com/archive/1/315771/2003-03-19/2003-03-25/0
|
|
rxvt<2.7.10 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2
|
|
eterm<0.9.2 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2
|
|
apcupsd<3.8.6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396
|
|
apcupsd-3.10.[0-4] remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396
|
|
ap-php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
|
|
ap-php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
|
|
ap-php-4.2.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
|
|
ja-samba<2.2.7.1.1.1 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030317-2.html
|
|
bitchx<1.0.3.19nb1 remote-code-execution http://www.securityfocus.com/archive/1/315057
|
|
apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132
|
|
apache-2.0.4[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132
|
|
apcupsd<3.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099
|
|
apcupsd-3.10.[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099
|
|
setiathome<3.08 remote-code-execution http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Seti@home
|
|
samba<=2.2.8 remote-root-access http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html
|
|
mgetty+sendfax<1.1.29 file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392
|
|
mgetty+sendfax<1.1.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391
|
|
ja-samba<2.2.7.2.1.0 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030409-2.html
|
|
kde<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt
|
|
kdelibs<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt
|
|
kdebase<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt
|
|
kdegraphics<3.1.1nb2 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt
|
|
snort<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669
|
|
snort-pgsql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669
|
|
snort-mysql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669
|
|
poppassd<4.0.5nb1 local-root-shell http://www.securityfocus.com/archive/1/319811/2003-04-26/2003-05-02/0
|
|
ethereal<0.9.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00009.html
|
|
gnupg<1.2.2 weak-authentication http://www.securityfocus.com/archive/1/320444
|
|
lv<4.49.5 local-code-execution http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=190941
|
|
bitchx<1.0.3.19nb2 denial-of-service http://www.securityfocus.com/archive/1/321093
|
|
suse{,32}_libpng<7.3nb1 remote-user-shell http://www.suse.com/de/security/2003_004_libpng.html
|
|
apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245
|
|
apache-2.0.4[0-5] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245
|
|
suse{,32}_base<7.3nb4 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html
|
|
suse{,32}_devel<7.3nb2 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html
|
|
cups<1.1.19 denial-of-service http://www.cups.org/str.php?L75
|
|
speakfreely<=7.5 remote-code-execution http://www.securityfocus.com/archive/1/324257/2003-06-06/2003-06-12/0
|
|
ethereal<0.9.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00010.html
|
|
xpdf<2.02pl1 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html
|
|
acroread5<5.07 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html
|
|
acroread5<5.08 remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-July/006342.html
|
|
ImageMagick<5.5.7.1 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455
|
|
apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253
|
|
apache-2.0.4[0-6] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253
|
|
falcons-eye<1.9.3nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358
|
|
xconq<7.4.1nb1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0607
|
|
mhonarc<2.6.4 cross-site-scripting http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3128&group_id=1968
|
|
wu-ftpd<2.6.2nb1 remote-root-shell http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
|
|
lftp<2.5.3 remote-user-shell http://freshmeat.net/releases/87364/
|
|
postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468
|
|
postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540
|
|
xfstt<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0581
|
|
xfstt<1.5.1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0625
|
|
stunnel<3.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563
|
|
stunnel-4.0[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563
|
|
ssh2<3.2.5 weak-authentication http://www.ssh.com/company/newsroom/article/454/
|
|
horde<2.2.4rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0
|
|
imp<3.2.2rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0
|
|
gopher<3.0.6 remote-root-shell http://www.securityfocus.com/archive/1/328843/2003-08-18/2003-08-24/2
|
|
unzip<5.50nb2 weak-path-validation http://www.securityfocus.com/archive/1/334070/2003-08-18/2003-08-24/2
|
|
xmule-[0-9]* remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-August/008449.html
|
|
sendmail-8.12.[0-8]nb* denial-of-service http://www.sendmail.org/dnsmap1.html
|
|
exim<3.36 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html
|
|
exim>=4<4.22 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html
|
|
leafnode<1.9.42 denial-of-service http://www.securityfocus.com/archive/1/336186
|
|
p5-Apache-Gallery<0.7 local-user-shell http://www.securityfocus.com/archive/1/336583/2003-09-06/2003-09-12/0
|
|
pine<4.58 remote-code-execution http://www.idefense.com/advisory/09.10.03.txt
|
|
net-snmp<5.0.9 privacy-leak http://sourceforge.net/forum/forum.php?forum_id=308015
|
|
gtkhtml<1.1.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0541
|
|
sane-backends<1.0.11 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773
|
|
sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774
|
|
sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775
|
|
sane-backends<1.0.11 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776
|
|
sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777
|
|
sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778
|
|
apache<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828
|
|
apache6<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828
|
|
mysql-server<3.23.49nb5 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-September/009819.html
|
|
openssh<3.7.1 denial-of-service http://www.openssh.org/txt/buffer.adv
|
|
openssh+gssapi<3.6.1.2.20030430nb2 denial-of-service http://www.openssh.org/txt/buffer.adv
|
|
sendmail<8.12.10 unknown http://www.sendmail.org/8.12.10.html
|
|
thttpd<2.23.0.1nb1 remote-code-execution http://marc.theaimsgroup.com/?l=thttpd&m=106402145912879&w=2
|
|
openssh<3.7.1.2 remote-code-execution http://www.openssh.com/txt/sshpam.adv
|
|
proftpd<1.2.8nb2 remote-root-shell http://xforce.iss.net/xforce/alerts/id/154
|
|
cfengine-2.0.[0-7]* remote-code-execution http://www.securityfocus.com/archive/1/339083/2003-09-22/2003-09-28/0
|
|
mplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01
|
|
gmplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01
|
|
marbles<1.0.2nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0830
|
|
ncftp3<3.1.6 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345
|
|
openssl<0.9.6k remote-root-shell http://www.openssl.org/news/secadv_20030930.txt
|
|
vmware3<3.2.1pl1 local-root-shell http://marc.theaimsgroup.com/?l=gentoo-announce&m=106181867621048&w=2
|
|
fetchmail<6.2.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0790
|
|
kdelibs<2.2.2 denial-of-service http://www.kde.org/info/security/
|
|
kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/
|
|
kdebase<2.2.2 denial-of-service http://www.kde.org/info/security/
|
|
kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/
|
|
silc-client<0.9.13 denial-of-service http://silcnet.org/txt/security_20031016_1.txt
|
|
silc-server<0.9.14 denial-of-service http://silcnet.org/txt/security_20031016_1.txt
|
|
sylpheed-claws-0.9.4{,nb1} denial-of-service http://www.guninski.com/sylph.html
|
|
vtun<2.6nb1 privacy-leak ftp://ftp.netbsd.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/vtun-26to30.patch
|
|
libnids<=1.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850
|
|
apache<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542
|
|
apache6<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542
|
|
apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254
|
|
apache-2.0.4[0-7] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254
|
|
sun-{jre,jdk}13<1.0.9 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity
|
|
sun-{jre,jdk}14<2.0 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity
|
|
thttpd<2.24 remote-code-execution http://www.texonet.com/advisories/TEXONET-20030908.txt
|
|
coreutils<5.0nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853
|
|
coreutils<5.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854
|
|
hylafax<4.1.8 remote-code-execution http://www.securiteam.com/unixfocus/6O00D0K8UI.html
|
|
quagga<0.96.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795
|
|
zebra<0.93bnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795
|
|
pan<0.13.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855
|
|
ethereal<0.9.15 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00011.html
|
|
mozilla{,-bin}<1.5 remote-code-execution http://www.mozilla.org/projects/security/known-vulnerabilities.html
|
|
screen<4.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0972
|
|
gnupg<1.2.3nb2 weak-authentication http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html
|
|
rsync<2.5.7 remote-user-shell http://www.mail-archive.com/rsync@lists.samba.org/msg08782.html
|
|
audit-packages<1.26 no-exploit-but-less-integrity-so-please-upgrade http://mail-index.netbsd.org/tech-pkg/2003/11/30/0001.html
|
|
cvs<1.11.10 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=84
|
|
lftp<2.6.10 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-December/014824.html
|
|
opera<7.23 remote-file-delete http://opera.rainyblue.org/modules/cjaycontent/index.php?id=1
|
|
mgetty+sendfax<=1.1.30 file-permissions http://mail-index.netbsd.org/tech-pkg/2003/11/18/0003.html
|
|
cvs<1.11.11 privilege-escalation https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=88
|
|
ethereal<0.10.0 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00012.html
|
|
bind<8.4.3 cache-poisoning http://www.kb.cert.org/vuls/id/734644
|
|
mpg321<0.2.10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969
|
|
mailman<2.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965
|
|
racoon<20040116a remote-sa-delete http://www.securityfocus.com/archive/1/349756
|
|
gaim<0.75nb1 remote-code-execution http://security.e-matters.de/advisories/012004.html
|
|
freeradius<0.9.3 denial-of-service http://www.freeradius.org/security.html#0.9.2
|
|
libtool-base<1.5.2nb3 local-symlink-race http://www.securityfocus.com/archive/1/352519
|
|
jitterbug<1.6.2nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028
|
|
mpg123<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865
|
|
mpg123-esound<0.59.18nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865
|
|
mpg123-nas<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865
|
|
clamav<0.66 denial-of-service http://www.securityfocus.com/archive/1/353186
|
|
mutt<1.4.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0078
|
|
metamail<2.7nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104
|
|
xboing<2.4nb2 privilege-escalation http://www.debian.org/security/2004/dsa-451
|
|
libxml2<2.6.6 remote-user-shell http://lists.gnome.org/archives/xml/2004-February/msg00070.html
|
|
automake<1.8.3 privilege-escalation http://www.securityfocus.com/archive/1/356574/2004-03-05/2004-03-11/2
|
|
apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113
|
|
apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113
|
|
apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113
|
|
apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
|
|
apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
|
|
apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
|
|
apache-2.0.? remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
|
|
apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
|
|
apache-2.0.4[0-8] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
|
|
apache<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
|
|
apache6<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020
|
|
gdk-pixbuf<0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0111
|
|
openssl<0.9.6l denial-of-service http://www.openssl.org/news/secadv_20031104.txt
|
|
openssl<0.9.6m denial-of-service http://www.openssl.org/news/secadv_20040317.txt
|
|
isakmpd<=20030903nb1 denial-of-service http://www.rapid7.com/advisories/R7-0018.html
|
|
ghostscript-gnu<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354
|
|
ghostscript-gnu-nox11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354
|
|
ghostscript-gnu-x11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354
|
|
python22<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150
|
|
python22-pth<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150
|
|
squid<2.5.5 weak-acl-enforcement http://www.squid-cache.org/Advisories/SQUID-2004_1.txt
|
|
ethereal<0.10.3 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00013.html
|
|
mplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025
|
|
gmplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025
|
|
mencoder<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025
|
|
heimdal<0.6.1 remote-trust http://www.pdc.kth.se/heimdal/advisory/2004-04-01/
|
|
uulib<0.5.20 archive-code-execution http://www.securityfocus.com/bid/9758
|
|
racoon<20040408a weak-authentication http://www.vuxml.org/freebsd/d8769838-8814-11d8-90d1-0020ed76ef5a.html
|
|
xchat<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
|
|
xchat-2.0.[0-7] remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
|
|
xchat-2.0.[0-7]nb* remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
|
|
xchat-2.0.8 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
|
|
xchat-2.0.8nb1 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
|
|
xchat-gnome<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html
|
|
cvs<1.11.15 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=102
|
|
neon<0.24.5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179
|
|
tla<1.2.1rc1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2
|
|
cadaver<0.22.1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2
|
|
lha<1.14i local-code-execution http://www2m.biglobe.ne.jp/~dolphin/lha/lha-unix.htm
|
|
mplayer>=1.0rc0<1.0rc4 remote-code-execution http://www.mplayerhq.hu/homepage/design6/news.html
|
|
xine-lib-1rc[0-2]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1
|
|
xine-lib-1rc3[ab]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1
|
|
rsync<2.6.1 remote-file-write http://rsync.samba.org/#security_apr04
|
|
exim<3.36nb2 remote-code-execution http://www.guninski.com/exim1.html
|
|
exim>=4<4.30 remote-code-execution http://www.guninski.com/exim1.html
|
|
exim-exiscan-4.[0-2]* remote-code-execution http://www.guninski.com/exim1.html
|
|
pine<4.58nb4 local-symlink-race http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=22226
|
|
xine-lib-1rc[0-3]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-3
|
|
global<4.6 remote-exec http://savannah.gnu.org/forum/forum.php?forum_id=2029
|
|
opera<7.50 remote-file-write http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true
|
|
lha<114.9nb2 remote-code-execution http://www.securityfocus.com/bid/10243
|
|
apache<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987
|
|
apache<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993
|
|
apache<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
|
|
apache6<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987
|
|
apache6<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993
|
|
apache6<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174
|
|
kdelibs<3.2.2nb2 remote-file-write http://www.kde.org/info/security/advisory-20040517-1.txt
|
|
subversion-base<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125
|
|
subversion-base<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125
|
|
ap{2,22}-subversion<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125
|
|
ap{2,22}-subversion<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125
|
|
neon<0.24.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398
|
|
cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396
|
|
cvs-1.11.1[0-5] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396
|
|
cadaver<0.22.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398
|
|
ap-ssl<2.8.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488
|
|
squirrelmail<1.4.3 cross-site-scripting http://www.securityfocus.com/bid/10246/
|
|
ethereal<0.10.4 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00014.html
|
|
apache-2.0.49{,nb1} remote-code-execution http://www.securityfocus.com/bid/10355
|
|
roundup<0.7.3 remote-file-read http://cvs.sourceforge.net/viewcvs.py/*checkout*/roundup/roundup/CHANGES.txt?rev=1.533.2.21
|
|
cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416
|
|
cvs-1.11.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416
|
|
cvs-1.11.1[0-6]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416
|
|
subversion-base<1.0.5 denial-of-service http://www.contactor.se/~dast/svn/archive-2004-06/0331.shtml
|
|
racoon<20040617a weak-authentication http://www.securitytracker.com/alerts/2004/Jun/1010495.html
|
|
mit-krb5<1.3.4 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt
|
|
imp<3.2.4 cross-site-scripting http://securityfocus.com/bid/10501/info/
|
|
gmplayer<1.0rc4nb2 remote-code-execution http://www.open-security.org/advisories/5
|
|
ethereal<0.10.5 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00015.html
|
|
courier-auth<0.45 remote-code-execution http://www.securityfocus.com/bid/9845
|
|
courier-imap<3.0.0 remote-code-execution http://www.securityfocus.com/bid/9845
|
|
sqwebmail<4.0.0 remote-code-execution http://www.securityfocus.com/bid/9845
|
|
ap-ssl<2.8.19 remote-code-execution http://www.mail-archive.com/modssl-users@modssl.org/msg16853.html
|
|
ap{2,22}-subversion<1.0.6 weak-acl-enforcement http://www.contactor.se/~dast/svn/archive-2004-07/0814.shtml
|
|
samba<2.2.10 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html
|
|
samba-3.0.[0-4]{,a*,nb?} remote-code-execution http://www.samba.org/samba/whatsnew/samba-3.0.5.html
|
|
ja-samba<2.2.9.1.0nb1 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html
|
|
acroread5<5.09 arbitrary-code-execution http://kb2.adobe.com/cps/322/322914.html
|
|
png<1.2.6rc1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt
|
|
suse{,32}_libpng-7.3{,nb1} remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt
|
|
suse{,32}_libpng-9.1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt
|
|
suse{,32}_libpng<=6.4 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt
|
|
mozilla{,-gtk2}{,-bin}<1.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763
|
|
mozilla{,-gtk2}{,-bin}<1.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758
|
|
MozillaFirebird{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763
|
|
firefox{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763
|
|
MozillaFirebird{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758
|
|
firefox{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758
|
|
thunderbird{,-gtk2}{,-bin}<0.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763
|
|
thunderbird{,-gtk2}{,-bin}<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758
|
|
cfengine-2.0.* remote-code-execution http://www.securityfocus.org/advisories/7045
|
|
cfengine-2.1.[0-7] remote-code-execution http://www.securityfocus.org/advisories/7045
|
|
spamassassin<2.64 denial-of-service http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2
|
|
kdelibs<3.2.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689
|
|
kdelibs<3.2.3nb2 local-account-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690
|
|
kdelibs<3.2.3nb2 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
|
|
kdebase<3.2.3nb1 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721
|
|
opera<7.54 remote-file-read http://www.greymagic.com/security/advisories/gm008-op/
|
|
opera<7.54 www-address-spoof http://secunia.com/advisories/12162/
|
|
rsync<2.6.2nb1 remote-file-access http://samba.org/rsync/#security_aug04
|
|
lukemftpd-[0-9]* remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc
|
|
tnftpd<20040810 remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc
|
|
demime<1.1d denial-of-service http://scifi.squawk.com/demime.html
|
|
kdelibs<3.2.3nb2 www-session-fixation http://www.kde.org/info/security/advisory-20040823-1.txt
|
|
fidogate<4.4.9nb1 local-file-write http://sourceforge.net/tracker/index.php?func=detail&aid=1013726&group_id=10739&atid=310739
|
|
qt3-libs<3.3.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691
|
|
gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=0
|
|
gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=1
|
|
gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=2
|
|
gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=3
|
|
gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=4
|
|
gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=5
|
|
gaim<0.82 denial-of-service http://gaim.sourceforge.net/security/index.php?id=6
|
|
zlib<1.2.1nb2 denial-of-service http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html
|
|
imlib2<1.1.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802
|
|
mit-krb5<1.3.4nb2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt
|
|
mit-krb5<1.3.4nb2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt
|
|
mpg123<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433
|
|
mpg123-esound<0.59.18nb2 remote-user-shell http://www.securityfocus.com/archive/1/374433
|
|
mpg123-nas<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433
|
|
apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964
|
|
apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964
|
|
apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134
|
|
apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134
|
|
samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807
|
|
samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808
|
|
heimdal<0.6.3 remote-root-access http://www.pdc.kth.se/heimdal/advisory/2004-09-13/
|
|
MozillaFirebird{,-gtk2}{,-bin}<0.10 remote-code-execution http://secunia.com/advisories/12526/
|
|
firefox<0.10 remote-code-execution http://secunia.com/advisories/12526/
|
|
firefox-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/
|
|
firefox-gtk2<0.10 remote-code-execution http://secunia.com/advisories/12526/
|
|
firefox-gtk2-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/
|
|
mozilla<1.7.3 remote-code-execution http://secunia.com/advisories/12526/
|
|
mozilla-bin<1.7.3 remote-code-execution http://secunia.com/advisories/12526/
|
|
mozilla-gtk2<1.7.3 remote-code-execution http://secunia.com/advisories/12526/
|
|
thunderbird<0.8 remote-code-execution http://secunia.com/advisories/12526/
|
|
thunderbird-bin<0.8 remote-code-execution http://secunia.com/advisories/12526/
|
|
thunderbird-gtk2<0.8 remote-code-execution http://secunia.com/advisories/12526/
|
|
xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
|
|
xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
|
|
XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
|
|
XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
|
|
xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
|
|
xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
|
|
openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
|
|
openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
|
|
sudo-1.6.8 local-file-read http://www.sudo.ws/sudo/alerts/sudoedit.html
|
|
apache-2.0.[0-4]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747
|
|
apache-2.0.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747
|
|
apache-2.0.50nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747
|
|
gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753
|
|
gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753
|
|
gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782
|
|
gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782
|
|
gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783
|
|
gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783
|
|
gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788
|
|
gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788
|
|
wv<=1.0.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645
|
|
apache-2.0.51 weak-acl-enforcement http://nagoya.apache.org/bugzilla/show_bug.cgi?id=31315
|
|
apache-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
|
|
apache-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
|
|
apache-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
|
|
apache<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940
|
|
apache6-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
|
|
apache6-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
|
|
apache6-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
|
|
apache6<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940
|
|
ImageMagick<6.0.6.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827
|
|
ap{2,22}-subversion<1.0.8 metadata-leak http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt
|
|
squid<2.5.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832
|
|
MozillaFirebird{,-gtk2}{,-bin}<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html
|
|
firefox<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html
|
|
firefox-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html
|
|
firefox-gtk2<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html
|
|
firefox-gtk2-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html
|
|
gzip-base<1.2.4b remote-code-execution http://www.securityfocus.com/bid/3712
|
|
squid<2.5.7 denial-of-service http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities
|
|
tiff<3.6.1nb4 remote-code-execution http://scary.beasts.org/security/CESA-2004-006.txt
|
|
tiff<3.6.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
|
|
tiff<3.6.1nb4 denial-of-service http://securitytracker.com/id?1011674
|
|
ap-ssl<2.8.20 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
sox<12.17.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557
|
|
ssmtp<2.61 remote-user-access http://lists.debian.org/debian-security-announce-2004/msg00084.html
|
|
kdegraphics-3.2.* denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt
|
|
kdegraphics-3.3.{0,0nb1,1} denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt
|
|
samba-2.2.[1-9] denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html
|
|
samba-2.2.10 denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html
|
|
samba-2.2.[1-9] remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815
|
|
samba-2.2.{10,11} remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815
|
|
ja-samba<2.2.12.0.9.1 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815
|
|
postgresql-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234
|
|
postgresql73-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234
|
|
postgresql74-server-7.4.[1-5]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234
|
|
cabextract<1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0916
|
|
mpg123<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982
|
|
mpg123-esound<0.59.18nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982
|
|
mpg123-nas<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982
|
|
socat<1.4.0.3 privilege-escalation http://www.nosystem.com.ar/advisories/advisory-07.txt
|
|
ruby-base<1.6.8nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0983
|
|
gnats<4 privilege-escalation http://www.securityfocus.com/archive/1/326337
|
|
mozilla<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/
|
|
mozilla-bin<1.7.3nb1 local-file-write http://secunia.com/advisories/12956/
|
|
mozilla-gtk2<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/
|
|
MozillaFirebird{,-gtk2}{,-bin}<1.0 local-file-write http://secunia.com/advisories/12956/
|
|
firefox<1.0 local-file-write http://secunia.com/advisories/12956/
|
|
firefox-bin<1.0 local-file-write http://secunia.com/advisories/12956/
|
|
firefox-gtk2<1.0 local-file-write http://secunia.com/advisories/12956/
|
|
firefox-gtk2-bin<1.0 local-file-write http://secunia.com/advisories/12956/
|
|
thunderbird<0.8nb1 local-file-write http://secunia.com/advisories/12956/
|
|
thunderbird-gtk2<0.8nb1 local-file-write http://secunia.com/advisories/12956/
|
|
thunderbird-bin<0.8nb1 local-file-write http://secunia.com/advisories/12956/
|
|
sudo<1.6.8pl3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1051
|
|
gnats<4.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623
|
|
freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0938
|
|
freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0960
|
|
freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0961
|
|
samba<2.2.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930
|
|
samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882
|
|
samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154
|
|
samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930
|
|
samba-3.0.[0-7]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882
|
|
samba-3.0.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154
|
|
ja-samba-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930
|
|
ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882
|
|
ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154
|
|
squirrelmail<1.4.3anb1 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169
|
|
ja-squirrelmail<1.4.3anb3 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169
|
|
snownews<1.5 unsafe-umask http://kiza.kcore.de/software/snownews/changes#150
|
|
liferea<0.6.2 unsafe-umask http://sourceforge.net/project/shownotes.php?release_id=282434
|
|
libxml2<2.6.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989
|
|
libxml<1.8.17nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989
|
|
sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1
|
|
sun-{jre,jdk}13<1.0.12nb1 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1
|
|
xpdf<3.00pl1 remote-code-execution http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml
|
|
php-curl<4.3.2 local-file-read http://www.securityfocus.com/bid/11557
|
|
jabberd-2.0s[23]* remote-code-execution http://www.securityfocus.com/archive/1/382250
|
|
jabberd-2.0s4 remote-code-execution http://www.securityfocus.com/archive/1/382250
|
|
jabberd<1.4.2nb4 denial-of-service http://www.securityfocus.com/archive/1/375955
|
|
imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025
|
|
imlib<1.9.15nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026
|
|
kdelibs<3.3.2nb1 plain-text-password-exposure http://www.kde.org/info/security/advisory-20041209-1.txt
|
|
kdegraphics<3.3.2 denial-of-service http://www.kde.org/info/security/advisory-20041209-2.txt
|
|
kdelibs<3.3.2nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt
|
|
kdebase<3.3.2nb1 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt
|
|
phpmyadmin-2.6.0-pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4
|
|
phpmyadmin-2.6.0pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4
|
|
phpmyadmin-2.[4-5]* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4
|
|
phpmyadmin-2.6.0 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4
|
|
phpmyadmin-2.6.0pl2 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4
|
|
phpmyadmin-2.6.0-pl* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4
|
|
namazu<2.0.14 cross-site-scripting http://www.namazu.org/security.html.en
|
|
{ap-,}php<4.3.10 remote-code-execution http://www.hardened-php.net/advisories/012004.txt
|
|
{ap-,}php-5.0.2* remote-code-execution http://www.hardened-php.net/advisories/012004.txt
|
|
{ap-,}php<4.3.10 local-code-execution http://www.hardened-php.net/advisories/012004.txt
|
|
{ap-,}php-5.0.2* local-code-execution http://www.hardened-php.net/advisories/012004.txt
|
|
cyrus-imapd-2.2.[4-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt
|
|
cyrus-imapd-2.2.[0-5]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt
|
|
cyrus-imapd-2.2.[0-7]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt
|
|
cyrus-imapd-2.2.[7-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt
|
|
cyrus-imapd-2.2.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546
|
|
cyrus-imapd-2.2.1[0-1]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546
|
|
cyrus-imapd<2.1.18 remote-code-execution http://security.e-matters.de/advisories/152004.txt
|
|
cyrus-imapd<2.1.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546
|
|
ethereal-0.9.* remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html
|
|
ethereal-0.10.[0-7]{,nb*} remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html
|
|
tcpdump<3.8.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989
|
|
tcpdump<3.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057
|
|
tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183
|
|
tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184
|
|
mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226
|
|
gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226
|
|
mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231
|
|
gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231
|
|
mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232
|
|
gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232
|
|
netpbm<9.26 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0924
|
|
pwlib<1.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097
|
|
leafnode<1.9.48 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2004-01
|
|
lbreakout<2.4beta2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0158
|
|
ap-python<2.7.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973
|
|
logcheck<1.1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0404
|
|
zope<2.5.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0688
|
|
flim<1.14.3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422
|
|
gnome-vfs<1.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494
|
|
cups<1.1.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558
|
|
openoffice<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752
|
|
openoffice-linux<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752
|
|
imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817
|
|
apache-2.0.51* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0811
|
|
mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server-4.0.[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server-4.0.[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server-4.0.1[0-8] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server-4.0.1[0-8]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server-4.1.[01] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server-4.1.[01]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835
|
|
mysql-server<3.23.49 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server-4.0.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server-4.0.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server-4.0.1[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server-4.0.1[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server-4.0.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server-4.0.20nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836
|
|
mysql-server<3.23.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
mysql-server-4.0.[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
mysql-server-4.0.[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
mysql-server-4.0.1[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
mysql-server-4.0.1[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
mysql-server-4.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
mysql-server-4.0.20nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837
|
|
cyrus-sasl<2.1.19 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0884
|
|
cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
|
|
cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889
|
|
cups<1.1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923
|
|
apache-2.0.3[5-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
apache-2.0.3[5-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
apache-2.0.4[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
apache-2.0.4[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
apache-2.0.5[0-2] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
apache-2.0.5[0-2]nb[1-4] weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
|
|
openmotif<2.1.30nb3 denial-of-service http://www.ics.com/developers/index.php?cont=xpm_security_alert
|
|
catdoc<0.91.5-2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193
|
|
gd<2.0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941
|
|
gd<2.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0990
|
|
ImageMagick<6.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981
|
|
lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687
|
|
lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688
|
|
lesstif<0.94.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
|
|
xorg-libs<6.8.1nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
|
|
XFree86-libs<4.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
|
|
xpm<3.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
|
|
groff<1.19.1nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969
|
|
zip<2.3nb3 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1010
|
|
openssl<0.9.6mnb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0975
|
|
mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities
|
|
mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities
|
|
mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities
|
|
cscope<15.4nb4 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0996
|
|
acroread5<5.10 remote-code-execution http://www.adobe.com/support/techdocs/331153.html
|
|
a2ps<4.13.0.2nb5 unsafe-shell-escape http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170
|
|
a2ps<4.13.0.2nb7 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377
|
|
mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023
|
|
tiff<3.6.1nb6 buffer-overrun http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities
|
|
xpdf<3.00pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
|
|
xzgv<0.8.0.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994
|
|
xine-lib-1rc[2-5]* remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-4
|
|
xine-lib<1rc6 remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-5
|
|
gpdf<2.8.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
|
|
koffice<1.3.5 integer-overflow http://kde.org/areas/koffice/releases/1.3.4-release.php
|
|
pdfTexinteTexbin<perhaps integer-overflow http://www.tug.org/applications/pdftex/NEWS
|
|
opera<7.54pl1 remote-code-execution http://archives.neohapsis.com/archives/bugtraq/2004-11/0250.html
|
|
wget<1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487
|
|
p5-Tk<804.027nb2 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt
|
|
xine-lib<1rc6anb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1187
|
|
xine-lib<1rc6anb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1188
|
|
{ap-,}php<4.3.9 remote-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0958
|
|
{ap-,}php-5.0.[01]* remote-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0958
|
|
{ap-,}php<4.3.9 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0959
|
|
{ap-,}php-5.0.[01]* remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0959
|
|
{ap-,}php<4.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065
|
|
{ap-,}php-5.0.[012]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065
|
|
{ap-,}php<4.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019
|
|
{ap-,}php-5.0.[012]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019
|
|
kdelibs<3.3.2 remote-code-execution http://www.kde.org/info/security/advisory-20041220-1.txt
|
|
kdegraphics<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20041223-1.txt
|
|
mit-krb5<1.3.6 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt
|
|
snort-2.1.[3-9]* denial-of-service http://www.webservertalk.com/message416634.html
|
|
snort-mysql-2.1.[3-9]* denial-of-service http://www.webservertalk.com/message416634.html
|
|
snort-pgsql-2.1.[3-9]* denial-of-service http://www.webservertalk.com/message416634.html
|
|
snort-2.2.0 denial-of-service http://www.webservertalk.com/message416634.html
|
|
snort-mysql-2.2.0 denial-of-service http://www.webservertalk.com/message416634.html
|
|
snort-pgsql-2.2.0 denial-of-service http://www.webservertalk.com/message416634.html
|
|
tcpdump<0.21 privilege-escalation http://www.atstake.com/research/advisories/2003/a080703-2.txt
|
|
asp2php-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1261
|
|
chbg<=1.5 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/chbg.txt
|
|
xlreader<0.9.0nb1 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/xlreader.txt
|
|
cups<1.1.23rc1 denial-of-service http://www.cups.org/str.php?L1023
|
|
cups<1.1.23rc1 remote-code-execution http://www.cups.org/str.php?L1024
|
|
mozilla<1.7.5 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
|
|
mozilla-bin<1.7.5 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
|
|
mozilla-gtk2<1.7.5 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
|
|
thunderbird<1.0 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
|
|
thunderbird-bin<1.0 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
|
|
thunderbird-gtk2<1.0 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt
|
|
cups<1.1.23 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
|
|
perl{,-thread}<5.6.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
|
|
perl{,-thread}-5.6.[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448
|
|
perl{,-thread}-5.8.[0-4]{,nb*}* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
|
|
perl{,-thread}-5.8.[0-4]{,nb*}* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448
|
|
perl{,-thread}-5.8.5{,nb[123456]} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976
|
|
perl{,-thread}-5.8.6 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976
|
|
kdelibs<3.3.2nb6 remote-code-execution http://www.kde.org/info/security/advisory-20050101-1.txt
|
|
xine-lib<1rc6anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300
|
|
xine-lib-1rc8{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300
|
|
nasm<0.98.39 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1287
|
|
bugzilla<2.18rc3nb1 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=272620
|
|
exim<3.36nb7 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html
|
|
exim>=4<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html
|
|
exim-exiscan<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html
|
|
vim<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
|
|
vim-gtk<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
|
|
vim-gtk2<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
|
|
vim-kde<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
|
|
vim-motif<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
|
|
vim-xaw<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
|
|
pcal<4.7nb1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1289
|
|
tnftp<20050103 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/tnftp.txt
|
|
napshare<1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1286
|
|
yamt<0.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1302
|
|
cups-1.1.2[12]* denial-of-service http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042
|
|
dillo<0.8.3nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0012
|
|
tiff<3.6.1nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308
|
|
mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284
|
|
mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284
|
|
mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284
|
|
mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991
|
|
mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991
|
|
mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991
|
|
hylafax<4.2.1 weak-acl-enforcement http://www.hylafax.org/4.2.1.html
|
|
teTeX-bin<2.0.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
|
|
teTeX-bin<2.0.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
|
|
awstats<6.3 local-code-execution http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities
|
|
ImageMagick<6.1.8.8 remote-code-execution http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities
|
|
xpdf<3.00pl3 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities
|
|
cups<1.1.23nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities
|
|
kdegraphics<3.3.2nb3 remote-code-execution http://www.kde.org/info/security/advisory-20050119-1.txt
|
|
mysql-client<3.23.58nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
mysql-client-4.0.[0-9]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
mysql-client-4.0.1[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
mysql-client-4.0.2[0-2]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
mysql-client-4.0.23 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
mysql-client-4.1.[0-8]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
mysql-client-4.1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004
|
|
ethereal<0.10.9 denial-of-service http://ethereal.com/appnotes/enpa-sa-00017.html
|
|
ethereal<0.10.9 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00017.html
|
|
koffice<1.3.5nb4 remote-code-execution http://www.kde.org/info/security/advisory-20050120-1.txt
|
|
squid<2.5.7nb5 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_1.txt
|
|
squid<2.5.7nb6 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094
|
|
squid<2.5.7nb7 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2005_2.txt
|
|
squid<2.5.7nb8 denial-of-service http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting
|
|
unarj<2.65nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947
|
|
unarj<2.65nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027
|
|
suse{,32}_libtiff<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308
|
|
suse{,32}_x11<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914
|
|
suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753
|
|
suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782
|
|
suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783
|
|
suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788
|
|
webmin<1.160 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0559
|
|
teTeX-bin<2.0.2nb5 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities
|
|
sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1
|
|
sun-{jre,jdk}13<1.0.13 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1
|
|
evolution12<1.2.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102
|
|
evolution14<1.4.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102
|
|
evolution<2.0.3nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102
|
|
enscript<1.6.3nb1 remote-code-execution http://www.securityfocus.org/advisories/7879
|
|
bind-8.4.[4-5]{,nb*} denial-of-service http://www.kb.cert.org/vuls/id/327633
|
|
bind-9.3.0 denial-of-service http://www.kb.cert.org/vuls/id/938617
|
|
squid<2.5.7nb9 cache-poisoning http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting
|
|
p5-DBI<1.46nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077
|
|
f2c<20001205nb8 local-file-write http://www.debian.org/security/2005/dsa-661
|
|
squid<2.5.7nb10 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_3.txt
|
|
zope25-Silva<0.9.2.8 privilege-escalation http://mail.zope.org/pipermail/zope-announce/2005-February/001653.html
|
|
postgresql-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
|
|
postgresql73-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
|
|
postgresql74-server-7.4.[1-6]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
|
|
postgresql80-server-8.0.0* privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
|
|
perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} local-root-exploit http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155
|
|
perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156
|
|
gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
|
|
gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064
|
|
python22<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
python22-pth<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
python23<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
python23-pth<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
python23-nth<2.3.4nb2 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
python24<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
python24-pth<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
py{15,20,21,22,23,24,25,26,27,31}-xmlrpc<=0.9.8 remote-code-execution http://www.python.org/security/PSF-2005-001/
|
|
opera<7.54pl2 remote-code-execution http://secunia.com/advisories/13818/
|
|
opera<=7.54pl2 www-address-spoof http://secunia.com/advisories/14154/
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<=1.0 www-address-spoof http://secunia.com/advisories/14163/
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5 www-address-spoof http://secunia.com/advisories/14163/
|
|
kdebase<=3.3.2nb1 www-address-spoof http://secunia.com/advisories/14162/
|
|
apache-2.0.5[0-2]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942
|
|
fprot-workstation-bin<4.5.3 local-code-execution http://www.f-secure.com/security/fsc-2005-1.shtml
|
|
mailman<2.1.4nb3 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202
|
|
awstats<=6.3nb3 denial-of-service http://www.securityfocus.com/archive/1/390368
|
|
awstats<=6.3nb3 remote-code-execution http://www.securityfocus.com/archive/1/390368
|
|
sympa<=4.1.2nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0073
|
|
bidwatcher<1.3.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0158
|
|
kdeedu<=3.3.2 privilege-escalation http://www.kde.org/info/security/advisory-20050215-1.txt
|
|
emacs-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
emacs-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
emacs-21.3nb[0-6] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
emacs-nox11-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
emacs-nox11-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
emacs-nox11-21.3nb[0-1] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
emacs<20.7nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
xemacs<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
xemacs-nox11<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
|
|
xview-lib<3.2.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0076
|
|
clamav<0.82 denial-of-service http://www.securityfocus.com/bid/12408?ref=rss
|
|
phpmyadmin<2.6.1pl1 cross-site-scripting http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408
|
|
phpmyadmin<2.6.1pl1 privacy-leak http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408
|
|
curl<7.12.2nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
|
|
curl-7.1{2.3,2.3nb1,3.0} remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities
|
|
gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=7
|
|
gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=8
|
|
gaim<1.0.2 buffer-overrun http://gaim.sourceforge.net/security/index.php?id=9
|
|
gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=10
|
|
gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=11
|
|
gaim<1.1.4 denial-of-service http://gaim.sourceforge.net/security/index.php?id=12
|
|
unzip<5.52 privilege-escalation http://www.securityfocus.com/archive/1/391677
|
|
kdebase<3.3.2 command-injection http://www.kde.org/info/security/advisory-20050101-1.txt
|
|
kdebase<3.0.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0078
|
|
squid<2.5.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446
|
|
squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20
|
|
ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20
|
|
squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152
|
|
ja-squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152
|
|
gcpio<2.5nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572
|
|
squid<2.5.8 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0173
|
|
squid<2.5.8 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2479
|
|
squid<2.5.7nb4 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194
|
|
squid<2.5.7nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718
|
|
php<3.0.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
|
|
php<3.0.19 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
|
|
mailman<2.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177
|
|
ap-python<2.7.9 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088
|
|
squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19
|
|
ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19
|
|
squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14
|
|
ja-squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14
|
|
mailman<2.1.5 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1143
|
|
htdig<3.1.6nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0085
|
|
postgresql-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245
|
|
postgresql73-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245
|
|
postgresql74-lib<7.4.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245
|
|
postgresql80-lib<8.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245
|
|
# intagg not installed
|
|
#postgresql73-lib-7.3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246
|
|
#postgresql74-lib-7.4.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246
|
|
#postgresql80-lib-8.0.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246
|
|
postgresql-lib-7.3.[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247
|
|
postgresql73-lib<7.3.9nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247
|
|
postgresql74-lib<7.4.7nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247
|
|
postgresql80-lib<8.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247
|
|
gftp<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372
|
|
gftp-gtk1<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372
|
|
vim-share<6.3.046 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069
|
|
imap-uw<2004b remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0198
|
|
unace<1.2.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0160
|
|
unace<1.2.2nb1 no-path-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0161
|
|
wu-ftpd<2.6.2nb3 denial-of-service http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities
|
|
cups<1.1.23nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206
|
|
ImageMagick<6.2.0.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397
|
|
cyrus-sasl<2.1.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0373
|
|
kdenetwork<=3.1.5 local-domain-spoofing http://www.kde.org/info/security/advisory-20050228-1.txt
|
|
realplayer<10.6 remote-code-execution http://service.real.com/help/faq/security/050224_player
|
|
RealPlayerGold<10.0.2 remote-code-execution http://service.real.com/help/faq/security/050224_player
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 dialog-spoofing http://www.mozilla.org/security/announce/mfsa2005-16.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 data-leak http://www.mozilla.org/security/announce/mfsa2005-19.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 download-source-spoofing http://www.mozilla.org/security/announce/mfsa2005-23.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html
|
|
firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html
|
|
thunderbird{,-bin,-gtk2}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html
|
|
thunderbird{,-bin,-gtk2}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html
|
|
sylpheed<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250
|
|
sylpheed-claws<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250
|
|
sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250
|
|
ethereal<0.10.10 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00018.html
|
|
xpm<3.4knb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
|
|
openmotif<2.1.30nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
|
|
lesstif<0.94.0nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
|
|
libexif<0.6.11nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664
|
|
putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html
|
|
putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html
|
|
mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709
|
|
mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710
|
|
mysql-server<4.0.24 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
|
|
mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709
|
|
mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710
|
|
mysql-server-4.1.[0-9]{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
|
|
mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709
|
|
mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710
|
|
mysql-server-4.1.10{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711
|
|
kdelibs<3.3.2nb8 denial-of-service http://www.kde.org/info/security/advisory-20050316-1.txt
|
|
kdelibs<3.3.2nb8 domain-name-spoofing http://www.kde.org/info/security/advisory-20050316-2.txt
|
|
kdelibs<3.3.2nb8 local-file-write http://www.kde.org/info/security/advisory-20050316-3.txt
|
|
sun-{jre,jdk}14<2.7 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1
|
|
xli<1.17.0nb2 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638
|
|
xli<1.17.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639
|
|
xli<1.17.0nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775
|
|
wine>20000000<20050419 insecure-temp-file http://www.securityfocus.com/archive/1/393150/2005-03-14/2005-03-20/0
|
|
ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005
|
|
ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759
|
|
ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760
|
|
ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761
|
|
ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762
|
|
ipsec-tools<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-30.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-31.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-32.html
|
|
sylpheed<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429
|
|
sylpheed-claws<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429
|
|
sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429
|
|
gnupg<1.4.1 information-leak http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000191.html
|
|
mit-krb5<1.4nb1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt
|
|
{g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763
|
|
{g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004
|
|
{g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1009
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1090
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1091
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1092
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1093
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1174
|
|
{g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1175
|
|
{g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176
|
|
horde-3.0.[0-3]* cross-site-scripting http://secunia.com/advisories/14730/
|
|
gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1772
|
|
gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1773
|
|
squid<2.5.9nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626
|
|
gtk2+<2.6.4nb1 denial-of-service http://secunia.com/advisories/14775/
|
|
gdk-pixbuf<0.22.0nb5 denial-of-service http://secunia.com/advisories/14776/
|
|
phpmyadmin<2.6.2rc1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3
|
|
gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=13
|
|
gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=14
|
|
gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=15
|
|
xorg-libs<6.8.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
|
|
XFree86-libs<=4.5.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605
|
|
{ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524
|
|
{ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525
|
|
{ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524
|
|
{ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525
|
|
netscape7-[0-9]* privacy-leak http://secunia.com/advisories/14804/
|
|
netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/14996/
|
|
gsharutils<4.2.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0990
|
|
mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957
|
|
sun-{jre,jdk}15-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080
|
|
sun-{jre,jdk}14-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080
|
|
kdelibs-3.4.0{,nb1,nb2} buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046
|
|
kdelibs<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046
|
|
gnome-vfs2-cdda-2.10.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
|
|
gnome-vfs2<2.6.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
|
|
gnome-vfs2-cdda<2.8.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
|
|
gnome-vfs<1.0.5nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
|
|
libcdaudio<0.99.12nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
|
|
gld<1.5 remote-code-execution http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0005.html
|
|
pine<4.62nb2 local-file-write http://secunia.com/advisories/14899/
|
|
openoffice<1.1.4nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941
|
|
openoffice-linux<1.1.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941
|
|
openoffice-bin<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941
|
|
postgrey<1.21 denial-of-service http://secunia.com/advisories/14958/
|
|
php-exif<4.3.11 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042
|
|
php-exif<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043
|
|
cvs<1.11.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753
|
|
realplayer<10.6 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html
|
|
RealPlayerGold<10.0.4 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html
|
|
heimdal<0.6.4 remote-code-execution http://www.pdc.kth.se/heimdal/advisory/2005-04-20/
|
|
mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10
|
|
mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11
|
|
gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10
|
|
gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11
|
|
quanta-3.1.* remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt
|
|
kdewebdev<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt
|
|
kdewebdev-3.4.0 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt
|
|
firefox{-bin,-gtk2,-gtk2-bin}<1.0.3 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html
|
|
firefox{,-gtk1}<1.0.2nb1 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-34.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-39.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html
|
|
gzip-base<1.2.4anb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228
|
|
gzip-base<1.2.4anb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988
|
|
xine-lib<1.0nb2 remote-code-execution http://xinehq.de/index.php/security/XSA-2004-8
|
|
imp<3.2.8 cross-site-scripting http://secunia.com/advisories/15077/
|
|
lsh<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0826
|
|
lsh<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0814
|
|
ImageMagick<6.2.2 heap-overflow http://www.overflow.pl/adv/imheapoverflow.txt
|
|
netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/15103/
|
|
ethereal<0.10.10nb1 denial-of-service http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-04/0447.html
|
|
tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280
|
|
tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279
|
|
tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280
|
|
tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279
|
|
sqwebmail-[0-9]* cross-site-scripting http://secunia.com/advisories/15119/
|
|
php-curl<4.3.11 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392
|
|
horde<2.2.8 cross-site-scripting http://secunia.com/advisories/14730/
|
|
netscape7-[0-9]* remote-code-execution http://www.networksecurity.fi/advisories/netscape-dom.html
|
|
netscape7-[0-9]* authentication-spoofing http://secunia.com/advisories/15267/
|
|
p5-Convert-UUlib<1.05 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1349
|
|
gnutls<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1431
|
|
kdewebdev<3.3.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt
|
|
kdewebdev-3.4.0{,nb1} remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt
|
|
nasm<0.98.39nb1 remote-code-execution https://bugzilla.redhat.com/beta/show_bug.cgi?id=152963
|
|
leafnode<1.11.2 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt
|
|
ethereal<0.10.11 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00019.html
|
|
ethereal<0.10.11 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00019.html
|
|
gaim<1.3.0 buffer-overflow http://gaim.sourceforge.net/security/index.php?id=16
|
|
gaim<1.3.0 denial-of-service http://gaim.sourceforge.net/security/index.php?id=17
|
|
squid<2.5.9nb11 domain-name-spoofing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html
|
|
tiff<3.7.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1544
|
|
bugzilla<2.18.1 information-leak http://www.bugzilla.org/security/2.16.8/
|
|
libexif<0.6.12nb1 denial-of-service http://secunia.com/advisories/15259/
|
|
maradns<1.0.27 weak-rng-source http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng.patch
|
|
p5-Net-SSLeay<1.25 file-permissions http://secunia.com/advisories/15207/
|
|
evolution<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806
|
|
postgresql-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322
|
|
postgresql73-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322
|
|
postgresql74-server<7.4.8 privilege-escalation http://www.postgresql.org/about/news.322
|
|
postgresql80-server<8.0.3 privilege-escalation http://www.postgresql.org/about/news.322
|
|
freeradius<=1.0.2nb1 remote-code-execution http://www.securityfocus.com/bid/13540/
|
|
freeradius<=1.0.2nb1 buffer-overflow http://www.securityfocus.com/bid/13541/
|
|
mysql-server>=4.1.0<4.1.12 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1636
|
|
ImageMagick<6.2.2.3 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-200505-16.xml
|
|
netscape7-[0-9]* cross-site-scripting http://secunia.com/advisories/15437/
|
|
gxine<0.4.5 remote-code-execution http://secunia.com/advisories/15451/
|
|
net-snmp<5.1.2nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740
|
|
net-snmp-5.2.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740
|
|
gedit<2.10.3 remote-code-execution http://secunia.com/advisories/15454/
|
|
squid<2.5.9nb2 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345
|
|
qpopper<4.0.6 privilege-escalation http://secunia.com/advisories/15475/
|
|
bzip2<1.0.3 denial-of-service http://scary.beasts.org/security/CESA-2005-002.txt
|
|
openslp<1.2.1 remote-code-execution http://www.securityfocus.com/advisories/8224
|
|
mhonarc<2.6.11 cross-site-scripting https://savannah.nongnu.org/bugs/index.php?func=detailitem&item_id=12930
|
|
clamav<0.84 osx-privilege-escalation http://www.sentinelchicken.com/advisories/clamav/
|
|
ettercap-0.7.2 remote-code-execution http://secunia.com/advisories/15535/
|
|
qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513
|
|
gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704
|
|
gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704
|
|
gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705
|
|
gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705
|
|
binutils<2.16.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704
|
|
kdbg<1.2.9 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0644
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 http-frame-spoof http://secunia.com/advisories/15601/
|
|
mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 dialog-spoofing http://secunia.com/advisories/15489/
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 http-frame-spoof http://secunia.com/advisories/15601/
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 dialog-spoofing http://secunia.com/advisories/15489/
|
|
leafnode<1.11.3 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt
|
|
xmysqladmin-[0-9]* remote-shell http://www.zataz.net/adviso/xmysqladmin-05292005.txt
|
|
dbus<0.23.1 local-session-hijacking http://secunia.com/advisories/14119/
|
|
gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=18
|
|
gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=19
|
|
libextractor<0.3.11nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064
|
|
libextractor<0.4.2 remote-code-execution http://secunia.com/advisories/15651/
|
|
tcpdump<3.8.3nb2 denial-of-service http://secunia.com/advisories/15634/
|
|
mikmod<3.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0427
|
|
postfix<2.1.5nb5 linux-unauthorised-mail-relaying http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0337
|
|
squirrelmail<1.4.4nb1 remote-code-execution http://www.squirrelmail.org/security/issue/2005-06-15
|
|
opera<8.01 cross-site-scripting http://secunia.com/advisories/15423/
|
|
opera<8.01 remote-security-bypass http://secunia.com/secunia_research/2005-4/advisory/
|
|
opera<8.01 cross-site-scripting http://secunia.com/secunia_research/2005-5/advisory/
|
|
opera<8.01 dialog-spoofing http://secunia.com/advisories/15488/
|
|
sun-{jdk,jre}15<5.0.2 remote-user-access http://secunia.com/advisories/15671/
|
|
acroread7<7.0.1 remote-information-exposure http://www.adobe.com/support/techdocs/331710.html
|
|
acroread7<7.0.1 buffer-overflow http://www.adobe.com/support/techdocs/321644.html
|
|
p5-razor-agents<2.72 denial-of-service http://secunia.com/advisories/15739/
|
|
spamassassin<3.0.4 denial-of-service http://secunia.com/advisories/15704/
|
|
heimdal<0.6.5 buffer-overflow http://www.pdc.kth.se/heimdal/advisory/2005-06-20/
|
|
trac<0.8.4 remote-code-execution http://secunia.com/advisories/15752/
|
|
sudo<1.6.8pl9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1993
|
|
gcpio<2.6nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111
|
|
gcpio<2.6nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229
|
|
tor<0.0.9.10 information-leak http://archives.seul.org/or/announce/Jun-2005/msg00001.html
|
|
ruby18-base<1.8.2nb2 remote-security-bypass http://secunia.com/advisories/15767/
|
|
ruby1{6,8}-xmlrpc4r<1.7.16nb2 remote-security-bypass http://secunia.com/advisories/15767/
|
|
asterisk<1.0.8 remote-code-execution http://www.bindshell.net/voip/advisory-05-013.txt
|
|
p5-CGI<2.94 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615
|
|
perl{,-thread}-5.6.[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615
|
|
perl{,-thread}-5.6.[0-9]* access-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323
|
|
realplayer-[0-9]* remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/
|
|
RealPlayerGold<10.0.5 remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/
|
|
clamav<0.86.1 denial-of-service http://secunia.com/advisories/15811/
|
|
clamav<0.86 denial-of-service http://secunia.com/advisories/15835/
|
|
clamav<0.86 denial-of-service http://secunia.com/advisories/15859/
|
|
dillo<0.8.5 remote-code-execution http://www.dillo.org/ChangeLog.html
|
|
p5-Net-Server<0.88 denial-of-service http://www.derkeiler.com/Mailing-Lists/Securiteam/2005-04/0147.html
|
|
zlib<1.2.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
|
|
net-snmp<5.2.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177
|
|
bugzilla<2.18.2 information-leak http://www.bugzilla.org/security/2.18.1/
|
|
unalz<0.40 buffer-overflow http://www.kipple.pe.kr/win/unalz/
|
|
mit-krb5<1.4.2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt
|
|
mit-krb5<1.4.2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt
|
|
squirrelmail<1.4.5 remote-file-write http://www.squirrelmail.org/security/issue/2005-07-13
|
|
polsms<2.0.2 privilege-escalation http://secunia.com/advisories/16038/
|
|
elmo<1.3.2 local-file-write http://secunia.com/advisories/15977/
|
|
audit-packages<1.35 no-vulnerability-but-missing-file-format-check-support http://mail-index.netbsd.org/pkgsrc-changes/2005/06/07/0036.html
|
|
centericq<=4.20.0 local-file-write http://secunia.com/advisories/15913/
|
|
phppgadmin<3.5.4 remote-information-exposure http://secunia.com/advisories/15941/
|
|
cups<1.1.21rc1 acl-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 cross-site-scripting http://secunia.com/advisories/15549/
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 multiple-vulnerabilities http://secunia.com/advisories/16043/
|
|
ekg<1.6nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916
|
|
ekg<1.6nb2 insecure-temp-files http://www.debian.org/security/2005/dsa-760
|
|
ekg<1.6nb2 shell-command-injection http://www.debian.org/security/2005/dsa-760
|
|
kdebase-3.[2-3].[0-9]{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt
|
|
kdebase-3.4.0{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt
|
|
php<4.3.11nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921
|
|
php<4.3.11nb1 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html
|
|
fetchmail<6.2.5nb5 remote-user-shell http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
|
|
kdenetwork-3.3.* remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt
|
|
kdenetwork-3.4.{0,0nb*,1} remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt
|
|
rsnapshot<1.1.7 privilege-escalation http://www.rsnapshot.org/security/2005/001.html
|
|
zlib<1.2.3 denial-of-service http://secunia.com/advisories/16137/
|
|
clamav<0.86.2 denial-of-service http://secunia.com/advisories/16180/
|
|
clamav<0.86.2 buffer-overflow http://secunia.com/advisories/16180/
|
|
vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<6.3.082 local-code-execution http://secunia.com/advisories/16206/
|
|
vim<6.3.082 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368
|
|
ethereal<0.10.12 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00020.html
|
|
ethereal<0.10.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00020.html
|
|
p5-Compress-Zlib<1.35 denial-of-service http://secunia.com/advisories/16137/
|
|
unzip<5.52nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475
|
|
rsync<2.6.6 null-pointer-dereference http://lists.samba.org/archive/rsync-announce/2005/000032.html
|
|
msf<2.4nb2 remote-security-bypass http://secunia.com/advisories/16318/
|
|
proftpd<1.2.10nb4 format-string http://secunia.com/advisories/16181/
|
|
jabberd-2.0s[2-8]{,nb*} buffer-overflows http://secunia.com/advisories/16291/
|
|
gopher<3.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1853
|
|
gaim<1.4.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370
|
|
kadu<0.4.1 denial-of-service http://secunia.com/advisories/16238/
|
|
opera<8.02 dialog-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2405
|
|
opera<8.02 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2406
|
|
suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849
|
|
suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
|
|
netpbm<10.28 local-code-execution http://secunia.com/advisories/16184/
|
|
acroread5<5.0.11 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625
|
|
acroread5<5.0.11 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841
|
|
apache-2.0.[0-4][0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088
|
|
apache-2.0.5[0-3]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088
|
|
apache-2.0.54{,nb[12]} cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088
|
|
awstats<6.4nb1 remote-command-execution http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities
|
|
inkscape<0.42 insecure-temp-files http://secunia.com/advisories/16343/
|
|
mysql-server<4.0.25 local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html
|
|
mysql-server<4.0.25 buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html
|
|
mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html
|
|
mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html
|
|
xpdf<3.00pl3nb1 denial-of-service http://secunia.com/advisories/16374/
|
|
kdegraphics-3.3.[0-9]{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt
|
|
kdegraphics-3.4.0{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt
|
|
kdegraphics-3.4.1 denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt
|
|
gaim<1.4.0nb2 denial-of-service http://secunia.com/advisories/16379/
|
|
gaim<1.4.0nb2 remote-command-execution http://secunia.com/advisories/16379/
|
|
cups<1.1.23nb3 denial-of-service http://secunia.com/advisories/16380/
|
|
wine>20000000<20050524nb1 insecure-temp-files http://secunia.com/advisories/16352/
|
|
wine-20050725 insecure-temp-files http://secunia.com/advisories/16352/
|
|
xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1725
|
|
xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1726
|
|
xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0665
|
|
kdeedu-3.[0-3].* privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt
|
|
kdeedu-3.4.{0*,1,2} privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt
|
|
thunderbird{,-bin,-gtk1}<1.0.5 disabled-scripting-bypass http://www.mozilla.org/security/announce/mfsa2005-46.html
|
|
netscape7-7.2{,nb*} cross-site-scripting http://secunia.com/advisories/15553/
|
|
netscape8<8.0.3.3 cross-site-scripting http://secunia.com/advisories/15553/
|
|
netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16185/
|
|
netscape7-7.2{,nb*} arbitrary-code-execution http://secunia.com/advisories/16044/
|
|
netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16044/
|
|
netscape7-7.2{,nb*} local-security-bypass http://secunia.com/advisories/16044/
|
|
netscape8<8.0.3.3 local-security-bypass http://secunia.com/advisories/16044/
|
|
centericq<4.20.0nb2 denial-of-service http://secunia.com/advisories/16240/
|
|
centericq<4.20.0nb2 shell-command-injection http://secunia.com/advisories/16240/
|
|
evolution<2.2.2nb2 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html
|
|
evolution-2.2.3 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html
|
|
gpdf-2.10.0 denial-of-service http://secunia.com/advisories/16400/
|
|
mantis<0.19.2 cross-site-scripting http://secunia.com/advisories/16506/
|
|
mantis<0.19.2 sql-injection http://secunia.com/advisories/16506/
|
|
elm<2.5.8 remote-user-shell http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0692.html
|
|
pcre<6.2 arbitrary-code-execution http://secunia.com/advisories/16502/
|
|
mplayer<1.0rc7nb2 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt
|
|
gmplayer<1.0rc7nb1 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt
|
|
tor<0.1.0.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2643
|
|
cvs<1.11.20nb2 local-privilege-escalation http://secunia.com/advisories/16553/
|
|
apache-2.0.[1-4][0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
|
|
apache-2.0.5[0-3]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
|
|
apache-2.0.54{,nb[123]} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
|
|
pam-ldap-169{,nb*} authentication-bypass http://secunia.com/advisories/16518/
|
|
pam-ldap-17[0-9]{,nb*} authentication-bypass http://secunia.com/advisories/16518/
|
|
gnats<4.1.0nb1 local-file-write http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180
|
|
apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728
|
|
apache-2.0.5[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728
|
|
apache-2.0.54{,nb[123]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728
|
|
phpmyadmin<2.6.4rc1 cross-site-scripting http://secunia.com/advisories/16605/
|
|
sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16539/
|
|
sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16600/
|
|
ntp<4.2.0nb7 listener-permissions http://secunia.com/advisories/16602/
|
|
phpldapadmin<0.9.6cnb4 authentication-bypass http://secunia.com/advisories/16611/
|
|
gopher<3.0.11 buffer-overflow http://secunia.com/advisories/16614/
|
|
phpldapadmin<0.9.6cnb4 remote-code-execution http://secunia.com/advisories/16617/
|
|
php-5.0.[0-3]{,nb*} remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921
|
|
php-5.0.[0-3]{,nb*} remote-command-execution http://www.hardened-php.net/advisory_142005.66.html
|
|
php-5.0.4 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921
|
|
php-5.0.4 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html
|
|
gnumeric<1.2.13nb3 arbitrary-code-execution http://secunia.com/advisories/16584/
|
|
gnumeric-1.4.[0-2]{,nb*} arbitrary-code-execution http://secunia.com/advisories/16584/
|
|
gnumeric-1.4.3 arbitrary-code-execution http://secunia.com/advisories/16584/
|
|
apache-2.0.[1-4][0-9]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
|
|
apache-2.0.5[0-3]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
|
|
apache-2.0.54{,nb[1234]} weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
|
|
ap-ssl<2.8.24 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700
|
|
nikto<1.35nb1 cross-site-scripting http://secunia.com/advisories/16669/
|
|
kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt
|
|
kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt
|
|
kdebase-3.4.[01]{,nb*} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt
|
|
kdebase-3.4.2{,nb1} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt
|
|
squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2794
|
|
squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2796
|
|
gg2<2.2.8 denial-of-service http://secunia.com/advisories/16241/
|
|
gg2<2.2.8 remote-command-execution http://secunia.com/advisories/16241/
|
|
openttd<0.4.0.1nb1 denial-of-service http://secunia.com/advisories/16696/
|
|
openttd<0.4.0.1nb1 remote-command-execution http://secunia.com/advisories/16696/
|
|
freeradius<1.0.5 sql-injection http://www.freeradius.org/security.html
|
|
freeradius<1.0.5 denial-of-service http://www.freeradius.org/security.html
|
|
gcvs<1.0nb2 local-privilege-escalation http://secunia.com/advisories/16553/
|
|
netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/
|
|
netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/
|
|
sqwebmail<5.0.4nb2 cross-site-scripting http://secunia.com/advisories/16704/
|
|
silc-server<1.0nb1 local-privilege-escalation http://secunia.com/advisories/16659/
|
|
chmlib<0.36 remote-command-execution http://morte.jedrea.com/~jedwin/projects/chmlib/
|
|
chmlib<0.36 buffer-overflow http://morte.jedrea.com/~jedwin/projects/chmlib/
|
|
snort<2.4.0nb1 denial-of-service http://marc.theaimsgroup.com/?l=vuln-dev&m=112655297606335&w=2
|
|
xchat<2.4.5 unspecified http://www.xchat.org/
|
|
imake>=3<4.4.0nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc
|
|
xorg-imake<6.8.2nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc
|
|
clamav<0.87 buffer-overflow http://secunia.com/advisories/16848/
|
|
clamav<0.87 denial-of-service http://secunia.com/advisories/16848/
|
|
gtexinfo<4.8nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011
|
|
rdiff-backup<1.0.1 information-disclosure http://secunia.com/advisories/16774/
|
|
arc<5.21enb2 insecure-temp-files http://www.zataz.net/adviso/arc-09052005.txt
|
|
zebedee<2.5.3 denial-of-service http://sourceforge.net/mailarchive/forum.php?thread_id=8134987&forum_id=2055
|
|
openssh<4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798
|
|
python24<2.4.1 buffer-overflow http://secunia.com/advisories/16793/
|
|
python24-pth<2.4.1 buffer-overflow http://secunia.com/advisories/16793/
|
|
python23<2.3.5nb3 buffer-overflow http://secunia.com/advisories/16793/
|
|
python23-pth<2.3.5nb1 buffer-overflow http://secunia.com/advisories/16793/
|
|
python23-nth<2.3.5nb2 buffer-overflow http://secunia.com/advisories/16793/
|
|
python22<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/
|
|
python22-pth<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/
|
|
xorg-libs<6.8.2nb2 buffer-overflow http://secunia.com/advisories/16790/
|
|
XFree86-libs<4.4.0nb4 buffer-overflow http://secunia.com/advisories/16777/
|
|
mit-krb5<1.8.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488
|
|
pam-ldap<180 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069
|
|
nss_ldap<240 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069
|
|
opera<8.50 cross-site-scripting http://secunia.com/advisories/16645/
|
|
opera<8.50 file-spoofing http://secunia.com/advisories/16645/
|
|
bacula<1.36.3nb1 insecure-temp-files http://secunia.com/advisories/16866/
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.frsirt.com/english/advisories/2005/1794
|
|
ruby16-base<1.6.8nb2 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html
|
|
ruby18-base<1.8.2nb4 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html
|
|
hylafax<4.2.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3069
|
|
hylafax<4.2.1nb1 insecure-socket http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3070
|
|
p7zip<4.27 remote-code-execution http://secunia.com/advisories/16664/
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa200
|
|
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-58.html
|
|
mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html
|
|
mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-58.html
|
|
#poppassd-4.[0-9]* local-privilege-escalation http://secunia.com/advisories/16935/
|
|
abiword<2.2.10 buffer-overflow http://www.abisource.com/changelogs/2.2.10.phtml
|
|
eric3<3.7.2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3068
|
|
{ap-,}php<4.4.0nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3054
|
|
realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710
|
|
RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710
|
|
uim<0.4.9.1 privilege-escalation http://lists.freedesktop.org/archives/uim/2005-September/001346.html
|
|
netscape7-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/16944/
|
|
thunderbird{,-bin,-gtk1}<1.0.7 multiple-vulnerabilities http://www.mozilla.org/security/announce/mfsa2005-58.html
|
|
thunderbird{,-bin,-gtk1}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html
|
|
squid<2.5.10nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917
|
|
mpeg_encode<1.5bnb3 privilege-escalation http://secunia.com/advisories/17008/
|
|
weex<2.6.1nb1 local-code-execution http://secunia.com/advisories/17028/
|
|
apachetop<0.12.5nb1 insecure-temp-files http://www.zataz.net/adviso/apachetop-09022005.txt
|
|
blender<2.37anb2 local-code-execution http://secunia.com/advisories/17013/
|
|
blender-2.41 local-code-execution http://secunia.com/advisories/17013/
|
|
bugzilla<2.18.4 information-leak http://www.bugzilla.org/security/2.18.4/
|
|
imap-uw<2004enb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933
|
|
openssl<0.9.7h information-leak http://www.openssl.org/news/secadv_20051011.txt
|
|
koffice<1.4.2 local-code-execution http://www.kde.org/info/security/advisory-20051011-1.txt
|
|
phpmyadmin<2.6.4pl2 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4
|
|
xine-lib<1.0.3 remote-users-shell http://xinehq.de/index.php/security/XSA-2005-1
|
|
unrar<3.5.4 remote-code-execution http://www.rarlabs.com/rarnew.htm
|
|
curl<7.15.0 remote-code-execution http://curl.haxx.se/mail/lib-2005-10/0061.html
|
|
wget-1.10 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html
|
|
wget-1.10.1 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html
|
|
abiword<2.4.1 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-006.txt
|
|
clamav<0.87.1 denial-of-service http://secunia.com/advisories/17184/
|
|
clamav<0.87.1 denial-of-service http://secunia.com/advisories/17434/
|
|
clamav<0.87.1 remote-code-execution http://www.zerodayinitiative.com/advisories/ZDI-05-002.html
|
|
lynx<2.8.5.3 remote-users-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120
|
|
snort-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/
|
|
snort-mysql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/
|
|
snort-pgsql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/
|
|
graphviz<2.6 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2965
|
|
squid<2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258
|
|
ethereal<0.10.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00021.html
|
|
sudo<1.6.8pl9nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2959
|
|
chmlib<0.37.3 remote-code-execution http://66.93.236.84/~jedwin/projects/chmlib/
|
|
mantis<1.0.0rc3 sql-injection http://secunia.com/advisories/16818/
|
|
phpmyadmin<2.6.4pl3 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5
|
|
netpbm<10.25 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978
|
|
xli<1.17.0nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775
|
|
wget<1.10 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487
|
|
wget<1.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488
|
|
wget-1.9{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014
|
|
wget-1.9.1{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014
|
|
php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html
|
|
php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.78.html
|
|
php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.77.html
|
|
php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.79.html
|
|
php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.78.html
|
|
php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.77.html
|
|
openvpn<2.0.3 denial-of-service http://secunia.com/advisories/17376/
|
|
openvpn<2.0.3 remote-code-execution http://secunia.com/advisories/17376/
|
|
ethereal<0.10.13nb1 denial-of-service http://secunia.com/advisories/17370/
|
|
chmlib<0.36 remote-code-execution http://www.idefense.com/application/poi/display?id=332&type=vulnerabilities&flashstatus=true
|
|
fetchmailconf<6.2.5nb3 insecure-file-permissions http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt
|
|
skype<1.2.0.18 remote-code-execution http://secunia.com/advisories/17305/
|
|
python21<2.1.3nb8 remote-code-execution http://secunia.com/advisories/16914/
|
|
python21-pth<2.1.3nb7 remote-code-execution http://secunia.com/advisories/16914/
|
|
rsaref<2.0p3 buffer-overrun http://www.cert.org/advisories/CA-1999-15.html
|
|
libgda<1.2.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2958
|
|
libwww<5.4.0nb4 denial-of-service http://secunia.com/advisories/17119/
|
|
zope-2.6.[0-9]* remote-code-execution http://secunia.com/advisories/17173/
|
|
openvmps<=1.3 remote-code-execution http://www.security.nnov.ru/Jdocument889.html
|
|
libungif<4.1.3nb3 denial-of-service http://secunia.com/advisories/17436/
|
|
libungif<4.1.3nb3 remote-code-execution http://secunia.com/advisories/17436/
|
|
{ns,moz-bin,firefox-bin}-flash<7.0.25 remote-code-execution http://secunia.com/advisories/17430/
|
|
sudo<1.6.8pl9nb2 privilege-escalation http://www.sudo.ws/sudo/alerts/perl_env.html
|
|
emacs-21.2.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232
|
|
sylpheed<2.0.4 local-code-execution http://secunia.com/advisories/17492/
|
|
spamassassin<3.0.4nb2 denial-of-service http://secunia.com/advisories/17386/
|
|
sylpheed-2.1.[0-5]* local-code-execution http://secunia.com/advisories/17492/
|
|
phpmyadmin<2.6.4pl4 http-header-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6
|
|
opera<8.51 remote-user-shell http://secunia.com/advisories/16907/
|
|
opera<8.51 remote-user-shell http://secunia.com/advisories/17437/
|
|
ipsec-tools<0.6.3 denial-of-service http://secunia.com/advisories/17668/
|
|
horde-3.0.[0-6]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759
|
|
horde<2.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3570
|
|
micq<0.4.10.4 denial-of-service http://www.micq.org/news.shtml.en
|
|
gtk2+<2.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
|
|
gtk2+-2.8.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
|
|
gtk2+<2.6.10nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
|
|
gtk2+-2.8.[0-6]{,nb*} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
|
|
gdk-pixbuf<0.22.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
|
|
gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976
|
|
gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
|
|
acid-[0-9]* cross-site-scripting http://secunia.com/advisories/17552/
|
|
acid-[0-9]* sql-injection http://secunia.com/advisories/17552/
|
|
thttpd<2.25bnb4 insecure-temp-files http://secunia.com/advisories/17454/
|
|
rar-linux<3.5.1 format-string http://secunia.com/advisories/17524/
|
|
rar-linux<3.5.1 buffer-overflow http://secunia.com/advisories/17524/
|
|
gaim-encryption<2.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4693
|
|
mailman<2.1.6nb1 denial-of-service http://secunia.com/advisories/17511/
|
|
ghostscript-afpl<8.51nb1 insecure-temp-files http://secunia.com/advisories/12903/
|
|
ghostscript-esp<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/
|
|
ghostscript-esp-nox11<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/
|
|
ghostscript-gnu<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/
|
|
ghostscript-gnu-nox11<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/
|
|
ghostscript<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/
|
|
ghostscript-nox11<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/
|
|
suse{,32}_gtk2<9.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975
|
|
suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976
|
|
suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186
|
|
sun-{jre,jdk}13<1.0.16 local-file-write http://secunia.com/advisories/17748/
|
|
sun-{jre,jdk}14<2.9 local-file-write http://secunia.com/advisories/17748/
|
|
sun-{jre,jdk}15<5.0.4 local-file-write http://secunia.com/advisories/17748/
|
|
blackdown-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080
|
|
sun-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080
|
|
fastjar<0.93nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619
|
|
inkscape-0.4[1-2]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3737
|
|
webmin<1.170nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912
|
|
webmin<1.170nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912
|
|
unalz<0.53 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3862
|
|
kadu<0.4.2 denial-of-service http://secunia.com/advisories/17764/
|
|
centericq<4.20.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694
|
|
centericq-4.21.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694
|
|
xpdf<3.01pl1nb2 buffer-overflow http://secunia.com/advisories/17897/
|
|
kdegraphics<3.4.2nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt
|
|
kdegraphics-3.4.3 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt
|
|
koffice<1.4.1nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt
|
|
koffice-1.4.2{,nb1} buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt
|
|
Ffmpeg<0.4.9pre1 buffer-overflow http://secunia.com/advisories/17892/
|
|
horde<3.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4080
|
|
phpmyadmin<2.7.0 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-8
|
|
phpmyadmin<2.7.0pl1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9
|
|
curl<7.15.1 unknown http://www.hardened-php.net/advisory_242005.109.html
|
|
php<4.4.1 cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html
|
|
php-5.0.[0-5]{,nb1} cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html
|
|
php<4.4.1 global-variables http://www.hardened-php.net/advisory_192005.78.html
|
|
php-5.0.[0-5]{,nb1} global-variables http://www.hardened-php.net/advisory_192005.78.html
|
|
php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html
|
|
php-5.0.[0-5]{,nb1} remote-code-execution http://www.hardened-php.net/advisory_202005.79.html
|
|
ethereal<0.10.13nb2 remote-code-execution http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities
|
|
mplayer<1.0rc7nb6 buffer-overflow http://secunia.com/advisories/17892/
|
|
gmplayer<1.0rc7nb4 buffer-overflow http://secunia.com/advisories/17892/
|
|
mencoder<1.0rc7nb2 buffer-overflow http://secunia.com/advisories/17892/
|
|
gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
|
|
gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
|
|
gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
|
|
poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
|
|
poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
|
|
poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
|
|
poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
|
|
poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
|
|
poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
|
|
dropbear<0.46nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-4178
|
|
mantis<1.0.0rc4 cross-site-scripting http://secunia.com/advisories/18181/
|
|
horde-3.0.[0-7]* cross-site-scripting http://secunia.com/advisories/17970/
|
|
turba<2.0.5 cross-site-scripting http://secunia.com/advisories/17968/
|
|
apache-2.0.[1-4][0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
|
|
apache-2.0.5[0-4]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
|
|
apache-2.0.55{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
|
|
apache<1.3.34nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352
|
|
cups<1.1.23nb4 arbitrary-code-execution http://secunia.com/advisories/17976/
|
|
opera<8.02 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2407
|
|
opera<8.51 denial-of-service http://secunia.com/advisories/17963/
|
|
libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
|
|
libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
|
|
libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
|
|
trac<0.9.2 sql-injection http://projects.edgewall.com/trac/wiki/ChangeLog
|
|
perl<5.8.7nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962
|
|
sun-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/
|
|
sun-{jre,jdk}14-* denial-of-service http://secunia.com/advisories/17478/
|
|
sun-{jre,jdk}15-* denial-of-service http://secunia.com/advisories/17478/
|
|
blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba
|
|
blackdown-{jre,jdk}13-* privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity
|
|
blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1
|
|
blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1
|
|
blackdown-{jre,jdk}13-* local-file-write http://secunia.com/advisories/17748/
|
|
blackdown-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/
|
|
fetchmail<6.2.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-4348
|
|
realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629
|
|
RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629
|
|
bugzilla<2.20 insecure-temp-files http://secunia.com/advisories/18218/
|
|
scponly<4.0 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046
|
|
rssh<2.2.2 arbitrary-command-execution http://www.pizzashack.org/rssh/security.shtml
|
|
rssh<2.2.3 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046
|
|
rssh<2.3.0 privilege-escalation http://www.pizzashack.org/rssh/security.shtml
|
|
scponly<4.2 privilege-escalation http://www.sublimation.org/scponly/
|
|
scponly<4.2 arbitrary-command-execution http://www.sublimation.org/scponly/
|
|
ethereal<0.10.14 denial-of-service http://secunia.com/advisories/18229/
|
|
kdegraphics<3.5.0nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt
|
|
koffice<1.4.2nb4 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt
|
|
openmotif<2.2.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964
|
|
mantis<1.0.0rc4nb2 sql-injection http://secunia.com/advisories/18254/
|
|
mantis<1.0.0rc4nb2 information-disclosure http://secunia.com/advisories/18254/
|
|
adodb<4.70 sql-injection http://secunia.com/advisories/17418/
|
|
adodb<4.70 information-disclosure http://secunia.com/advisories/17418/
|
|
poppler<0.4.4 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-003.txt
|
|
ytalk<3.2.0 denial-of-service http://www.impul.se/ytalk/ChangeLog
|
|
trac<0.9.3 cross-site-scripting http://secunia.com/advisories/18048/
|
|
blender<2.37nb3 denial-of-service http://secunia.com/advisories/18176/
|
|
blender>=2.38<2.40 denial-of-service http://secunia.com/advisories/18176/
|
|
gcpio<2.6nb2 denial-of-service http://secunia.com/advisories/18251/
|
|
gcpio<2.6nb2 arbitrary-code-execution http://secunia.com/advisories/18251/
|
|
rxvt-unicode<6.3 local-privilege-escalation http://secunia.com/advisories/18301/
|
|
pine<4.64 buffer-overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=313
|
|
clamav<0.88 heap-overflow http://secunia.com/advisories/18379/
|
|
bitlbee<1.0 denial-of-service http://get.bitlbee.org/devel/CHANGES
|
|
hylafax-4.2.3{,nb*} privilege-escalation http://secunia.com/advisories/18314/
|
|
hylafax-4.2.[0-3]{,nb*} local-privilege-escalation http://secunia.com/advisories/18314/
|
|
hylafax-4.2.[2-3]{,nb*} local-command-execution http://secunia.com/advisories/18314/
|
|
ap-auth-ldap<1.6.1 arbitrary-code-execution http://secunia.com/advisories/18382/
|
|
sudo<1.6.8pl12nb1 privilege-escalation http://secunia.com/advisories/18358/
|
|
wine>20000000<20060000 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106
|
|
wine<0.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106
|
|
tor<=0.1.1.12-alpha information-disclosure http://archives.seul.org/or/announce/Jan-2006/msg00001.html
|
|
mantis<1.0.0rc5 cross-site-scripting http://secunia.com/advisories/18434/
|
|
tuxpaint<0.9.14nb6 insecure-temp-file http://secunia.com/advisories/18475/
|
|
kdelibs<3.5.0nb2 buffer-overflow http://www.kde.org/info/security/advisory-20060119-1.txt
|
|
php-5.0.[0-9]{,nb*} inject-http-headers http://secunia.com/advisories/18431/
|
|
php-5.1.[0-1]{,nb*} inject-http-headers http://secunia.com/advisories/18431/
|
|
php5-mysqli>=5.1.0<5.1.2 arbitrary-code-execution http://secunia.com/advisories/18431/
|
|
php-5.0.[0-9]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/
|
|
php-5.1.[0-1]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/
|
|
vmware<5.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4459
|
|
xpdf<3.01pl2 denial-of-service http://secunia.com/advisories/18303/
|
|
xpdf<3.01pl2 arbitrary-code-execution http://secunia.com/advisories/18303/
|
|
cups<1.1.23nb8 denial-of-service http://secunia.com/advisories/18332/
|
|
cups<1.1.23nb8 arbitrary-code-execution http://secunia.com/advisories/18332/
|
|
antiword<0.37nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3126
|
|
sun-{jdk,jre}15<5.0.4 arbitrary-code-execution http://secunia.com/advisories/17748/
|
|
sun-{jdk,jre}14<2.9 arbitrary-code-execution http://secunia.com/advisories/17748/
|
|
sun-{jdk,jre}13<1.0.16 arbitrary-code-execution http://secunia.com/advisories/17748/
|
|
mailman-2.1.[4-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153
|
|
teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/17916/
|
|
teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/17916/
|
|
teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/17916/
|
|
teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/
|
|
teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/
|
|
teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/17916/
|
|
teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/18329/
|
|
teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/18329/
|
|
teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/18329/
|
|
teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/
|
|
teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/
|
|
teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/18329/
|
|
apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357
|
|
apache-2.0.5[0-4]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357
|
|
apache-2.0.55{,nb[1234]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357
|
|
mod-auth-pgsql-[0-9]* format-string http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3656
|
|
xine-lib<1.0.3anb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048
|
|
xine-lib<1.0.3anb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048
|
|
mydns-{mysql,pgsql}<1.1.0 denial-of-service http://secunia.com/advisories/18532/
|
|
adodb<4.71 sql-injection http://secunia.com/advisories/18575/
|
|
ImageMagick<6.2.6.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601
|
|
ImageMagick<6.2.6.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082
|
|
libast<0.6.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224
|
|
png-1.2.[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481
|
|
png-1.0.1[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481
|
|
p5-Mail-Audit<1.21nb2 privilege-escalation http://secunia.com/advisories/18656/
|
|
kdegraphics<3.5.0nb2 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt
|
|
kdegraphics-3.5.1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt
|
|
heimdal<0.7.2 privilege-escalation http://www.pdc.kth.se/heimdal/advisory/2006-02-06/
|
|
firefox{,-bin,-gtk1}-1.5 remote-code-execution http://www.mozilla.org/security/announce/mfsa2006-04.html
|
|
libtool-base<1.5.18nb7 insecure-temp-files http://lists.gnu.org/archive/html/libtool/2005-12/msg00076.html
|
|
php>=5<5.1.0 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883
|
|
php<4.4.2 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883
|
|
openssh<4.3.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
|
|
gnutls<1.2.10 denial-of-service http://secunia.com/advisories/18794/
|
|
gnutls-1.3.[0-3]{,nb*} denial-of-service http://secunia.com/advisories/18794/
|
|
libtasn1<0.2.18 denial-of-service http://secunia.com/advisories/18794/
|
|
sun-{jdk,jre}15<5.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614
|
|
sun-{jdk,jre}14<2.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614
|
|
sun-{jdk,jre}13<1.0.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614
|
|
sun-{jdk,jre}15<5.0.6 remote-code-execution http://secunia.com/advisories/18762/
|
|
adzap<20060129 denial-of-service http://secunia.com/advisories/18771/
|
|
pam-mysql<0.6.2 arbitrary-code-execution http://secunia.com/advisories/18598/
|
|
exim<3.36nb6 arbitrary-code-execution http://secunia.com/advisories/16502/
|
|
exim>=4.0<4.53 arbitrary-code-execution http://secunia.com/advisories/16502/
|
|
noweb<2.9anb3 insecure-temp-files http://secunia.com/advisories/18809/
|
|
honeyd<1.0nb2 remote-information-exposure http://www.honeyd.org/adv.2006-01
|
|
honeyd>=1.1<1.5 remote-information-exposure http://www.honeyd.org/adv.2006-01
|
|
lighttpd<1.4.9 remote-information-exposure http://secunia.com/product/4661/
|
|
gnupg<1.4.2.1 verification-bypass http://secunia.com/advisories/18845/
|
|
dovecot>0.99.99<1.0beta3 denial-of-service http://secunia.com/advisories/18870/
|
|
tin<1.8.1 buffer-overflow ftp://ftp.tin.org/pub/news/clients/tin/stable/CHANGES
|
|
opera<8.52 www-address-spoof http://secunia.com/advisories/17571/
|
|
bugzilla<2.20.1 sql-injection http://www.securityfocus.com/archive/1/425584/30/0/threaded
|
|
bugzilla<2.20.1 cross-site-scripting http://www.securityfocus.com/archive/1/425584/30/0/threaded
|
|
bugzilla<2.20.1 information-exposure http://www.securityfocus.com/archive/1/425584/30/0/threaded
|
|
postgresql73-server<7.3.14 denial-of-service http://secunia.com/advisories/18890/
|
|
postgresql74-server<7.4.12 denial-of-service http://secunia.com/advisories/18890/
|
|
postgresql80-server<8.0.7 denial-of-service http://secunia.com/advisories/18890/
|
|
postgresql81-server<8.1.3 denial-of-service http://secunia.com/advisories/18890/
|
|
postgresql81-server<8.1.3 privilege-escalation http://secunia.com/advisories/18890/
|
|
bomberclone<0.11.6nb3 remote-code-execution http://secunia.com/advisories/18914/
|
|
libextractor<0.5.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
|
|
snort<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839
|
|
snort-mysql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839
|
|
snort-pgsql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839
|
|
monotone<0.25.2 remote-code-execution http://venge.net/monotone/NEWS
|
|
gnupg<1.4.2.2 incorrect-signature-verification http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html
|
|
p5-Crypt-CBC<2.17 weak-encryption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0898
|
|
namazu<2.0.16 directory-traversal http://www.namazu.org/security.html.en#dir-traversal
|
|
base<1.2.2 sql-injection http://sourceforge.net/forum/forum.php?forum_id=529375
|
|
drupal<4.6.6 security-bypass http://drupal.org/files/sa-2006-001/advisory.txt
|
|
drupal<4.6.6 cross-site-scripting http://drupal.org/files/sa-2006-002/advisory.txt
|
|
drupal<4.6.6 session-fixation http://drupal.org/files/sa-2006-003/advisory.txt
|
|
drupal<4.6.6 mail-header-injection http://drupal.org/files/sa-2006-004/advisory.txt
|
|
horde<3.1 information-disclosure http://secunia.com/advisories/19246/
|
|
curl-7.15.[0-2]{,nb*} buffer-overflow http://curl.haxx.se/docs/adv_20060320.html
|
|
xorg-server>=6.9.0<6.9.0nb7 privilege-escalation http://lists.freedesktop.org/archives/xorg/2006-March/013992.html
|
|
xorg-server>=6.9.0<6.9.0nb7 denial-of-service http://lists.freedesktop.org/archives/xorg/2006-March/013992.html
|
|
freeradius<1.1.1 denial-of-service http://secunia.com/advisories/19300/
|
|
sendmail>=8.13<8.13.5nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865
|
|
sendmail<8.12.11nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865
|
|
phpmyadmin<2.8.0.2 cross-site-scripting http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0
|
|
horde>=3.0<3.1.1 remote-code-execution http://lists.horde.org/archives/announce/2006/000271.html
|
|
{ns,moz-bin,firefox-bin}-flash<7.0.63 remote-code-execution http://www.us-cert.gov/cas/techalerts/TA06-075A.html
|
|
RealPlayerGold<10.0.7 remote-code-execution http://service.real.com/realplayer/security/03162006_player/en/
|
|
p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1279
|
|
p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1280
|
|
samba<3.0.22 insecure-log-files http://www.samba.org/samba/security/CAN-2006-1059.html
|
|
dia>=0.87<0.94nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550
|
|
mantis<1.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1577
|
|
mysql-server>=3.0<4.1.20 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903
|
|
mysql-server>=5.0<5.0.20nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903
|
|
php>=5.0<5.1.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490
|
|
php<4.4.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490
|
|
ap-php>=5.0<5.1.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490
|
|
ap-php<4.4.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490
|
|
freeciv-server<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0047
|
|
lsh<1.4.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353
|
|
lsh>=2.0.0<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353
|
|
lsh<1.4.3nb4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353
|
|
lsh>=2.0.0<2.0.2 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353
|
|
clamav<0.88.1 denial-of-service http://secunia.com/advisories/19534/
|
|
clamav<0.88.1 remote-code-execution http://secunia.com/advisories/19534/
|
|
phpmyadmin<2.8.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1
|
|
mailman<2.1.8rc1 cross-site-scripting http://secunia.com/advisories/19558/
|
|
mplayer<1.0rc7nb10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579
|
|
gmplayer<1.0rc7nb6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579
|
|
mencoder<1.0rc7nb4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579
|
|
xscreensaver<4.16 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294
|
|
xscreensaver<4.16 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655
|
|
php>=5.0<5.1.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996
|
|
php<4.4.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996
|
|
ap-php>=5.0<5.1.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996
|
|
ap-php<4.4.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996
|
|
php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
|
|
php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
|
|
ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
|
|
ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
|
|
ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
|
|
ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494
|
|
php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608
|
|
php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608
|
|
ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608
|
|
ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608
|
|
ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608
|
|
ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html
|
|
firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
|
|
thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
|
|
thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
|
|
mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html
|
|
firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
|
|
thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
|
|
thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
|
|
mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
|
|
firefox{,-bin,-gtk1}<1.0.8 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html
|
|
mozilla{,-bin,-gtk2}<1.7.13 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html
|
|
firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
|
|
thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
|
|
thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
|
|
mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
|
|
firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html
|
|
seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html
|
|
phpmyadmin<2.8.0.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2
|
|
amaya<9.5 remote-code-execution http://secunia.com/advisories/19670/
|
|
cy2-digestmd5<2.1.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1721
|
|
xzgv<0.8.0.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060
|
|
xine-ui<0.99.2nb5 remote-code-execution http://secunia.com/advisories/19671/
|
|
xine-ui-0.99.4{,nb1} remote-code-execution http://secunia.com/advisories/19671/
|
|
ethereal<0.99.0 remote-code-execution http://www.ethereal.com/docs/release-notes/ethereal-0.99.0.html
|
|
trac<0.9.5 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/
|
|
ja-trac<0.9.5.1 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/
|
|
i2cbd<2.0_BETA3 denial-of-service http://www.draga.com/~jwise/i2cb/
|
|
adodb<4.72 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0806
|
|
squirrelmail<1.4.6 cross-site-scripting http://secunia.com/advisories/18985/
|
|
squirrelmail<1.4.6 imap-injection http://secunia.com/advisories/18985/
|
|
unrealircd<3.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1214
|
|
firefox{,-gtk1}>=1.5<1.5.0.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993
|
|
firefox-bin>=1.5<1.5.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993
|
|
clamav<0.88.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1989
|
|
asterisk<1.2.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827
|
|
cgiirc<0.5.8 remote-code-execution http://secunia.com/advisories/19922/
|
|
miredo<0.8.2 security-bypass http://www.simphalempin.com/dev/miredo/mtfl-sa-0601.shtml.en
|
|
xorg-server>=6.8.0<6.9.0nb10 remote-code-execution http://lists.freedesktop.org/archives/xorg/2006-May/015136.html
|
|
nagios-base<2.3 remote-code-execution https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890
|
|
i2cbd<=2.0_BETA4 denial-of-service http://www.draga.com/~jwise/i2cb/
|
|
crossfire-server<1.9.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1236
|
|
dovecot>0.99.99<1.0beta8 remote-file-listing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2414
|
|
php<4.4.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990
|
|
php>=5<5.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990
|
|
php>=5<5.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991
|
|
php>=5.1<5.1.4 unknown http://secunia.com/advisories/19927/
|
|
phpldapadmin<0.9.8.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2016
|
|
mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
|
|
mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
|
|
mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
|
|
mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
|
|
mysql-server>=5.0<5.0.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518
|
|
nagios-base<2.3.1 remote-code-execution http://secunia.com/advisories/20123/
|
|
quagga<0.98.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223
|
|
quagga>0.99<0.99.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223
|
|
zebra-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223
|
|
quagga<0.98.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224
|
|
quagga>0.99<0.99.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224
|
|
zebra-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224
|
|
quagga<0.98.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276
|
|
quagga>0.99<0.99.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276
|
|
zebra-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276
|
|
tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0405
|
|
tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2024
|
|
tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025
|
|
tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026
|
|
tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2120
|
|
xine-lib<1.0.3anb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664
|
|
awstats<6.6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1945
|
|
awstats<6.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2237
|
|
quake3arena<1.32c remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236
|
|
quake3arena<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236
|
|
quake3server<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236
|
|
quake3server-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2875
|
|
abcmidi<2006-04-22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1514
|
|
openldap<2.3.22 buffer-overflow http://secunia.com/advisories/20126/
|
|
libextractor<0.5.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458
|
|
freetype2<2.1.10nb3 remote-code-execution http://secunia.com/advisories/20100/
|
|
dia<0.95.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480
|
|
cscope<15.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541
|
|
binutils<2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362
|
|
firefox{,-bin,-gtk1}<1.5.0.5 information-exposure http://secunia.com/advisories/20244/
|
|
mozilla{,-bin,-gtk2}-[0-9]* information-exposure http://secunia.com/advisories/20256/
|
|
netscape7-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942
|
|
netscape7-[0-9]* information-exposure http://secunia.com/advisories/20255/
|
|
postgresql73-server<7.3.15 sql-injection http://secunia.com/advisories/20231/
|
|
postgresql74-server<7.4.13 sql-injection http://secunia.com/advisories/20231/
|
|
postgresql80-server<8.0.8 sql-injection http://secunia.com/advisories/20231/
|
|
postgresql81-server<8.1.4 sql-injection http://secunia.com/advisories/20231/
|
|
drupal<4.6.7 sql-injection http://drupal.org/files/sa-2006-005/advisory.txt
|
|
drupal<4.6.7 arbitrary-code-execution http://drupal.org/files/sa-2006-006/advisory.txt
|
|
mpg123<0.59.18nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655
|
|
mpg123-esound<0.59.18nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655
|
|
mpg123-nas<0.59.18nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655
|
|
tor<0.1.1.20 multiple-vulnerabilities http://secunia.com/advisories/20277/
|
|
awstats<6.6nb1 security-bypass http://secunia.com/advisories/20164/
|
|
drupal-4.7.[0-1]* arbitrary-code-execution http://drupal.org/node/66763
|
|
drupal-4.7.[0-1]* cross-site-scripting http://drupal.org/node/66767
|
|
drupal<4.6.8 arbitrary-code-execution http://drupal.org/node/66763
|
|
drupal<4.6.8 cross-site-scripting http://drupal.org/node/66767
|
|
firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-36.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html
|
|
firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html
|
|
seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html
|
|
{ja-,}squirrelmail<1.4.6nb3 remote-file-read http://www.squirrelmail.org/security/issue/2006-06-01
|
|
snort{,-mysql,-pgsql}<2.4.5 security-bypass http://secunia.com/advisories/20413/
|
|
mysql-server>=4.0<4.1.20 sql-injection http://secunia.com/advisories/20365/
|
|
mysql-server>=5.0<5.0.22 sql-injection http://secunia.com/advisories/20365/
|
|
base<1.2.5 remote-file-read http://secunia.com/advisories/20300/
|
|
asterisk<1.2.9.1 denial-of-service http://www.asterisk.org/node/95
|
|
spamassassin<3.1.3 arbitrary-code-execution http://secunia.com/advisories/20430/
|
|
tiff<3.8.2nb2 arbitrary-code-execution http://secunia.com/advisories/20488/
|
|
firefox{,2}{,-bin,-gtk1}<2.0.0.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
|
|
seamonkey{,-bin,-gtk1}<1.1.5 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
|
|
mozilla{,-bin,-gtk2}-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
|
|
netscape7-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
|
|
courier-mta<0.53.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2659
|
|
gdm<2.8.0.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452
|
|
gdm>=2.14<2.14.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452
|
|
sge<6.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0408
|
|
sge<6.0.8 security-bypass http://secunia.com/advisories/20518/
|
|
0verkill<0.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2971
|
|
php<4.4.2 arbitrary-code-execution http://pear.php.net/advisory-20051104.txt
|
|
pear-5.0.[0-9]* arbitrary-code-execution http://pear.php.net/advisory-20051104.txt
|
|
kadu<0.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0768
|
|
irssi<0.8.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0458
|
|
crossfire-server<1.9.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010
|
|
crossfire-server<1.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010
|
|
dropbear<0.48 arbitrary-code-execution http://secunia.com/advisories/18964/
|
|
p5-libapreq2<2.07 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0042
|
|
amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2691
|
|
amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2692
|
|
openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1998
|
|
openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999
|
|
jabberd>=2<2.0s11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1329
|
|
unalz<0.55 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0950
|
|
ap{2,22}-py{15,20,21,22,23,24,25,26,27,31}-python<3.2.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1095
|
|
zoo<2.10.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1269
|
|
sylpheed<2.2.6 security-bypass http://secunia.com/advisories/20577/
|
|
kiax<0.8.51 remote-code-execution http://secunia.com/advisories/20567/
|
|
acroread7<7.0.8 unknown http://www.adobe.com/support/techdocs/327817.html
|
|
sendmail<8.12.11nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
|
|
sendmail>=8.13<8.13.6nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
|
|
gd<2.0.33nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906
|
|
arts<1.5.1nb2 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt
|
|
arts>=1.5.2<1.5.3nb1 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt
|
|
kdebase<3.5.1nb4 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt
|
|
kdebase>=3.5.2<3.5.3nb1 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt
|
|
horde>=3.0<3.1.1nb2 cross-site-scripting http://secunia.com/advisories/20661/
|
|
mutt<1.4.2.1nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242
|
|
mutt>=1.5<1.5.11nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242
|
|
chmlib<0.38 remote-file-write http://secunia.com/advisories/20734/
|
|
netpbm<10.34 denial-of-service http://secunia.com/advisories/20729/
|
|
gnupg<1.4.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
|
|
gnupg-devel<1.9.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
|
|
opera<9.0 remote-code-execution http://secunia.com/advisories/20787/
|
|
opera<9.0 ssl-cert-spoofing http://secunia.com/secunia_research/2006-49/advisory/
|
|
php<4.4.2nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011
|
|
php>=5.0<5.1.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011
|
|
emech<3.0.2 denial-of-service http://secunia.com/advisories/20805/
|
|
hashcash<1.21 denial-of-service http://secunia.com/advisories/20800/
|
|
gftp<2.0.18nb5 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup
|
|
gftp<2.0.18nb4 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup
|
|
xine-lib<1.0.3anb10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802
|
|
php4-curl<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563
|
|
php5-curl<5.1.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563
|
|
sun-{jre,jdk}1{3,4,5}-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426
|
|
png<1.2.12 arbitrary-code-execution http://www.securityfocus.com/bid/18698
|
|
openoffice2{,-bin}<2.0.3 security-bypass http://www.openoffice.org/security/CVE-2006-2199.html
|
|
openoffice2{,-bin}<2.0.3 arbitrary-code-execution http://www.openoffice.org/security/CVE-2006-2198.html
|
|
openoffice2{,-bin}<2.0.3 buffer-overflow http://www.openoffice.org/security/CVE-2006-3117.html
|
|
geeklog<1.4.0.3nb2 remote-code-execution http://secunia.com/advisories/20886/
|
|
webmin<1.290 remote-information-exposure http://secunia.com/advisories/20892/
|
|
phpmyadmin<2.8.1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804
|
|
phpmyadmin<2.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4
|
|
samba<3.0.22nb2 denial-of-service http://www.samba.org/samba/security/CAN-2006-3403.html
|
|
trac<0.9.6 cross-site-scripting http://secunia.com/advisories/20958/
|
|
ja-trac<0.9.6.1 cross-site-scripting http://secunia.com/advisories/20958/
|
|
trac<0.9.6 remote-information-exposure http://secunia.com/advisories/20958/
|
|
ja-trac<0.9.6.1 remote-information-exposure http://secunia.com/advisories/20958/
|
|
{ja-,}squirrelmail<1.4.7 remote-information-exposure http://www.securityfocus.com/bid/17005
|
|
geeklog<1.4.0.5 cross-site-scripting http://secunia.com/advisories/21094/
|
|
hyperestraier>=0.5.0<1.3.3 cross-site-request-forgeries http://secunia.com/advisories/21049/
|
|
ruby18-base<1.8.4nb4 security-bypass http://secunia.com/advisories/21009/
|
|
gimp>=2<2.2.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404
|
|
gimp>=2.3.0<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404
|
|
asterisk<1.2.10 denial-of-service http://secunia.com/advisories/21071/
|
|
horde>=3.0<3.1.2 cross-site-scripting http://secunia.com/advisories/20954/
|
|
zoo<2.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0855
|
|
apache-tomcat>=5.5.0<5.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510
|
|
pngcrush<1.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849
|
|
ethereal-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627
|
|
x11vnc<0.8.2 remote-authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450
|
|
wv2<0.2.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197
|
|
apache<1.3.35 cross-site-scripting http://secunia.com/advisories/21172/
|
|
apache>2.0<2.0.58 cross-site-scripting http://secunia.com/advisories/21172/
|
|
freeciv-server-2.0.[0-8]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3913
|
|
libmikmod-3.2.2 arbitrary-code-execution http://secunia.com/advisories/21196/
|
|
p5-Net-Server<0.88 denial-of-service http://secunia.com/advisories/21149/
|
|
firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html
|
|
firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html
|
|
seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html
|
|
thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html
|
|
apache<1.3.37 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
|
|
apache>2.0<2.0.59 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747
|
|
postfix>=2.2.0<2.2.11 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/08/01/0000.html
|
|
postfix>=2.3.0<2.3.1 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/07/25/0002.html
|
|
gnupg<1.4.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746
|
|
suse{,32}_libtiff<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0001.html
|
|
suse{,32}_freetype2<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html
|
|
mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031
|
|
mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226
|
|
mysql-server>5.0<5.0.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031
|
|
mysql-server>5.0<5.0.25 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226
|
|
mysql-server>5.0<5.0.25 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227
|
|
mysql-server>5.0<5.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420
|
|
mysql-server>5.0<5.0.40 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583
|
|
mysql-server<4.1.22nb1 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
|
|
mysql-server>5.0<5.0.40 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
|
|
mysql-server>5.0<5.0.40 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692
|
|
tiff<3.8.2nb3 multiple-vulnerabilities http://secunia.com/advisories/21304/
|
|
drupal<4.6.9 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt
|
|
drupal<4.7.3 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt
|
|
cfs<1.4.1nb6 denial-of-service http://secunia.com/advisories/21310/
|
|
hobbit<4.0b6nb10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4003
|
|
sge-5.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3941
|
|
php>4.0<4.4.3 remote-unknown http://secunia.com/advisories/21328/
|
|
clamav<0.88.4 remote-code-execution http://secunia.com/advisories/21374/
|
|
php>4.0<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020
|
|
php>5.0<5.1.4nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020
|
|
lesstif>=0.78<=0.85.3 privilege-escalation http://secunia.com/advisories/21428/
|
|
mit-krb5<1.4.2nb3 privilege-escalation http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt
|
|
heimdal<0.7.2nb3 privilege-escalation http://secunia.com/advisories/21436/
|
|
bomberclone<0.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4005
|
|
bomberclone<0.11.7 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4006
|
|
{ja-,}squirrelmail<1.4.8 remote-information-exposure http://secunia.com/advisories/21354/
|
|
{ja-,}squirrelmail<1.4.8 remote-data-manipulation http://secunia.com/advisories/21354/
|
|
ImageMagick<6.2.9.0 arbitrary-code-execution http://secunia.com/advisories/21462/
|
|
horde<3.1.3 cross-site-scripting http://secunia.com/advisories/21500/
|
|
imp<4.1.3 cross-site-scripting http://secunia.com/advisories/21533/
|
|
miredo<0.9.7 denial-of-service http://www.simphalempin.com/dev/miredo/mtfl-sa-0603.shtml.en
|
|
miredo<0.9.8 unknown http://mail-index.netbsd.org/pkgsrc-changes/2006/08/15/0026.html
|
|
php<4.4.4 multiple-vulnerabilities http://secunia.com/advisories/21546/
|
|
php>5.0<5.1.5 multiple-vulnerabilities http://secunia.com/advisories/21546/
|
|
binutils<2.17 arbitrary-code-execution http://secunia.com/advisories/21508/
|
|
libwmf<0.2.8.4nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376
|
|
honeyd<1.5b denial-of-service http://secunia.com/advisories/21591/
|
|
XFree86-libs<4.4.0nb8 arbitrary-code-execution http://secunia.com/advisories/21446/
|
|
xorg-libs<6.9.0nb7 arbitrary-code-execution http://secunia.com/advisories/21450/
|
|
xorg-server<6.9.0nb12 arbitrary-code-execution http://secunia.com/advisories/21450/
|
|
libtunepimp<0.4.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600
|
|
mplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502
|
|
gmplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502
|
|
mencoder<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502
|
|
freetype2<2.2.1nb2 arbitrary-code-execution http://secunia.com/advisories/21450/
|
|
wireshark<0.99.3 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html
|
|
ethereal>=0.7.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html
|
|
ImageMagick<6.2.9.1 arbitrary-code-execution http://secunia.com/advisories/21615/
|
|
asterisk<1.2.11 remote-code-execution http://secunia.com/advisories/21600/
|
|
cscope<15.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4262
|
|
streamripper<1.61.26 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124
|
|
sendmail>8.13<8.13.8 denial-of-service http://secunia.com/advisories/21637/
|
|
musicbrainz<2.1.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197
|
|
cube-[0-9]* denial-of-service http://aluigi.altervista.org/adv/evilcube-adv.txt
|
|
cube-[0-9]* remote-code-execution http://aluigi.altervista.org/adv/evilcube-adv.txt
|
|
zope25-CMFPlone>2.0<2.5 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1711
|
|
tor<0.1.1.23 denial-of-service http://secunia.com/advisories/21708/
|
|
tor<0.1.1.23 bypass-security-restrictions http://secunia.com/advisories/21708/
|
|
gtetrinet<0.7.7nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3125
|
|
openoffice2{,-bin}<2.0.2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077
|
|
webmin<1.296 cross-site-scripting http://secunia.com/advisories/21690/
|
|
webmin<1.296 remote-information-disclosure http://secunia.com/advisories/21690/
|
|
gdb>6<6.2.1nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146
|
|
gtar-base<1.15.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300
|
|
gtar-base<1.15.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300
|
|
openldap-server<2.3.25 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600
|
|
openldap<2.3.25 bypass-security-restrictions http://secunia.com/advisories/21721/
|
|
mailman<2.1.9rc1 denial-of-service http://secunia.com/advisories/21732/
|
|
mailman<2.1.9rc1 cross-site-scripting http://secunia.com/advisories/21732/
|
|
sendmail<8.12.11nb4 denial-of-service http://secunia.com/advisories/21637/
|
|
bind>9.3<9.3.2nb2 denial-of-service http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en
|
|
openssl<0.9.7inb2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
|
|
xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411
|
|
xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412
|
|
xorg-clients<6.9.0nb9 privilege-escalation http://secunia.com/advisories/21650/
|
|
xorg-libs<6.9.0nb10 privilege-escalation http://secunia.com/advisories/21650/
|
|
xorg-server<6.9.0nb13 privilege-escalation http://secunia.com/advisories/21650/
|
|
firefox{,-bin,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html
|
|
thunderbird{,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html
|
|
seamonkey{,-bin,-gtk1}<1.0.5 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html
|
|
firefox-bin<1.5.0.7 auto-update-spoof http://www.mozilla.org/security/announce/2006/mfsa2006-58.html
|
|
firefox{,-bin,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
|
|
thunderbird{,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
|
|
seamonkey{,-bin,-gtk1}<1.0.5 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html
|
|
firefox{,-bin,-gtk1}<1.5.0.7 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html
|
|
seamonkey{,-bin,-gtk1}<1.0.5 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html
|
|
firefox{,-bin,-gtk1}<1.5.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-62.html
|
|
thunderbird{,-gtk1}<1.5.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html
|
|
seamonkey{,-bin,-gtk1}<1.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html
|
|
{firefox-bin,moz-bin,ns}-flash<7.0.68 remote-code-execution http://www.adobe.com/support/security/bulletins/apsb06-11.html
|
|
XFree86-libs<4.4.0nb9 arbitrary-code-execution http://secunia.com/advisories/21890/
|
|
gnutls<1.4.4 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790
|
|
gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334
|
|
gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
|
|
gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
|
|
gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336
|
|
gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
|
|
gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
|
|
cabextract<1.2 buffer-overflow http://www.kyz.uklinux.net/cabextract.php
|
|
openssh<4.3.1nb1 denial-of-service http://secunia.com/advisories/22091/
|
|
openssl<0.9.7inb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2006-4343
|
|
opera<9.02 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
|
|
opera<9.02 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819
|
|
wireshark<0.99.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-01.html
|
|
wireshark<0.99.2 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2006-01.html
|
|
phpmyadmin<2.9.0.1 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-5
|
|
ffmpeg-0.4.* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800
|
|
mono<1.1.13.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072
|
|
php-4.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178
|
|
php-5.[01]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178
|
|
php<4.3.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812
|
|
php>5.0<5.1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812
|
|
php<4.4.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625
|
|
php>5.0<5.1.6nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625
|
|
openssh<4.3.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
|
|
openssh+gssapi<4.4 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
|
|
openssh+gssapi<4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
|
|
bugzilla<2.22.1 cross-site-scripting http://www.bugzilla.org/security/2.18.5/
|
|
bugzilla<2.22.1 information-leakage http://www.bugzilla.org/security/2.18.5/
|
|
asterisk<1.2.13 remote-code-execution http://www.asterisk.org/node/109
|
|
drupal<4.7.4 cross-site-scripting http://drupal.org/files/sa-2006-024/advisory.txt
|
|
drupal<4.7.4 cross-site-request-forgeries http://drupal.org/files/sa-2006-025/advisory.txt
|
|
drupal<4.7.4 html-attribute-injection http://drupal.org/files/sa-2006-026/advisory.txt
|
|
postgresql73-server<7.3.16 denial-of-service http://www.postgresql.org/about/news.664
|
|
postgresql74-server<7.4.14 denial-of-service http://www.postgresql.org/about/news.664
|
|
postgresql80-server<8.0.9 denial-of-service http://www.postgresql.org/about/news.664
|
|
postgresql81-server<8.1.5 denial-of-service http://www.postgresql.org/about/news.664
|
|
qt3-libs<3.3.6nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
|
|
qt4-libs<4.1.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
|
|
sge<6.0.11 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1
|
|
milter-greylist-3.0rc[45] denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/10/27/0006.html
|
|
ingo<1.1.2 procmail-local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5449
|
|
screen<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573
|
|
wireshark<0.99.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-03.html
|
|
mutt<1.4.2.2nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297
|
|
mutt<1.4.2.2nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298
|
|
mutt>=1.5.0<1.5.13nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297
|
|
mutt>=1.5.0<1.5.13nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298
|
|
ruby18-base<1.8.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467
|
|
php>=5.0<5.1.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465
|
|
php>=4.0<4.4.4nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465
|
|
phpmyadmin<2.9.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6
|
|
milter-greylist<3.0rc7 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/11/07/0024.html
|
|
firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html
|
|
thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html
|
|
seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html
|
|
firefox{,-bin,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html
|
|
thunderbird{,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html
|
|
seamonkey{,-bin,-gtk1}<1.0.6 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html
|
|
firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html
|
|
thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html
|
|
seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html
|
|
libarchive<1.3.1 denial-of-service http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc
|
|
openssh<4.5.1 security-bypass http://secunia.com/advisories/22771/
|
|
trac<0.10.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049
|
|
ja-trac<0.10.0.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049
|
|
ja-trac<0.10.0.3 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049
|
|
ja-trac>=0.10.1.1<0.10.2.1 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049
|
|
png<1.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
|
|
suse{,32}_libpng<10.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
|
|
proftpd<1.3.0nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815
|
|
gv<3.6.2nb1 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864
|
|
gtexinfo<4.8nb6 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810
|
|
dovecot>0.99.99<1.0rc7nb1 buffer-overflow http://www.dovecot.org/list/dovecot-news/2006-November/000023.html
|
|
dovecot>=1.0rc8<1.0rc15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5973
|
|
phpmyadmin<2.9.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7
|
|
phpmyadmin<2.9.1.1 information-leakage http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8
|
|
phpmyadmin<2.9.1.1 weak-acl-enforcement http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9
|
|
fvwm>=2.4<2.4.19nb4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969
|
|
fvwm>=2.5<2.5.18nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969
|
|
imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806
|
|
imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807
|
|
imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808
|
|
imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809
|
|
openldap-client<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779
|
|
openldap-server<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779
|
|
gnupg<1.4.5nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
|
|
gnupg2<2.0.0nb3 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
|
|
gnupg-devel<1.9.22nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
|
|
gnupg-devel>=1.9.23 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
|
|
lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
|
|
lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335
|
|
lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337
|
|
lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338
|
|
gtar-base<1.15.1nb4 overwrite-arbitrary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
|
|
libgsf<1.14.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514
|
|
tnftpd<20040810nb1 remote-code-execution http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html
|
|
kdegraphics<=3.5.4 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt
|
|
kdegraphics>=3.1.0<=3.5.5 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt
|
|
links{,-gui}<2.1.0.26 remote-command-execution http://secunia.com/advisories/22905/
|
|
elinks<0.11.2 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5925
|
|
kile<1.9.3 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6085
|
|
evince<0.6.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864
|
|
{ja-,}squirrelmail<1.4.9a cross-site-scripting http://secunia.com/advisories/23195/
|
|
xine-lib<=1.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200
|
|
xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172
|
|
xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800
|
|
mplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800
|
|
gmplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800
|
|
mencoder<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800
|
|
koffice-1.4.[0-9]* code-execution http://www.kde.org/info/security/advisory-20061205-1.txt
|
|
koffice-1.6.0 code-execution http://www.kde.org/info/security/advisory-20061205-1.txt
|
|
fprot-workstation-bin<4.6.7 denial-of-service http://www.securityfocus.com/bid/21420
|
|
ruby18-base<1.8.5.20061205 denial-of-service http://www.securityfocus.com/bid/21441
|
|
gnupg<1.4.6 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html
|
|
gnupg2<2.0.0nb4 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html
|
|
gnupg-devel-[0-9]* buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html
|
|
ImageMagick<6.3.0.3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
|
|
GraphicsMagick<1.1.7 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
|
|
proftpd<1.3.0a remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171
|
|
wv<1.2.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513
|
|
net-snmp>=5.3<5.3.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-6305
|
|
kronolith<2.1.4 local-file-inclusion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6175
|
|
clamav<0.88.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481
|
|
mantis<1.0.8 remote-information-disclosure http://secunia.com/advisories/23258/
|
|
sylpheed<2.2.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920
|
|
sylpheed-claws<2.2.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920
|
|
tor<0.1.1.26 privacy-leak http://archives.seul.org/or/announce/Dec-2006/msg00000.html
|
|
dbus<0.92nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107
|
|
dbus>=1.0<1.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107
|
|
gdm<2.16.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6105
|
|
{firefox-bin,moz-bin,ns}-flash<7.0.69 inject-http-headers http://www.adobe.com/support/security/bulletins/apsb06-18.html
|
|
clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182
|
|
clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295
|
|
libksba<0.9.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5111
|
|
libmodplug<0.8.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4192
|
|
firefox{,-bin,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
|
|
firefox{,-bin,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html
|
|
firefox{,-bin,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html
|
|
firefox{,-bin,-gtk1}>=1.5.0.4<1.5.0.9 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 rss-referer-leak http://www.mozilla.org/security/announce/2006/mfsa2006-75.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-76.html
|
|
thunderbird{,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
|
|
thunderbird{,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html
|
|
thunderbird{,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html
|
|
thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html
|
|
seamonkey{,-bin,-gtk1}<1.0.7 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html
|
|
seamonkey{,-bin,-gtk1}<1.0.7 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html
|
|
seamonkey{,-bin,-gtk1}<1.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html
|
|
seamonkey{,-bin,-gtk1}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html
|
|
seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html
|
|
pam-ldap<183 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-5170
|
|
mono<1.2.2 source-code-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104
|
|
sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
|
|
sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
|
|
sun-{jdk,jre}15<5.0.7 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
|
|
sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
|
|
sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
|
|
sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
|
|
sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1
|
|
sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1
|
|
sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1
|
|
w3m<0.5.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772
|
|
miredo<1.0.6 authentication-spoofing http://www.simphalempin.com/dev/miredo/mtfl-sa-0604.shtml.en
|
|
fetchmail<6.3.6 password-disclosure http://www.fetchmail.info/fetchmail-SA-2006-02.txt
|
|
fetchmail-6.3.5* denial-of-service http://www.fetchmail.info/fetchmail-SA-2006-03.txt
|
|
drupal<4.7.5 cross-site-scripting http://drupal.org/files/sa-2007-001/advisory.txt
|
|
drupal<4.7.5 denial-of-service http://drupal.org/files/sa-2007-002/advisory.txt
|
|
bzip2<1.0.4 permissions-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953
|
|
gtexinfo-4.8nb6 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/01/08/0037.html
|
|
opera<8.10 remote-code-execution http://secunia.com/advisories/23613/
|
|
acroread7<7.0.9 cross-site-scripting http://www.adobe.com/support/security/advisories/apsa07-01.html
|
|
vlc<0.8.6a arbitrary-code-execution http://www.videolan.org/sa0701.html
|
|
modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101
|
|
modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102
|
|
modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103
|
|
xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101
|
|
xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102
|
|
xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103
|
|
mplayer<1.0rc9nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172
|
|
gmplayer<1.0rc9nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172
|
|
mencoder<1.0rc9nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172
|
|
kdenetwork<3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070109-1.txt
|
|
kdegraphics>=3.2.0<=3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt
|
|
koffice>=1.2<=1.6.1nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt
|
|
mit-krb5<1.4.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143
|
|
bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519321296&w=2
|
|
bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764&w=2
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<0.95.1 privilege-escalation http://secunia.com/advisories/23826/
|
|
squid<2.6.7 denial-of-service http://secunia.com/advisories/23767/
|
|
rubygems<0.9.0nb2 overwrite-arbitrary-files http://www.frsirt.com/english/advisories/2007/0295
|
|
ap{,13,2,22}-auth-kerb<5.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989
|
|
drupal<4.7.6 remote-code-execution http://drupal.org/node/113935
|
|
bugzilla<2.22.2 cross-site-scripting http://www.bugzilla.org/security/2.20.3/
|
|
wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456
|
|
wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457
|
|
wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458
|
|
wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459
|
|
samba<3.0.24 denial-of-service http://samba.org/samba/security/CVE-2007-0452.html
|
|
samba<3.0.24 solaris-buffer-overflow http://samba.org/samba/security/CVE-2007-0453.html
|
|
samba<3.0.24 vfs-format-string http://samba.org/samba/security/CVE-2007-0454.html
|
|
kdelibs<3.5.6nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt
|
|
poppler<0.5.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104
|
|
php>5<5.2.1 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905
|
|
php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
|
|
php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
|
|
php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
|
|
php>5<5.2.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
|
|
php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
|
|
php>5<5.2.1 unspecified-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
|
|
snort{,-mysql,-pgsql}<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931
|
|
clamav<0.90 denial-of-service http://secunia.com/advisories/24187/
|
|
spamassassin<3.1.8 denial-of-service http://secunia.com/advisories/24197/
|
|
mimedefang>=2.59<=2.60 denial-of-service http://secunia.com/advisories/24133/
|
|
mimedefang>=2.59<=2.60 remote-code-execution http://secunia.com/advisories/24133/
|
|
libsoup-devel<2.2.99 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5876
|
|
gd<2.0.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
|
|
rar-bin<3.7beta1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855
|
|
unrar<3.7.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855
|
|
xine-ui<0.99.4nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254
|
|
amarok<1.4.5nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979
|
|
snort>=2.6.1<2.6.1.3 remote-code-execution http://www.snort.org/docs/advisory-2007-02-19.html
|
|
firefox{,-bin,-gtk1}<1.5.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html
|
|
seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html
|
|
firefox{,-bin,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html
|
|
thunderbird{,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html
|
|
seamonkey{,-bin,-gtk1}<1.0.8 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.1 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html
|
|
nss<3.11.5 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html
|
|
firefox{,-bin,-gtk1}<1.5.0.10 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.2 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html
|
|
seamonkey{,-bin,-gtk1}<1.0.8 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html
|
|
firefox{,-bin,-gtk1}-1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html
|
|
firefox{,-bin,-gtk1}-2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html
|
|
seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html
|
|
firefox{,-bin,-gtk1}<1.5.0.10 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.2 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
|
|
seamonkey{,-bin,-gtk1}<1.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.1 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
|
|
seamonkey{,-bin,-gtk1}<1.0.8 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.1 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html
|
|
thunderbird{,-gtk1}<1.5.0.10 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html
|
|
php<4.4.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
|
|
silc-server<1.0.3 denial-of-service http://silcnet.org/general/news/?item=security_20070306_1
|
|
trac<0.10.3.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1
|
|
ja-trac<0.10.3.1.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1
|
|
p5-CGI-Session<4.12 sql-injection http://osdir.com/ml/lang.perl.modules.cgi-session.user/2006-04/msg00004.html
|
|
horde<3.1.4 cross-site-scripting http://lists.horde.org/archives/announce/2007/000315.html
|
|
horde<3.1.4 arbitrary-file-removal http://lists.horde.org/archives/announce/2007/000315.html
|
|
libwpd<0.8.9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002
|
|
phpmyadmin<2.10.0.2 denial-of-service http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
|
|
squid<2.6.12 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_1.txt
|
|
zope29<2.9.4nb4 privilege-escalation http://www.zope.org/Products/Zope/Hotfix-2007-03-20/
|
|
openafs<1.4.4 privilege-escalation http://www.openafs.org/security/OPENAFS-SA-2007-001.txt
|
|
asterisk<1.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306
|
|
asterisk<1.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561
|
|
file<4.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
|
|
dovecot<1.0rc15nb1 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html
|
|
dovecot>=1.0rc16<1.0rc29 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html
|
|
xorg-server<1.2.0nb2 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
|
|
libXfont<1.2.7nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
|
|
libX11<1.1.1nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html
|
|
qt3-libs<3.3.8nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
|
|
qt4-libs<4.2.3nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
|
|
kdelibs<3.5.6nb3 information-disclosure http://www.kde.org/info/security/advisory-20070326-1.txt
|
|
openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002
|
|
openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238
|
|
openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239
|
|
openoffice<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466
|
|
openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002
|
|
openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238
|
|
openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239
|
|
openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466
|
|
freetype2<2.3.2nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
|
|
xmms<1.2.10nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0653
|
|
ipsec-tools<0.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841
|
|
fetchmail<6.3.8 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
|
|
lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870
|
|
lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869
|
|
opera<9.20 cross-site-scripting http://www.opera.com/support/search/view/855/
|
|
opera<9.20 unknown-impact http://www.opera.com/support/search/view/858/
|
|
bind>=9.4.0<9.4.1 denial-of-service http://www.isc.org/index.pl?/sw/bind/bind-security.php
|
|
postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
|
|
postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
|
|
postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
|
|
postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
|
|
postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
|
|
postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
|
|
postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
|
|
postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
|
|
postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555
|
|
postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556
|
|
postgresql74-server<7.4.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
|
|
postgresql80-server<8.0.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
|
|
postgresql81-server<8.1.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
|
|
postgresql82-server<8.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138
|
|
php4-gd<4.4.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
|
|
php5-gd<5.2.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
|
|
zziplib<0.10.82nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1614
|
|
squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09
|
|
squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262
|
|
ja-squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09
|
|
ja-squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262
|
|
zoo<2.10.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669
|
|
php4-mssql<4.4.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411
|
|
php5-mssql<5.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411
|
|
samba>=3.0.23d<3.0.24nb2 privilege-elevation http://www.samba.org/samba/security/CVE-2007-2444.html
|
|
samba>=3.0.0<3.0.24nb2 remote-code-execution http://www.samba.org/samba/security/CVE-2007-2446.html
|
|
samba>=3.0.0<3.0.24nb2 remote-command-execution http://www.samba.org/samba/security/CVE-2007-2447.html
|
|
php{4,5}-pear<1.5.4 arbitrary-code-execution http://pear.php.net/advisory-20070507.txt
|
|
clamav<0.90.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997
|
|
clamav<0.90.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2029
|
|
png<1.2.17 denial-of-service http://secunia.com/advisories/25292/
|
|
quagga<0.98.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995
|
|
quagga>0.99<0.99.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995
|
|
freetype2<2.3.2nb2 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200
|
|
freetype2>=2.3.3<2.3.4nb1 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200
|
|
ap{2,22}-modsecurity{,2}>2<2.1.1 bypass-request-rules http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1359
|
|
gimp>2.2<2.2.13nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356
|
|
gimp-base<1.2.5nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356
|
|
gimp-2.2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356
|
|
eggdrop<=1.6.17nb1 arbitrary-code-execution http://www.eggheads.org/bugzilla/show_bug.cgi?id=462
|
|
mutt<1.4.2.3 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
|
|
mutt<1.4.2.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683
|
|
ap{,2,22}-jk<1.2.23 directory-traversal http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1
|
|
ap{,2,22}-jk>=1.2.19<=1.2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774
|
|
apache-tomcat<=5.5.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195
|
|
apache-tomcat<5.5.22 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
|
|
jakarta-tomcat4<=4.1.24 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
|
|
jakarta-tomcat5<=5.0.19 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
|
|
firefox{,-bin,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
|
|
thunderbird{,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
|
|
seamonkey{,-bin,-gtk1}<1.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
|
|
thunderbird{,-gtk1}<1.5.0.12 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.4 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html
|
|
seamonkey{,-bin,-gtk1}<1.0.9 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.2 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html
|
|
firefox{,-bin,-gtk1}<1.5.0.12 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html
|
|
seamonkey{,-bin,-gtk1}<1.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html
|
|
seamonkey{,-bin,-gtk1}>=1.1<1.1.2 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html
|
|
clamav<0.90.3 buffer-overflows http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html
|
|
apache>=2.2.4<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862
|
|
php>5.0<5.2.3nb1 integer-overflow http://www.php.net/ChangeLog-5.php#5.2.3
|
|
php>5.0<5.2.3 denial-of-service http://www.php.net/ChangeLog-5.php#5.2.3
|
|
php>5.0<5.2.3 filtering-bypass http://www.php.net/ChangeLog-5.php#5.2.3
|
|
mplayer<1.0rc9nb7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948
|
|
gmplayer<1.0rc9nb2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948
|
|
spamassassin<3.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873
|
|
spamassassin-3.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873
|
|
file<4.21 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799
|
|
mecab-base<0.96 buffer-overflows http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3231
|
|
gnupg<1.4.7 signature-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263
|
|
openoffice2{,-bin}<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-0245.html
|
|
openoffice2-bin<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-2754.html
|
|
ktorrent<2.1.2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1385
|
|
vlc>0.8<0.8.5nb6 format-string http://www.videolan.org/sa0702.html
|
|
vlc<0.7.2nb17 format-string http://www.videolan.org/sa0702.html
|
|
bitchx<1.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360
|
|
xvidcore<1.1.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3329
|
|
evolution-data-server<1.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257
|
|
proftpd<1.3.1rc2nb1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165
|
|
apache<1.3.37nb2 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752
|
|
apache<1.3.37nb2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304
|
|
apache>=2.0<2.0.59nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752
|
|
apache>=2.0<2.0.59nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1863
|
|
apache>=2.2.0<2.2.4nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752
|
|
apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304
|
|
apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1863
|
|
flac123<0.0.10 arbitrary-code-execution http://www.isecpartners.com/advisories/2007-002-flactools.txt
|
|
phpmyadmin<2.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-2
|
|
phpmyadmin<2.9.2 http-response-splitting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-1
|
|
phpmyadmin<2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4
|
|
p5-Net-DNS<0.60 domain-name-spoofing http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377
|
|
p5-Net-DNS<0.60 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409
|
|
gimp>2.2<2.2.15nb2 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/
|
|
gimp-base<1.2.5nb6 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/
|
|
gimp>2.3<2.3.18nb1 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/
|
|
libarchive<1.3.1nb1 infinite-loop http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc
|
|
libarchive<1.3.1nb1 null-dereference http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc
|
|
libarchive<1.3.1nb1 arbitrary-code-execution http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc
|
|
clamav<0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725
|
|
centericq<4.21.0nb5 arbitrary-code-execution http://www.leidecker.info/advisories/07-06-07_centericq_bof.txt
|
|
ipcalc<0.41 cross-site-scripting http://jodies.de/ipcalc-archive/ipcalc-0.40/ipcalc-security.html
|
|
lighttpd<1.4.14 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt
|
|
lighttpd<1.4.15 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt
|
|
lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_03.txt
|
|
lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_04.txt
|
|
lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_05.txt
|
|
lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_06.txt
|
|
lighttpd<1.4.16 privacy-leak http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_08.txt
|
|
firefox{,-bin,-gtk1}<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html
|
|
thunderbird{,-gtk1}<1.5.0.13 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html
|
|
firefox{,-bin,-gtk1}<2.0.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html
|
|
firefox{,-bin,-gtk1}<2.0.0.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html
|
|
firefox{,-bin,-gtk1}<2.0.0.5 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html
|
|
seamonkey{,-bin,-gtk1}<1.1.3 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html
|
|
seamonkey{,-bin,-gtk1}<1.1.3 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html
|
|
seamonkey{,-bin,-gtk1}<1.1.3 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html
|
|
seamonkey{,-bin,-gtk1}<1.1.3 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html
|
|
drupal>=5<5.2 cross-site-request-forgeries http://drupal.org/node/162360
|
|
drupal>=5<5.2 cross-site-scripting http://drupal.org/node/162361
|
|
bind>9.4.0<9.4.1pl1 weak-default-acls http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
|
|
bind>9.4.0<9.4.1pl1 cryptographically-weak-query-ids http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
|
|
firefox{,-bin,-gtk1}<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
|
|
thunderbird{,-gtk1}<1.5.0.13 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
|
|
seamonkey{,-bin,-gtk1}<1.1.4 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
|
|
firefox{,-bin,-gtk1}<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html
|
|
thunderbird{,-gtk1}>=2.0<1.5.0.13 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html
|
|
seamonkey{,-bin,-gtk1}<1.1.4 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html
|
|
acroread-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
acroread5-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gaim-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wmmail-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mozilla-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php>5.0<5.2.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806
|
|
php<4.4.7nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806
|
|
qt3-libs<3.3.8nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388
|
|
tcpdump<3.9.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798
|
|
ethereal-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
kdegraphics<3.5.7nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt
|
|
koffice<1.6.3nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt
|
|
py{15,20,21,22,23,24,25,26,27,31}-denyhosts<2.6nb1 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4323
|
|
squidGuard<1.2.1 acl-bypass http://www.squidguard.org/Doc/sg-2007-04-15.html
|
|
rsync<2.6.9nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
|
|
opera<9.23 arbitrary-code-execution http://www.opera.com/support/search/view/865/
|
|
links{,-gui}-2.1.0.29* remote-command-execution http://links.twibright.com/download/ChangeLog
|
|
kdelibs<3.5.7nb1 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt
|
|
kdebase<3.5.7nb2 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt
|
|
xfce4-terminal<0.2.6nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770
|
|
apache>=2.0<2.0.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
|
|
apache>=2.2.0<2.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
|
|
lighttpd<1.4.18 remote-code-execution http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
|
|
bind>8<8.4.7pl1 cryptographically-weak-query-ids http://www.kb.cert.org/vuls/id/927905
|
|
bind>8<8.9.9 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
qt3-libs<3.3.8nb5 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137
|
|
qt4-libs<4.3.2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137
|
|
bugzilla>3<3.0.2 unauthorised-account-creation http://www.bugzilla.org/security/3.0.1/
|
|
kdebase>=3.3.0<3.5.7nb4 local-root-shell http://www.kde.org/info/security/advisory-20070919-1.txt
|
|
ImageMagick<6.3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985
|
|
ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986
|
|
ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987
|
|
ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988
|
|
fetchmail<6.3.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565
|
|
libXfont-1.3.1 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/09/24/0008.html
|
|
ruby18-base<1.8.6.110nb1 access-validation-bypass http://www.isecpartners.com/advisories/2007-006-rubyssl.txt
|
|
libpurple<2.2.1 denial-of-service http://www.pidgin.im/news/security/?id=23
|
|
openoffice2<2.2.1nb3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html
|
|
openoffice2<2.2.1nb3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html
|
|
openoffice2-bin<2.3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html
|
|
openoffice2-bin<2.3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html
|
|
openttd<0.5.3 remote-code-execution http://www.tt-forums.net/viewtopic.php?f=29&t=34077
|
|
xentools{3,30}-hvm<=3.1.0 remote-code-execution http://secunia.com/advisories/26986/
|
|
dircproxy<1.2.0beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226
|
|
spamassassin<3.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451
|
|
gnucash<2.0.5 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0007
|
|
chmlib<0.39 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619
|
|
GConf2<2.16.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6698
|
|
drupal<5.3 arbitrary-code-execution http://drupal.org/node/184315
|
|
drupal<5.3 cross-site-scripting http://drupal.org/node/184320
|
|
drupal<5.3 cross-site-request-forgery http://drupal.org/node/184348
|
|
drupal<5.3 access-bypass http://drupal.org/node/184354
|
|
drupal<5.3 http-response-splitting http://drupal.org/node/184315
|
|
firefox{,-bin,-gtk1}<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
|
|
seamonkey{,-bin,-gtk1}<1.1.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
|
|
firefox{,-bin,-gtk1}<2.0.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
|
|
seamonkey{,-bin,-gtk1}<1.1.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
|
|
openssl<0.9.7inb5 arbitrary-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135
|
|
p5-XML-RSS<1.31 markup-injection-vulnerability http://search.cpan.org/src/ABH/XML-RSS-1.31/Changes
|
|
mantis<1.0.8 cross-site-scripting http://www.mantisbt.org/changelog.php
|
|
mantis<1.0.8 security-bypass http://www.mantisbt.org/changelog.php
|
|
cups<1.2.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351
|
|
libpurple<2.2.2 denial-of-service http://www.pidgin.im/news/security/?id=24
|
|
perl<5.8.8nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116
|
|
mono<1.1.13.8.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197
|
|
phpmyadmin<2.11.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5
|
|
phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-6
|
|
phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-7
|
|
koffice<1.6.3nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt
|
|
kdegraphics<3.5.7nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt
|
|
kdegraphics-3.5.8 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt
|
|
samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572
|
|
samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
|
|
openldap-server<2.3.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707
|
|
flac<1.2.1 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608
|
|
apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
|
|
apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450
|
|
ircservices<5.0.63 denial-of-service http://lists.ircservices.za.net/pipermail/ircservices/2007/005558.html
|
|
poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
|
|
poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
|
|
poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
|
|
wireshark<0.99.7pre2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2007-03.html
|
|
php>=5<5.2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887
|
|
net-snmp<5.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846
|
|
base<1.3.9 cross-site-scripting http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=555614
|
|
firefox{,-bin,-gtk1}<2.0.0.10 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html
|
|
firefox{,-bin,-gtk1}<2.0.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html
|
|
firefox{,-bin,-gtk1}<2.0.0.10 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html
|
|
wesnoth<1.2.8 arbitrary-code-execution http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289
|
|
micq-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ikiwiki<2.13 remote-file-view http://ikiwiki.info/security/#index29h2
|
|
cairo<1.4.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503
|
|
seamonkey{,-bin,-gtk1}<1.1.7 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html
|
|
seamonkey{,-bin,-gtk1}<1.1.7 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html
|
|
seamonkey{,-bin,-gtk1}<1.1.7 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html
|
|
squid<2.6.17 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_2.txt
|
|
drupal<5.4 sql-injection http://drupal.org/node/198162
|
|
ruby18-actionpack<1.13.6 www-session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077
|
|
samba<3.0.26anb3 remote-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015
|
|
openoffice2<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html
|
|
openoffice2-bin<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html
|
|
mysql-server>5.0<5.0.51 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969
|
|
ruby18-gnome2-gtk<0.16.0nb2 format-string http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6183
|
|
exiftags<1.01 arbitrary-code-execution http://secunia.com/advisories/28110/
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1 denial-of-service http://www.djangoproject.com/weblog/2007/oct/26/security-fix/
|
|
cups<1.3.5 remote-code-execution http://www.cups.org/str.php?L2589
|
|
cups<1.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393}
|
|
clamav<0.92 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759
|
|
dovecot>=1.0.rc11<1.0.9nb1 unauthorized-access http://www.dovecot.org/list/dovecot-news/2007-December/000057.html
|
|
opera<9.25 cross-site-scripting http://www.opera.com/support/search/view/875/
|
|
php<4.4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378
|
|
php<4.4.8 denial-of-service http://www.php-security.org/MOPB/MOPB-03-2007.html
|
|
libsndfile<1.0.17nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974
|
|
postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600
|
|
postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772
|
|
postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067
|
|
postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769
|
|
postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601
|
|
postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600
|
|
postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772
|
|
postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067
|
|
postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769
|
|
postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601
|
|
postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600
|
|
postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772
|
|
postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067
|
|
postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769
|
|
postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601
|
|
horde<3.1.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018
|
|
turba<2.1.6 privilege-escalation http://lists.horde.org/archives/announce/2008/000361.html
|
|
kronolith<2.1.7 privilege-escalation http://lists.horde.org/archives/announce/2008/000362.html
|
|
drupal<5.6 cross-site-request-forgery http://drupal.org/node/208562
|
|
drupal<5.6 cross-site-scripting http://drupal.org/node/208564
|
|
drupal<5.6 cross-site-scripting http://drupal.org/node/208565
|
|
apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
|
|
apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
|
|
apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
|
|
apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
|
|
apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
|
|
apache>=2.2.0<2.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
|
|
apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
|
|
apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
|
|
libXfont<1.3.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006
|
|
modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760
|
|
modular-xorg-server<1.3.0nb5 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958
|
|
modular-xorg-server<1.3.0nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427
|
|
modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428
|
|
modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429
|
|
mplayer<1.0rc10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486}
|
|
mencoder<1.0rc10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486}
|
|
gmplayer<1.0rc10nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486}
|
|
xine-lib<1.1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664
|
|
firefox{,-bin,-gtk1}<2.0.0.12 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
|
|
firefox{,-bin,-gtk1}<2.0.0.12 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
|
|
firefox{,-bin,-gtk1}<2.0.0.12 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html
|
|
seamonkey{,-bin,-gtk1}<1.1.8 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
|
|
seamonkey{,-bin,-gtk1}<1.1.8 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
|
|
seamonkey{,-bin,-gtk1}<1.1.8 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html
|
|
SDL_image<1.2.6nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544
|
|
SDL_image<1.2.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697
|
|
RealPlayerGold<10.0.9 buffer-overflow http://service.real.com/realplayer/security/10252007_player/en/
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.12 heap-overflow http://www.mozilla.org/security/announce/2008/mfsa2008-12.html
|
|
pcre<7.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
|
|
blender<2.43 local-command-inject http://secunia.com/advisories/24232/
|
|
evolution<2.8.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1266
|
|
sylpheed<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267
|
|
sylpheed-claws<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267
|
|
mutt<1.5.14 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1268
|
|
GNUMail<1.1.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1269
|
|
courier-imap<4.0.7 remote-root-shell http://www.gentoo.org/security/en/glsa/glsa-200704-18.xml
|
|
wireshark<0.99.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-01.html
|
|
vlc<0.8.6dnb2 remote-user-shell http://secunia.com/advisories/29122/
|
|
xine-lib<1.1.10.1 remote-user-shell http://secunia.com/advisories/28801/
|
|
mono<1.2.5.1 buffer-overflow http://secunia.com/advisories/27493/
|
|
mono<1.2.6 cross-site-scripting http://secunia.com/advisories/27349/
|
|
mono<1.2.6 buffer-overflow http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5197
|
|
phpmyadmin<2.11.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-8
|
|
phpmyadmin<2.11.5 sql-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1
|
|
viewvc<1.0.5 security-bypass http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.12 directory-traversal http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
|
|
ghostscript>7<8.62 buffer-overflow http://scary.beasts.org/security/CESA-2008-001.html
|
|
audacity<1.2.6nb1 symlink-attack http://www.gentoo.org/security/en/glsa/glsa-200803-03.xml
|
|
dbus<1.0.2nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595
|
|
acroread{,5,7}-[0-9]* remote-user-shell http://www.securityfocus.com/bid/22753
|
|
acroread{,5,7}-[0-9]* remote-stack-smash http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657
|
|
acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663
|
|
acroread{,5,7}-[0-9]* remote-user-shell http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655
|
|
acroread{,5,7}-[0-9]* multiple-unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0655
|
|
acroread{,5,7}-[0-9]* remote-printing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0667
|
|
acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0726
|
|
opera<9.26 remote-information-disclosure http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1080
|
|
opera<9.26 remote-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1081
|
|
opera<9.26 security-bypass http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1082
|
|
turba<2.1.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0807
|
|
kdepim<3.5.7 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1265
|
|
lighttpd<1.4.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983
|
|
cups<1.3.6 denial-of-service http://www.cups.org/str.php?L2656
|
|
acroread{,5,7}-[0-9]* temporary-files-race http://support.novell.com/techcenter/psdb/d8c48c63359fc807624182696d3d149c.html
|
|
py{15,20,21,22,23,24,25,26,27,31}-paramiko<1.7 remote-information-exposure http://www.lag.net/pipermail/paramiko/2008-January/000599.html
|
|
icu<3.6nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770
|
|
icu<3.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771
|
|
e2fsprogs<1.40.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497
|
|
splitvt<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0162
|
|
sun-j{re,dk}14<2.17 unknown http://secunia.com/advisories/29239/
|
|
sun-j{re,dk}15<5.0.15 unknown http://secunia.com/advisories/29239/
|
|
sun-j{re,dk}6<6.0.5 unknown http://secunia.com/advisories/29239/
|
|
evolution<2.12.3nb2 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072
|
|
silc-toolkit<1.1.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1227
|
|
mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt
|
|
mit-krb5>=1.6<1.6.3 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt
|
|
horde<3.1.7 arbitrary-file-inclusion http://lists.horde.org/archives/announce/2008/000382.html
|
|
synce-dccm<0.10.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6703
|
|
synce-dccm>=0.9.2<0.10.1 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1136
|
|
dovecot<1.0.13 authentication-bypass http://www.dovecot.org/list/dovecot-news/2008-March/000064.html
|
|
ruby18-base<1.8.6.114 access-validation-bypass http://preview.ruby-ang.org/en/news/2008/03/03/webrick-file-access-vulnerability/
|
|
mailman<2.1.10 script-insertion http://secunia.com/advisories/28794/
|
|
openldap<2.3.39 denial-of-service http://secunia.com/advisories/27424/
|
|
openldap<2.3.41 denial-of-service http://secunia.com/advisories/28926/
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.1 multiple-vulnerabilities http://secunia.com/advisories/29010/
|
|
webmin<1.330 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1276
|
|
webmin<1.350 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3156
|
|
webmin<1.370 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5066
|
|
webmin<1.370nb3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0720
|
|
apache-tomcat<5.5.21 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
|
|
apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386
|
|
apache-tomcat<5.5.25 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{3382,3385}
|
|
apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
|
|
apache-tomcat>=5.5.9<5.5.26 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
|
|
apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
|
|
apache-tomcat>=5.5.11<5.5.26 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
|
|
mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629
|
|
mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630
|
|
mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629
|
|
mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630
|
|
gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629
|
|
gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630
|
|
xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225
|
|
xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0238
|
|
xine-lib<1.1.10.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486
|
|
p5-Net-DNS<0.63 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341
|
|
roundup<1.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474
|
|
roundup<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475
|
|
lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111
|
|
lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270
|
|
sarg<2.2.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1167
|
|
sarg<2.2.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1168
|
|
liblive<2007.11.18 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6036
|
|
nagios-base<2.5nb5 cross-site-scripting http://secunia.com/advisories/29363/
|
|
wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665
|
|
wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666
|
|
userppp-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1215
|
|
jasper<1.900.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721
|
|
png<1.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
|
|
plone3<3.1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0164
|
|
maradns<1.2.12.06nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0061
|
|
xine-lib<1.1.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
|
|
quagga>=0.99<0.99.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826
|
|
jakarta-tomcat4<4.1.37 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461
|
|
nss_ldap<259 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794
|
|
nagios-plugins<1.4.3nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5198
|
|
nagios-plugin-snmp<1.4.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5623
|
|
openoffice2<2.3.1nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770
|
|
openoffice2<2.3.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771
|
|
asterisk<1.2.27 authentication-bypass http://downloads.digium.com/pub/security/AST-2008-003.html
|
|
mit-krb5<1.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948
|
|
mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
|
|
mit-krb5>=1.6<1.6.4 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt
|
|
mit-krb5<1.4.2nb6 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
|
|
mit-krb5>=1.6<1.6.3 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
|
|
silc-client<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728
|
|
silc-toolkit<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728
|
|
unzip<5.52nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888
|
|
namazu<2.0.18 cross-site-scripting http://secunia.com/advisories/29386/
|
|
maradns<1.2.12.06 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3114
|
|
qemu<0.9.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320
|
|
qemu<0.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6227
|
|
qemu<0.10.0 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928
|
|
instiki<0.13 cross-site-scripting http://rubyforge.org/forum/forum.php?forum_id=22805
|
|
freetype2<2.3.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3506
|
|
bzip2<1.0.5 denial-of-service https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
|
|
ircu<2.10.12.12nb1 denial-of-service http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060906.html
|
|
p7zip<4.57 unknown https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
|
|
libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106
|
|
libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029
|
|
libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065
|
|
libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066
|
|
vlc<0.8.6dnb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489
|
|
silc-client<1.1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552
|
|
silc-server<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552
|
|
silc-toolkit<1.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552
|
|
mysql-client<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mysql-server<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gnupg-1.4.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html
|
|
gnupg2-2.0.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html
|
|
firefox{,2}{,-bin,-gtk1}<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
|
|
firefox{,2}{,-bin,-gtk1}<2.0.0.13 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html
|
|
firefox{,2}{,-bin,-gtk1}<2.0.0.13 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html
|
|
thunderbird{,-gtk1}>=2.0<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
|
|
seamonkey{,-bin,-gtk1}<1.1.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
|
|
seamonkey{,-bin,-gtk1}<1.1.9 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html
|
|
seamonkey{,-bin,-gtk1}<1.1.9 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html
|
|
centerim<4.22.4 shell-command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1467
|
|
p5-Tk<804.027nb7 buffer-overflow http://secunia.com/advisories/29546/
|
|
xpdf<3.02pl1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
|
|
xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352
|
|
xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
|
|
xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393
|
|
policyd-weight<0.1.14.17 privilege-escalation http://secunia.com/advisories/29553/
|
|
wireshark<1.0.0 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-02.html
|
|
gtar-base<1.15.1nb5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131
|
|
eterm<0.9.4nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
|
|
rxvt<2.7.10nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
|
|
rxvt-unicode<8.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
|
|
aterm<1.0.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
|
|
wterm<6.2.9nb8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
|
|
mrxvt<0.5.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
|
|
phpmyadmin<2.11.5.1 unauthorized-access http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2
|
|
inspircd<1.1.18 unspecified http://www.inspircd.org/forum/showthread.php?t=2945
|
|
comix<3.6.4nb2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568
|
|
thunderbird<1.5.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
|
|
thunderbird<1.5.0.14 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-40.html
|
|
php<4.4.5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931
|
|
php>=5.0<5.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931
|
|
cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047
|
|
cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
|
|
lighttpd<1.4.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531
|
|
openssh<4.7.1nb3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
|
|
openssh<4.7.1nb3 security-bypass http://marc.info/?l=openssh-unix-dev&m=120692745026265
|
|
gnome-screensaver<2.21.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389
|
|
gnome-screensaver<2.22.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887
|
|
sympa<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648
|
|
{ap2,ap22}-suphp<0.6.3 arbitrary-script-execution http://article.gmane.org/gmane.comp.php.suphp.general/348
|
|
acroread7<7.0.9 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5857
|
|
libgtop<2.14.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235
|
|
sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
|
|
sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
|
|
sun-{jdk,jre}15<5.0.10 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
|
|
koffice<1.2.1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt
|
|
kdegraphics<3.2.3 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt
|
|
ed<0.2nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939
|
|
GeoIP<1.4.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0159
|
|
kdebase<3.5.5 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt
|
|
opera<9.27 code-execution http://www.opera.com/support/search/view/881/
|
|
opera<9.27 memory-corruption http://www.opera.com/support/search/view/882/
|
|
balsa<2.3.10nb14 buffer-overflow http://bugzilla.gnome.org/show_bug.cgi?id=474366
|
|
xscreensaver<5.02 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859
|
|
xscreensaver<5.04 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585
|
|
neon>=0.26.0<0.26.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157
|
|
kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224
|
|
libevent<1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1030
|
|
openssl<0.9.8f side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108
|
|
openssl<0.9.8f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995
|
|
sqlitemanager<1.2.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1232
|
|
sqlitemanager<1.2.0 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0516
|
|
dropbear<0.49 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099
|
|
tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218
|
|
tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798
|
|
firefox-bin-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html
|
|
ns-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html
|
|
drupal>6<6.2 access-bypass http://drupal.org/node/244637
|
|
wireshark<0.99.6 denial-of-service http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html
|
|
m4<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
|
|
python15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python20-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python21-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python22-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ImageMagick<6.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797
|
|
ktorrent<2.1.2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384
|
|
ktorrent<2.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799
|
|
netperf<2.3.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1444
|
|
imp<4.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1515
|
|
nas<1.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543
|
|
nas<1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545
|
|
lookup<1.4.1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237
|
|
asterisk>=1.4<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594
|
|
asterisk>=1.4<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293
|
|
asterisk>=1.4<1.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488
|
|
zope210<2.10.3 cross-site-request-forgery http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
|
|
inkscape<0.45.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1463
|
|
mgv-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864
|
|
ap-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
|
|
ap13-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
|
|
{ap2,ap22}-perl<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349
|
|
mit-krb5<1.4.2nb5 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
|
|
mit-krb5>=1.6<1.6.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
|
|
mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
|
|
mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
|
|
mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
|
|
mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
|
|
openpbs<2.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5616
|
|
xorg-server<1.1.1 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003
|
|
libXfont<1.2.0 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352
|
|
libX11<1.0.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667
|
|
p5-Archive-Tar<1.37 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829
|
|
sun-{jdk,jre}14<2.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
|
|
sun-{jdk,jre}15<5.0.11 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1
|
|
sun-{jdk,jre}14<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788
|
|
sun-{jdk,jre}15<5.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788
|
|
sun-{jdk,jre}6<6.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788
|
|
vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.0.235 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438
|
|
vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.1.039 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953
|
|
lftp<3.5.9 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348
|
|
elinks<0.11.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034
|
|
python24<2.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052
|
|
python25<2.5.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052
|
|
libexif<0.6.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645
|
|
libexif<0.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168
|
|
mysql-server<4.1.23 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
|
|
mysql-server<4.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
|
|
mysql-server>5.0<5.0.44 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691
|
|
mysql-server>5.0<5.0.44 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925
|
|
mysql-server>5.0.9<5.0.51 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226
|
|
bochs<2.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2894
|
|
findutils<4.2.31 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2452
|
|
phppgadmin<4.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5728
|
|
base<1.3.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5578
|
|
mail-notification<4.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3209
|
|
dspam<3.8.0 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418
|
|
exiv2<0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6353
|
|
libexif<0.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352
|
|
gd<2.0.35 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
|
|
sun-{jdk,jre}15<5.0.12 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1
|
|
sun-{jdk,jre}6<6.0.1 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1
|
|
openoffice2-bin<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077
|
|
curl>=7.14.0<7.16.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564
|
|
libcdio<0.80 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613
|
|
firefox-bin-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456
|
|
ns-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456
|
|
firefox-bin-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022
|
|
ns-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022
|
|
sun-{jdk,jre}14<2.15 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1
|
|
sun-{jdk,jre}15<5.0.12 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1
|
|
sun-{jdk,jre}6<6.0.2 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1
|
|
sun-{jdk,jre}6<6.0.2 arbitrary-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1
|
|
modular-xorg-server<1.3.0.0nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730
|
|
php<5.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806
|
|
kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820
|
|
asterisk<1.2.22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762
|
|
asterisk>=1.4<1.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762
|
|
asterisk<1.2.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103
|
|
asterisk>=1.4<1.4.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103
|
|
teamspeak-server<2.0.23.19 remote-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3956
|
|
mldonkey<2.9.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4100
|
|
t1lib<5.1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033
|
|
gdm<2.18.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381
|
|
tor<0.1.2.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3165
|
|
tor<0.1.2.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4174
|
|
clamav<0.93 remote-user-shell http://secunia.com/advisories/29000/
|
|
png>=1.0.6<1.0.33 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt
|
|
png>=1.2.0<1.2.27beta01 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt
|
|
mksh<33d privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1845
|
|
rsync>=3.0.0<3.0.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720
|
|
xine-lib<1.1.12 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
|
|
cups<1.3.7nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722
|
|
xine-lib<1.1.12nb1 remote-system-access http://secunia.com/advisories/29850/
|
|
openoffice2{,-bin}<2.4 remote-system-access http://secunia.com/advisories/29852/
|
|
firefox{,-bin,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
|
|
seamonkey{,-bin,-gtk1}<1.1.10 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
|
|
thunderbird{,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
|
|
vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681
|
|
vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682
|
|
vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484
|
|
vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225
|
|
vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681
|
|
vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
|
|
vlc<0.8.6f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489
|
|
vlc<0.8.6f remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
|
|
poppler<0.8.0nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693
|
|
xpdf<3.02pl2nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693
|
|
streamripper<1.61.27nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4337
|
|
sudo<1.6.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3149
|
|
po4a<0.23nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462
|
|
bugzilla<2.22.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538
|
|
bugzilla<2.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543
|
|
bugzilla>3<3.0.1 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538
|
|
bugzilla>3<3.0.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543
|
|
konversation<1.0.1nb8 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400
|
|
id3lib<3.8.3nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460
|
|
sylpheed<2.4.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958
|
|
claws-mail<3.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958
|
|
subversion-base<1.4.5 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3846
|
|
bitchx<1.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584
|
|
bitchx<1.1nb3 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5839
|
|
star<1.4.3nb4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4134
|
|
claws-mail<3.2.0 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208
|
|
samba>3.0.25<3.0.26 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138
|
|
kdebase>=3.3.0<3.5.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569
|
|
asterisk>1.4.4<1.4.12 denial-of-service http://downloads.digium.com/pub/asa/AST-2007-021.html
|
|
fuse-chironfs<1.0RC7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5101
|
|
sun-{jdk,jre}14<2.16 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1
|
|
sun-{jdk,jre}15<5.0.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1
|
|
sun-{jdk,jre}6<6.0.3 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1
|
|
pwlib<1.8.3nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897
|
|
wesnoth<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917
|
|
wesnoth>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917
|
|
bacula<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5626
|
|
delegate<9.7.5 arbitrary-code-execution http://www.delegate.org/mail-lists/delegate-en/3856
|
|
sun-{jdk,jre}14<2.16 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1
|
|
sun-{jdk,jre}15<5.0.13 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1
|
|
sun-{jdk,jre}6<6.0.3 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1
|
|
3proxy<0.5.3j denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5622
|
|
phpmyadmin<2.11.5.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924
|
|
vobcopy<1.1.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5718
|
|
liferea<1.4.6 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5751
|
|
perdition<1.17nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740
|
|
emacs{,-nox11}>=22<22.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5795
|
|
dbmail<2.2.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6714
|
|
blender<2.45nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102
|
|
blender<2.45nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103
|
|
kronolith<2.1.8 cross-site-scripting http://marc.info/?l=horde-announce&m=120931816706926&w=2
|
|
vorbis-tools<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
|
|
SDL_sound<1.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
|
|
sweep<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
|
|
emacs{,-nox11}>=20<20.7nb11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
|
|
emacs{,-nox11}>=21<21.4anb13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
|
|
emacs{,-nox11}>=22<22.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
|
|
xemacs{,-nox11}<21.4.17nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
|
|
xemacs{,-nox11}>=21.5<21.5.27nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
|
|
kdelibs>=3.5.5<3.5.9nb1 linux-denial-of-service http://www.kde.org/info/security/advisory-20080426-2.txt
|
|
ikiwiki<2.42 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0165
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1937
|
|
swfdec<0.6.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1834
|
|
php5-apc<5.2.5.3.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1488
|
|
xine-lib<1.1.11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482
|
|
wyrd<1.4.1nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806
|
|
imp<4.1.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018
|
|
win32-codecs<071007 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200803-08.xml
|
|
graphviz<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484
|
|
scponly<4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350
|
|
boost-libs<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171
|
|
boost-headers<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171
|
|
glib2<2.14.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
|
|
plone25<2.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741
|
|
plone3<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741
|
|
speex<1.0.5nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
|
|
php>=5<5.2.5 security-bypass http://securityreason.com/achievement_securityalert/47
|
|
php>=5<5.2.5 arbitrary-code-execution http://www.php.net/releases/5_2_5.php
|
|
php>=5<5.2.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
|
|
php>=5<5.2.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
|
|
php>=5<5.2.6 unknown http://www.php.net/ChangeLog-5.php#5.2.6
|
|
php5-pear-MDB2<2.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934
|
|
php5-pear-MDB2_Driver_mysql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934
|
|
php5-pear-MDB2_Driver_pgsql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934
|
|
pioneers<0.11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010
|
|
teTeX-bin<3.0nb16 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml
|
|
liferea<1.4.8 privilege-escalation http://www.novell.com/linux/security/advisories/2005_22_sr.html
|
|
rsync<2.6.9nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199
|
|
bugzilla>=2.17.2<2.22.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/
|
|
bugzilla>=3.0<3.0.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/
|
|
bugzilla>=3.0<3.0.4 account-impersonation http://www.bugzilla.org/security/2.20.5/
|
|
bugzilla>=3.0<3.0.4 unauthorized-bug-change http://www.bugzilla.org/security/2.20.5/
|
|
GraphicsMagick<1.1.12 remote-security-bypass http://sourceforge.net/project/shownotes.php?release_id=595544
|
|
rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696
|
|
rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697
|
|
rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698
|
|
php<5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599
|
|
php<4.4.8 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt
|
|
php>=5<5.2.5 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt
|
|
php<5 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt
|
|
php>=5<5.2.6 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt
|
|
php<5 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051
|
|
php>=5<5.2.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051
|
|
licq<1.3.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996
|
|
php>=4<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mysql-server<4.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
|
|
mysql-server>=5<5.0.51bnb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
|
|
mysql-server>=5.1<5.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
|
|
qemu-0.9.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
|
|
ganglia-webfrontend<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465
|
|
kdebase<3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963
|
|
mantis<1.1.0 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8679
|
|
mantis<1.1.1 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8756
|
|
xmp<2.6.0 arbitrary-code-execution http://aluigi.altervista.org/adv/xmpbof-adv.txt
|
|
RealPlayerGold-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0098
|
|
qt4-libs>=4.3.0<4.3.3 certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5965
|
|
mongrel>=1.0.4<1.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6612
|
|
openafs<1.4.6 denial-of-service http://www.openafs.org/security/OPENAFS-SA-2007-003.txt
|
|
libxml2<2.6.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284
|
|
bind<8.4.7pl1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122
|
|
bind>=9<9.4.1pl1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122
|
|
gnumeric<1.8.1 arbitrary-code-execution http://bugzilla.gnome.org/show_bug.cgi?id=505330
|
|
sun-{jdk,jre}15<5.0.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1
|
|
sun-{jdk,jre}6<6.0.2 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1
|
|
sun-{jdk,jre}6<6.0.4 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231246-1
|
|
tk<8.4.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553
|
|
acroread8<8.1.2 arbitrary-code-execution http://www.adobe.com/go/kb403079
|
|
acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/go/kb403079
|
|
clamav<0.92.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728
|
|
GraphicsMagick<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988
|
|
vmware<5.5.6 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923
|
|
vmware>=6<6.0.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923
|
|
tcl<8.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772
|
|
mplayer<1.0rc10nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558
|
|
gmplayer<1.0rc10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558
|
|
acroread<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199
|
|
acroread{5,7}-[0-9]* arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199
|
|
acroread8<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199
|
|
duplicity<0.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5201
|
|
flex<2.5.33 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459
|
|
quake3arena-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3400
|
|
xdm<1.0.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214
|
|
libX11>=1.0.2<1.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397
|
|
xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906
|
|
xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907
|
|
xentools3-hvm<3.1.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928
|
|
sarg<2.2.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922
|
|
mysql-server<4.1.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780
|
|
mysql-server>=5<5.0.45 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780
|
|
mysql-server>=5<5.0.45 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781
|
|
mysql-server>=5<5.0.42 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782
|
|
mt-daapd-0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1771
|
|
mt-daapd<0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824
|
|
mt-daapd<0.2.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825
|
|
mantis<1.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611
|
|
libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419
|
|
libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420
|
|
libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1nb1 cross-site-scripting http://www.djangoproject.com/weblog/2008/may/14/security/
|
|
mantis<1.1.2 cross-site-request-forgery http://secunia.com/advisories/30270/
|
|
uudeview<0.5.20nb2 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972
|
|
uulib<0.5.20nb4 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972
|
|
WordNet<3.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149
|
|
net-snmp<5.4.1nb2 arbitrary-code-execution http://secunia.com/advisories/30187/
|
|
libid3tag<0.15.1bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2109
|
|
ja-ptex-bin-[0-9]* remote-manipulation-of-data http://secunia.com/advisories/30168/
|
|
ja-ptex-bin-[0-9]* remote-system-access http://secunia.com/advisories/30168/
|
|
mtr<0.72nb1 arbitrary-code-execution http://seclists.org/fulldisclosure/2008/May/0488.html
|
|
nagios-base<2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803
|
|
gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948
|
|
gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949
|
|
gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
|
|
libxslt<1.1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
|
|
snort<2.8.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804
|
|
perl<5.8.8nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927
|
|
stunnel>=4.16<4.24 accepts-revoked-ocsp-cert http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420
|
|
nagios-plugins<1.4.6 local-code-execution https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1630970&group_id=29880
|
|
samba<3.0.28anb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
|
|
spamdyke<3.1.8 remote-security-bypass http://secunia.com/advisories/30408/
|
|
imlib2<1.4.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426
|
|
emacs{,-nox11}>=20<20.7nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
|
|
emacs{,-nox11}>=21<21.4anb12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
|
|
emacs{,-nox11}>=22.1<22.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
|
|
xemacs-packages<1.16nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
|
|
apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
|
|
apache-tomcat>=6<6.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
|
|
vmware<6.0.4 arbitrary-code-execution http://www.vmware.com/security/advisories/VMSA-2008-0008.html
|
|
ikiwiki<2.48 authentication-bypass http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483770
|
|
openssl<0.9.8gnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
|
|
websvn<1.61nb8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056
|
|
evolution<2.12.3nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108
|
|
evolution>=2.22<2.22.2nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108
|
|
GraphicsMagick<1.1.14 remote-system-access http://secunia.com/advisories/30549/
|
|
GraphicsMagick>=1.2<1.2.3 remote-system-access http://secunia.com/advisories/30549/
|
|
exiv2<0.16nb1 denial-of-service http://dev.robotbattle.com/bugs/view.php?id=0000546
|
|
vmware<5.5.7 privilege-escalation http://www.vmware.com/security/advisories/VMSA-2008-0009.html
|
|
asterisk<1.2.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119
|
|
mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
|
|
mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt
|
|
mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt
|
|
mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt
|
|
asterisk<1.2.26 security-bypass http://downloads.digium.com/pub/security/AST-2007-027.html
|
|
asterisk<1.2.28 denial-of-service http://downloads.digium.com/pub/security/AST-2008-006.html
|
|
net-snmp<5.4.1nb4 spoof-authenticated-packets http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
|
|
freetype2<2.3.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806
|
|
apache>2.0<2.0.63nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
|
|
apache>=2.2.0<2.2.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
|
|
openoffice2{,-bin}<2.4.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2008-2152.html
|
|
courier-authlib<0.60.6 sql-injection http://marc.info/?l=courier-users&m=121293814822605&w=2
|
|
freetype2<2.3.6 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id={715,716,717}
|
|
nasm<2.02nb1 local-user-shell http://secunia.com/advisories/30594/
|
|
modular-xorg-server<1.3.0.0nb10 multiple-vulnerabilities http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html
|
|
opera<9.50 url-spoofing http://www.opera.com/support/search/view/878/
|
|
opera<9.50 information-disclosure http://www.opera.com/support/search/view/883/
|
|
opera<9.50 security-bypass http://www.opera.com/support/search/view/885/
|
|
vim{,-gtk,-gtk2,-motif,-xaw,-share}<7.1.299 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712
|
|
turba<2.2.1 cross-site-scripting http://secunia.com/advisories/30704/
|
|
horde<3.1.7nb1 cross-site-scripting http://secunia.com/advisories/30697/
|
|
horde>=3.2<3.2.1 cross-site-scripting http://secunia.com/advisories/30697/
|
|
roundcube<0.2alpha cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321
|
|
clamav<0.93.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713
|
|
fetchmail<6.3.8nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711
|
|
ruby18-base<1.8.7.22 arbitrary-code-execution http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities
|
|
phpmyadmin<2.11.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-4
|
|
rt<3.6.7 denial-of-service http://lists.bestpractical.com/pipermail/rt-announce/2008-June/000158.html
|
|
acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html
|
|
acroread8<8.1.2nb1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html
|
|
squid<2.6.21 denial-of-service http://marc.info/?l=squid-announce&m=121469526501591&w=2
|
|
squid<2.6.21 privacy-leak http://marc.info/?l=squid-announce&m=121469526501591&w=2
|
|
pidgin<2.4.3 arbitrary-code-execution http://archives.neohapsis.com/archives/bugtraq/2008-06/0225.html
|
|
GraphicsMagick-1.1.[0-9]* remote-system-access http://secunia.com/advisories/30879/
|
|
GraphicsMagick>=1.2<1.2.4 remote-system-access http://secunia.com/advisories/30879/
|
|
firefox{,-bin,-gtk1}<2.0.0.15 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798
|
|
firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803
|
|
firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
|
|
seamonkey{,-bin,-gtk1}<1.1.10 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798
|
|
seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803
|
|
seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
|
|
wireshark<1.0.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-03.html
|
|
ruby18-base<1.8.7.22nb1 denial-of-service http://securenetwork.it/ricerca/advisory/download/SN-2008-02.txt
|
|
vlc<0.8.6fnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430
|
|
openldap-client<2.4.9nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952
|
|
opera<9.51 information-disclosure http://www.opera.com/support/search/view/887/
|
|
thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798
|
|
thunderbird{,-gtk1}<2.0.0.16 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-24.html
|
|
thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803
|
|
thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
|
|
pcre<7.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
|
|
#vte-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023
|
|
libzvt-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023
|
|
bind>9.5.0<9.5.0pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
|
|
bind>9.4.0<9.4.2pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
|
|
bind>9.3.0<9.3.5pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
|
|
bind-8.[0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
|
|
poppler<0.8.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950
|
|
drupal>6.0<6.3 cross-site-scripting http://drupal.org/node/280571
|
|
drupal>5.0<5.8 cross-site-request-forgeries http://drupal.org/node/280571
|
|
drupal>6.0<6.3 cross-site-request-forgeries http://drupal.org/node/280571
|
|
drupal>5.0<5.8 session-fixation http://drupal.org/node/280571
|
|
drupal>6.0<6.3 session-fixation http://drupal.org/node/280571
|
|
drupal>6.0<6.3 sql-injection http://drupal.org/node/280571
|
|
ffmpeg<0.4.9pre1nb4 remote-code-execution https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311
|
|
sun-j{re,dk}14<2.18 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115]
|
|
sun-j{re,dk}15<5.0.16 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115]
|
|
sun-j{re,dk}6<6.0.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115]
|
|
wireshark<1.0.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-04.html
|
|
zsh<4.2.6nb1 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209
|
|
zsh>=4.3<4.3.4nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209
|
|
firefox{,-bin,-gtk1}<2.0.0.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
|
|
firefox3{,-bin}<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
|
|
seamonkey{,-bin,-gtk1}<1.1.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
|
|
phpmyadmin<2.11.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-5
|
|
py{26,27,34,35,36}-mercurial<1.0.1nb1 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942
|
|
firefox{,-bin,-gtk1}<2.0.0.16 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html
|
|
firefox3{,-bin}<3.0.1 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html
|
|
byacc<20050813nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.7.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.6.3
|
|
dnsmasq<2.45 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
|
|
asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263
|
|
asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264
|
|
asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263
|
|
asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264
|
|
openssh<5.0.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259
|
|
drupal<5.9 session-fixation http://drupal.org/node/286417
|
|
drupal>=6<6.3 session-fixation http://drupal.org/node/286417
|
|
newsx<1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3252
|
|
trac<0.10.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3328
|
|
RealPlayerGold<11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5400
|
|
phpmyadmin<2.11.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6
|
|
gnutls>=2.3.5<2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2377
|
|
fprot-workstation-bin-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3447
|
|
pan<0.133 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363
|
|
openttd<0.6.2 arbitrary-code-execution http://sourceforge.net/project/shownotes.php?release_id=617243
|
|
python24<2.4.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
|
|
python25<2.5.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
|
|
python24<2.4.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
|
|
python25<2.5.2nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
|
|
apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
|
|
apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
|
|
jakarta-tomcat4<4.1.39 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
|
|
jakarta-tomcat4<4.1.39 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
|
|
jakarta-tomcat5-[0-9]* directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
|
|
libxslt<1.1.24nb1 arbitrary-code-execution http://www.scary.beasts.org/security/CESA-2008-003.html
|
|
scmgit<1.5.6.4 remote-system-access http://kerneltrap.org/mailarchive/git/2008/7/16/2529284
|
|
ruby18-base<1.8.7.72 multiple-vulnerabilities http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
|
|
powerdns<2.9.21nb2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337
|
|
pidgin<2.5.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532
|
|
mono<1.9.1nb2 cross-site-scripting http://secunia.com/advisories/31338/
|
|
apache-2.0.[0-5]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
|
|
apache-2.0.6[0-2]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
|
|
apache-2.0.63{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
|
|
apache>=2.2.0<2.2.9nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
|
|
python25<2.5.2nb3 weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316
|
|
bugzilla<2.22.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/
|
|
bugzilla>=3.0<3.0.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/
|
|
amarok<1.4.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
|
|
ipsec-tools<0.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651
|
|
ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652
|
|
vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.2.69 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677
|
|
isc-dhcpd<3.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062
|
|
postfix<2.5.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936
|
|
postfix<2.5.4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937
|
|
postfix>=2.6.20080000<2.6.20080814 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936
|
|
postfix>=2.6.20080000<2.6.20080814 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937
|
|
drupal<5.10 multiple-vulnerabilities http://drupal.org/node/295053
|
|
drupal>=6<6.4 multiple-vulnerabilities http://drupal.org/node/295053
|
|
yelp>=2.19.90<2.22.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533
|
|
mktemp<1.6 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495193
|
|
xine-lib<1.1.15 remote-system-access http://www.ocert.org/advisories/ocert-2008-008.html
|
|
zope29>=2.9<2.9.9nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/
|
|
zope210>=2.10<2.10.6nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/
|
|
zope211>=2.10<2.11.1nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/
|
|
awstats<6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714
|
|
sympa<5.4.4 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494969
|
|
vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732
|
|
vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794
|
|
sqlitemanager-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
R<2.7.0nb1 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496363
|
|
bitlbee<1.2.2 security-bypass http://secunia.com/advisories/31633/
|
|
tiff<3.8.2nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327
|
|
ruby18-base<1.8.7.72nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790
|
|
vim<7.2.10 arbitrary-command-execution http://www.rdancer.org/vulnerablevim-K.html
|
|
openoffice{,2}<2.4.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282
|
|
mono<1.9.1nb4 cross-site-scripting https://bugzilla.novell.com/show_bug.cgi?id=418620
|
|
gpsdrive-[0-9]* privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496436
|
|
libxml2<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281
|
|
opera<9.52 arbitrary-code-execution http://www.opera.com/support/search/view/892/
|
|
opera<9.52 security-bypass http://www.opera.com/support/search/view/893/
|
|
opera<9.52 security-bypass http://www.opera.com/support/search/view/895/
|
|
opera<9.52 local-file-reading http://www.opera.com/support/search/view/896/
|
|
opera<9.52 url-spoofing http://www.opera.com/support/search/view/897/
|
|
postfix<2.5.5 denial-of-service http://www.postfix.org/announcements/20080902.html
|
|
clamav<0.94 denial-of-service http://secunia.com/advisories/31725/
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<0.96.3 cross-site-request-forgery http://www.djangoproject.com/weblog/2008/sep/02/security/
|
|
wireshark>=0.9.7<1.0.3 denial-of-service http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675
|
|
wireshark>=0.10.14<1.0.3 arbitrary-code-execution http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649
|
|
png>=1.2.30beta04<1.2.32beta01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964
|
|
geeklog<1.4.1nb3 remote-file-write http://www.geeklog.net/article.php/file-uploads
|
|
vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732
|
|
vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794
|
|
horde<3.2.2 cross-site-scripting http://marc.info/?l=horde-announce&m=122104360019867&w=2
|
|
mysql-server>=5<5.0.66 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963
|
|
mysql-server>=5.1<5.1.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963
|
|
gri<2.12.18 insecure-temporary-files http://gri.sourceforge.net/gridoc/html/Version_2_12.html
|
|
phpmyadmin<2.11.9.1 arbitrary-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7
|
|
proftpd<1.3.2rc2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242
|
|
ffmpeg<20080727 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3230
|
|
rails<2.1.1 sql-injection http://rails.lighthouseapp.com/projects/8994/tickets/288
|
|
firefox{,-bin,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016
|
|
seamonkey{,-bin,-gtk1}<1.1.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016
|
|
thunderbird{,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016
|
|
firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836
|
|
firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059
|
|
firefox3{,-bin}<3.0.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058
|
|
seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058
|
|
firefox{,-bin,-gtk1}<2.0.0.17 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062
|
|
firefox3{,-bin}<3.0.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062
|
|
firefox3{,-bin}<3.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063
|
|
seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062
|
|
firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065
|
|
firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066
|
|
firefox3{,-bin}<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065
|
|
seamonkey{,-bin,-gtk1}<1.1.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065
|
|
seamonkey{,-bin,-gtk1}<1.1.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070
|
|
thunderbird{,-gtk1}<2.0.0.17 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070
|
|
faad2<2.6.1nb1 arbitrary-code-execution http://secunia.com/advisories/32006/
|
|
aegis<4.24.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4938
|
|
samba>3.2<3.2.3 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789
|
|
lighttpd<1.4.20 denial-of-service http://trac.lighttpd.net/trac/ticket/1774
|
|
tnftpd<20080929 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247
|
|
firefox3<3.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4324
|
|
gmplayer<1.0rc10nb6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827
|
|
mencoder<1.0rc10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827
|
|
mplayer<1.0rc10nb8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827
|
|
xerces-c<3.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4482
|
|
xentools3-hvm-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945
|
|
libxml2<2.7.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409
|
|
dovecot<1.1.4 remote-security-bypass http://www.dovecot.org/list/dovecot-news/2008-October/000085.html
|
|
mysql-client>=5.0<5.0.67nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456
|
|
xentools33<3.3.0nb2 security-bypass http://secunia.com/advisories/32064/
|
|
xentools3-[0-9]* security-bypass http://secunia.com/advisories/32064/
|
|
drupal>=5<5.11 multiple-vulnerabilities http://drupal.org/node/318706
|
|
drupal>=6<6.5 multiple-vulnerabilities http://drupal.org/node/318706
|
|
graphviz<2.16.1nb3 remote-system-access http://secunia.com/advisories/32186/
|
|
ap{2,22}-modsecurity{,2}>2.5.0<2.5.6 remote-security-bypass http://secunia.com/advisories/32146/
|
|
opera<9.6 multiple-vulnerabilities http://secunia.com/advisories/32177/
|
|
firefox-bin-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/
|
|
ns-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/
|
|
gtar-base<1.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476
|
|
dbus<1.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834
|
|
cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639
|
|
cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640
|
|
cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641
|
|
vlc<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558
|
|
mantis<1.1.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102
|
|
firefox-bin-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html
|
|
ns-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html
|
|
jhead<2.84 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575
|
|
vlc>=0.9.0<0.9.5 arbitrary-code-execution http://www.videolan.org/security/sa0809.html
|
|
opera<9.61 information-disclosure http://www.opera.com/support/search/view/903/
|
|
opera<9.61 cross-site-scripting http://www.opera.com/support/search/view/904/
|
|
opera<9.61 security-bypass http://www.opera.com/support/search/view/905/
|
|
mantis<1.1.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687
|
|
apache-tomcat<5.5.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271
|
|
jakarta-tomcat4<4.1.32 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271
|
|
jakarta-tomcat5-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271
|
|
wireshark<1.0.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-06.html
|
|
drupal>=5<5.12 multiple-vulnerabilities http://drupal.org/node/324824
|
|
drupal>=6<6.6 multiple-vulnerabilities http://drupal.org/node/324824
|
|
websvn<2.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918
|
|
websvn<2.1.0 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919
|
|
websvn<2.1.0 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240
|
|
enscript<1.6.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
|
|
gpsd<2.37nb1 remote-information-exposure http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116
|
|
libspf2<1.2.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2469
|
|
imlib2<1.4.2 unspecified http://secunia.com/advisories/32354/
|
|
png<1.2.33rc02 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=635463&group_id=5624
|
|
jhead<2.86 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641
|
|
ktorrent>=3.0<3.1.4 security-bypass http://secunia.com/advisories/32442/
|
|
phpmyadmin<2.11.9.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-9
|
|
lynx<2.8.6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234
|
|
opera<9.62 system-access http://secunia.com/advisories/32452/
|
|
dovecot>=1.1.4<1.1.6 denial-of-service http://www.dovecot.org/list/dovecot-news/2008-October/000089.html
|
|
openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237
|
|
openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238
|
|
phpmyadmin<2.11.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8
|
|
crossfire-maps-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908
|
|
crossfire-server>=1.11.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908
|
|
imap-uw<2007d system-access http://secunia.com/advisories/32483/
|
|
ed<1.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916
|
|
kdelibs-3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5698
|
|
ktorrent>=2.0<2.2.8 remote-security-bypass http://secunia.com/advisories/32447/
|
|
net-snmp<5.4.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
|
|
acroread8<8.1.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-19.html
|
|
silc-server<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1429
|
|
nagios-base<3.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5027
|
|
vlc08-[0-9]* remote-system-access http://www.videolan.org/security/sa0810.html
|
|
vlc>=0.5.0<0.9.6 remote-system-access http://www.videolan.org/security/sa0810.html
|
|
bugzilla<2.22.6 security-bypass http://www.bugzilla.org/security/2.20.6/
|
|
bugzilla>3.0.0<3.0.6 security-bypass http://www.bugzilla.org/security/2.20.6/
|
|
lmbench-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4968
|
|
gnutls<2.6.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin-[0-9]* remote-information-exposure http://secunia.com/advisories/32686/
|
|
trac<0.11.2 multiple-vulnerabilities http://secunia.com/advisories/32652/
|
|
ja-trac<0.11.1pl2 multiple-vulnerabilities http://secunia.com/advisories/32652/
|
|
clamav<0.94.1 remote-system-access http://secunia.com/advisories/32663/
|
|
nagios-base<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5028
|
|
fwbuilder{,21}-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4956
|
|
scilab<4.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983
|
|
optipng<0.6.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101
|
|
typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-1/
|
|
typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/
|
|
streamripper<1.61.27nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829
|
|
libxml2<2.7.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225
|
|
libxml2<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226
|
|
imlib2<1.4.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187
|
|
mailscanner<4.55.11 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140
|
|
opera<9.63 multiple-vulnerabilities http://secunia.com/advisories/32752/
|
|
blender<2.49bnb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863
|
|
vmware<5.5.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915
|
|
firefox{,-bin,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html
|
|
seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html
|
|
thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html
|
|
firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html
|
|
seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html
|
|
firefox3{,-bin}<3.0.4 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-51.html
|
|
firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
|
|
firefox3{,-bin}<3.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
|
|
thunderbird{,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
|
|
seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
|
|
firefox{,-bin,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
|
|
firefox3{,-bin,-gtk1}<3.0.4 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
|
|
thunderbird{,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
|
|
seamonkey{,-bin,-gtk1}<1.1.13 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
|
|
seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html
|
|
thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html
|
|
libcdaudio<0.99.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030
|
|
wireshark<1.0.4nb1 denial-of-service http://secunia.com/advisories/32840/
|
|
gnetlist<1.4.0nb1 privilege-escalation http://secunia.com/advisories/32806/
|
|
amaya-[0-9]* system-access http://secunia.com/advisories/32848/
|
|
samba>=3.0.29<3.0.32nb2 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html
|
|
samba>3.2<3.2.5 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html
|
|
mailscanner<4.73.3.1 denial-of-service http://secunia.com/advisories/32915/
|
|
vlc<0.9.8a remote-system-access http://www.videolan.org/security/sa0811.html
|
|
clamav<0.94.2 denial-of-service http://secunia.com/advisories/32926/
|
|
squirrelmail<1.4.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2379
|
|
ImageMagick<6.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096
|
|
GraphicsMagick<1.1.8 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096
|
|
powerdns<2.9.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5277
|
|
nagios-base<3.0.6 unknown http://secunia.com/advisories/32909/
|
|
sun-j{re,dk}14<2.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086
|
|
sun-j{re,dk}15<5.0.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086
|
|
sun-j{re,dk}6<6.0.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086
|
|
perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827
|
|
perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302
|
|
perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302
|
|
perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303
|
|
tor<0.2.0.32 remote-security-bypass http://secunia.com/advisories/33025/
|
|
tor<0.2.0.32 privilege-escalation http://secunia.com/advisories/33025/
|
|
mgetty<1.1.36nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4936
|
|
dbus<1.2.4.2 security-bypass http://lists.freedesktop.org/archives/dbus/2008-December/010702.html
|
|
drupal<5.13 cross-site-request-forgeries http://drupal.org/node/345441
|
|
drupal>6<6.7 cross-site-request-forgeries http://drupal.org/node/345441
|
|
phpmyadmin<2.11.9.4 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php
|
|
phppgadmin<4.2.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5587
|
|
mailscanner<4.74.6.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313
|
|
asterisk<1.2.30.4 denial-of-service http://downloads.digium.com/pub/security/AST-2008-012.html
|
|
mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249
|
|
mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5250
|
|
mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5252
|
|
roundcube<0.2beta2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619
|
|
roundcube<0.2beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5620
|
|
horde<3.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000464.html
|
|
turba<2.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000465.html
|
|
imp<4.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000463.html
|
|
gmplayer<1.0rc10nb8 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt
|
|
mplayer<1.0rc10nb10 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt
|
|
mencoder<1.0rc10nb5 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt
|
|
cmus<2.2.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5375
|
|
ns-flash<9.0.152 remote-system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html
|
|
firefox{,-bin}-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox-gtk1-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
imap-uw<2007e denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514
|
|
avahi<0.6.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081
|
|
openvpn>=2.1rc1<2.1rc9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3459
|
|
pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5743
|
|
pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5843
|
|
netatalk<2.0.3nb12 system-access http://secunia.com/advisories/33227/
|
|
courier-authlib<0.62.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380
|
|
adobe-flash-plugin<10.0.15.3 system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html
|
|
qemu<0.10.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382
|
|
aview<1.3.0.1nb12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4935
|
|
gitweb>=1.6<1.6.0.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916
|
|
gitweb>=1.5.6<1.5.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916
|
|
gitweb>=1.5.5<1.5.5.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916
|
|
gitweb>=1.4.3<1.5.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916
|
|
psi<0.12.1 denial-of-service http://secunia.com/advisories/33311/
|
|
firefox{,-bin,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-62.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
|
|
firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-69.html
|
|
firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
|
|
firefox3{,-bin}<3.0.5 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
|
|
firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
|
|
firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
|
|
firefox3{,-bin}<3.0.5 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
|
|
firefox3{,-bin}<3.0.5 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
|
|
firefox3{,-bin}<3.0.5 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
|
|
firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-69.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
|
|
seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
|
|
thunderbird{,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
|
|
thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
|
|
thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
|
|
thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
|
|
thunderbird{,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
|
|
thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
|
|
thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
|
|
xterm<238 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383
|
|
libaudiofile<0.2.6nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824
|
|
audacity<1.2.6nb2 remote-system-access http://secunia.com/advisories/33356/
|
|
links{,-gui}<2.11 remote-spoofing http://secunia.com/advisories/33391/
|
|
samba>=3.2.0<3.2.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022
|
|
openssl<0.9.8j signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
|
|
amarok<1.4.10nb1 remote-code-execution http://www.trapkit.de/advisories/TKADV2009-002.txt
|
|
drupal<5.15 sql-injection http://drupal.org/node/358957
|
|
drupal>6<6.9 sql-injection http://drupal.org/node/358957
|
|
drupal>6<6.9 access-bypass http://drupal.org/node/358957
|
|
drupal>6<6.9 validation-bypass http://drupal.org/node/358957
|
|
bind>=9.4.0<9.4.3pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
|
|
bind>=9.5.0<9.5.1pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
|
|
bind>=9.6.0<9.6.0pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025
|
|
asterisk<1.2.33 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html
|
|
asterisk>=1.6<1.6.0.10 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html
|
|
typo3<4.2.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.8.1
|
|
roundcube<0.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0413
|
|
gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516
|
|
gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517
|
|
ganglia-monitor-core<3.1.2 remote-system-access http://secunia.com/advisories/33506/
|
|
xdg-utils<1.1.0rc1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386
|
|
# N/A; see https://security-tracker.debian.org/tracker/CVE-2009-0068
|
|
#xdg-utils-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068
|
|
tnftpd<20081009 cross-site-scripting http://securityreason.com/achievement_securityalert/56
|
|
libmikmod<3.2.0 remote-denial-of-service http://secunia.com/advisories/33485/
|
|
devIL>=1.6.7<1.7.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262
|
|
tor<0.2.0.33 remote-denial-of-service http://secunia.com/advisories/33635/
|
|
ap{,2,22}-auth-mysql>=4<4.3.9nb1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2384
|
|
gst-plugins0.10-good<0.10.12 remote-system-access http://trapkit.de/advisories/TKADV2009-003.txt
|
|
gentoo-0.11.57nb1 insecure-temporary-files http://mail-index.netbsd.org/pkgsrc-changes/2009/01/25/msg017509.html
|
|
ntp<4.2.4p6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021
|
|
dia-python<0.97.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5984
|
|
GraphicsMagick<1.3.5 remote-denial-of-service http://secunia.com/advisories/33697/
|
|
imp<4.3.3 cross-site-scripting http://secunia.com/advisories/33719/
|
|
horde<3.3.3 cross-site-scripting http://secunia.com/advisories/33695/
|
|
ffmpeg<20080727nb7 remote-user-shell http://www.trapkit.de/advisories/TKADV2009-004.txt
|
|
netsaint-base-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
netsaint-plugins-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
netsaint-plugin-cluster-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
netsaint-plugin-snmp-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
bugzilla<2.22.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/
|
|
bugzilla<2.22.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/
|
|
bugzilla>3.2<3.2.2 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/
|
|
bugzilla>3.0<3.0.8 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/
|
|
bugzilla>3.0<3.0.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/
|
|
bugzilla>3.0<3.0.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/
|
|
sudo<1.7.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034
|
|
squid<2.7 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
squid>=2.7<2.7.6 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
|
|
squid>=3.0<3.0.13 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
|
|
firefox3{,-bin}<3.0.6 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html
|
|
firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html
|
|
firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html
|
|
firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html
|
|
firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html
|
|
firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html
|
|
thunderbird{,-gtk1}<2.0.0.21 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html
|
|
proftpd>=1.3.1<1.3.2 sql-injection http://secunia.com/advisories/33842/
|
|
typo3<4.2.6 information-disclosure http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
|
|
typo3<4.2.6 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
|
|
net-snmp<5.4.2.1nb1 information-disclosure http://secunia.com/advisories/33884/
|
|
evolution-data-server<2.24.4.1nb2 smime-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547
|
|
varnish<2.0.1 denial-of-service http://secunia.com/advisories/33852/
|
|
tor<0.2.0.34 denial-of-service http://archives.seul.org/or/announce/Feb-2009/msg00000.html
|
|
mediawiki<1.13.4 cross-site-scripting http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_4/phase3/RELEASE-NOTES
|
|
wireshark>=0.99.0<1.0.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-07.html
|
|
wireshark>=0.99.6<1.0.6 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2009-01.html
|
|
boinc-[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0126
|
|
mpack<1.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1425
|
|
poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755
|
|
poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756
|
|
xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239
|
|
xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240
|
|
xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385
|
|
png<1.2.35 denial-of-service http://secunia.com/advisories/33970/
|
|
djbdns<1.05nb9 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4392
|
|
p5-HTTPD-User-Manage<1.63 cross-site-scripting http://jvn.jp/en/jp/JVN30451602/index.html
|
|
mldonkey>=2.8.4<3.0.0 remote-file-access https://savannah.nongnu.org/patch/?6754
|
|
ns-flash<9.0.159 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-01.html
|
|
acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html
|
|
acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html
|
|
acroread7<7.1.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html
|
|
acroread8<8.1.4 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html
|
|
pngcrush<1.6.14 arbitrary-code-execution http://secunia.com/advisories/33976/
|
|
apache-tomcat>=5.5.10<5.5.21 information-disclosure http://tomcat.apache.org/security-5.html
|
|
opensc<0.11.7 unauthorized-access http://secunia.com/advisories/34052/
|
|
php<5.2.9 multiple-vulnerabilities http://secunia.com/advisories/34081/
|
|
trickle>=1.07 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0415
|
|
optipng<0.6.2.1 arbitrary-code-execution http://secunia.com/advisories/34035/
|
|
squid<3.2.0.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801
|
|
mldonkey>=2.8.4<2.9.7nb1 information-disclosure https://savannah.nongnu.org/bugs/?25667
|
|
curl<7.18.0nb4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
|
|
curl>=7.19.0<7.19.4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037
|
|
opera<9.64 multiple-vulnerabilities http://secunia.com/advisories/34135/
|
|
libsndfile<1.0.17nb5 arbitrary-code-execution http://secunia.com/advisories/33980/
|
|
libsndfile>1.0.17nb5<1.0.19 arbitrary-code-execution http://secunia.com/advisories/33980/
|
|
wesnoth<1.5.11 arbitrary-code-execution https://gna.org/bugs/index.php?13048
|
|
mpfr<2.4.1 buffer-overflow http://secunia.com/advisories/34063/
|
|
firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html
|
|
firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html
|
|
firefox3{,-bin}<3.0.7 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html
|
|
firefox3{,-bin}<3.0.7 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html
|
|
firefox3{,-bin}<3.0.7 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html
|
|
thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html
|
|
thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html
|
|
thunderbird{,-gtk1}<2.0.0.21 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html
|
|
thunderbird{,-gtk1}<2.0.0.21 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html
|
|
thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html
|
|
ap{2,22}-modsecurity{,2}>2.5.0<2.5.8 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667538
|
|
ap{2,22}-modsecurity{,2}>2.5.0<2.5.9 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667542
|
|
asterisk>=1.6<1.6.0.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-002.html
|
|
roundup<0.8.3 query-manipulation http://issues.roundup-tracker.org/issue2550521
|
|
#postgresql8[123]-server-[0-9]* information-disclosure http://archives.postgresql.org/pgsql-hackers/2009-02/msg00861.php
|
|
py{15,20,21,22,23,24,25,26,27,31}-amkCrypto<2.0.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0544
|
|
wesnoth<1.5.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0366
|
|
icu<4.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036
|
|
libsoup<2.24.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html
|
|
evolution<2.22.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html
|
|
evolution-data-server<2.24.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587
|
|
ejabberd<2.0.4 script-insertion-attacks http://secunia.com/advisories/34340/
|
|
lcms<1.18 denial-of-service http://scary.beasts.org/security/CESA-2009-003.html
|
|
weechat<0.2.6.1 denial-of-service http://secunia.com/advisories/34304/
|
|
glib2<2.20.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html
|
|
gst-plugins0.10-base<0.10.22nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586
|
|
firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html
|
|
firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-13.html
|
|
seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html
|
|
asterisk>=1.2<1.2.32 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html
|
|
asterisk>=1.6<1.6.0.8 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html
|
|
clamav<0.95 denial-of-service http://secunia.com/advisories/34566/
|
|
bugzilla>=3.2<3.2.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213
|
|
mapserver<4.10.4 multiple-vulnerabilities http://secunia.com/advisories/34520/
|
|
openssl<0.9.8k denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
|
|
eog<2.25.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983
|
|
mpg123{,-esound,-nas}>=1.0<1.7.2 arbitrary-code-execution http://secunia.com/advisories/34587/
|
|
ghostscript<8.64nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196
|
|
clamav<0.95.1 denial-of-service http://secunia.com/advisories/34612/
|
|
amaya-[0-9]* arbitrary-code-execution http://secunia.com/advisories/34531/
|
|
jakarta-tomcat4>=4.0.0<4.0.7 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519
|
|
jakarta-tomcat4>=4.1.0<4.1.37 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519
|
|
jakarta-tomcat5>=5.0.0<5.0.31 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519
|
|
apache-tomcat>=5.5.0<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519
|
|
lcms<1.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793
|
|
tunapie<2.1.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1253
|
|
tunapie<2.1.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1254
|
|
xine-lib<1.1.16.3 arbitrary-code-execution http://trapkit.de/advisories/TKADV2009-005.txt
|
|
ap13-perl<1.29nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796
|
|
ap{2,22}-perl<2.0.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796
|
|
unrealircd<3.2.7nb2 denial-of-service http://forums.unrealircd.com/viewtopic.php?t=6204
|
|
ntp<4.2.4p7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
|
|
pptp>1.7.2 information-disclosure https://bugzilla.redhat.com/show_bug.cgi?id=492090
|
|
geeklog<1.5.2.2 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr2
|
|
geeklog<1.5.2.3 sql-injection http://www.geeklog.net/article.php/webservices-exploit
|
|
ghostscript<8.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679
|
|
ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
|
|
ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584
|
|
ghostscript<8.64nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792
|
|
wireshark>=0.99.2<1.0.7 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2009-02.html
|
|
compiz-fusion-plugins-main<0.6.0nb2 local-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6514
|
|
ldns<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1086
|
|
phpmyadmin<2.11.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150
|
|
phpmyadmin<2.11.9.5 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151
|
|
mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846
|
|
mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847
|
|
sun-{jdk,jre}14<2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093
|
|
sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093
|
|
sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093
|
|
sun-{jdk,jre}14<2.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094
|
|
sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094
|
|
sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095
|
|
sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097
|
|
sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098
|
|
sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098
|
|
sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099
|
|
sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100
|
|
sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100
|
|
sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101
|
|
sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102
|
|
sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103
|
|
sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103
|
|
sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103
|
|
sun-{jdk,jre}14<2.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104
|
|
sun-{jdk,jre}15<5.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104
|
|
sun-{jdk,jre}6<6.0.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104
|
|
sun-{jdk,jre}15<5.0.18 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107
|
|
sun-{jdk,jre}6<6.0.13 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
|
|
xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
|
|
xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
|
|
xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
|
|
xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
|
|
poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
|
|
poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
|
|
poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
|
|
poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
|
|
poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
|
|
poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
|
|
poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
|
|
poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187
|
|
poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188
|
|
ruby18-base<1.8.7.160 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
|
|
ruby18-base<1.8.7.160 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
|
|
drupal>6<6.11 cross-site-scripting http://drupal.org/node/449078
|
|
drupal<5.17 cross-site-scripting http://drupal.org/node/449078
|
|
firefox3{,-bin}<3.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
|
|
firefox3{,-bin}<3.0.9 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html
|
|
firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html
|
|
firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
|
|
firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html
|
|
firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html
|
|
firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-20.html
|
|
firefox3{,-bin}<3.0.9 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html
|
|
firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html
|
|
firefox3{,-bin}<3.0.10 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-23.html
|
|
seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
|
|
seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html
|
|
seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
|
|
seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html
|
|
seamonkey{,-bin,-gtk1}<2.0 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html
|
|
seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html
|
|
thunderbird{,-gtk1}<2.0.0.22 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
|
|
thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html
|
|
thunderbird{,-gtk1}<2.0.0.22 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
|
|
libmodplug<0.8.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438
|
|
freetype2<2.3.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946
|
|
gnutls>=2.5.0<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416
|
|
gnutls<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417
|
|
cups<1.3.10 multiple-vulnerabilities http://secunia.com/advisories/34481/
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.2 cross-site-scripting http://secunia.com/advisories/34821/
|
|
imp<4.3.4 signature-spoofing http://secunia.com/advisories/34796/
|
|
ntop<3.3.9nb1 insecure-file-permissions http://secunia.com/advisories/34793/
|
|
opensc<0.11.8 insecure-key-generation http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html
|
|
suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
|
|
suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591
|
|
suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789
|
|
suse{,32}_freetype2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946
|
|
acroread7<7.1.2 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html
|
|
acroread8<8.1.5 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html
|
|
Transmission<1.53 cross-site-request-forgery http://secunia.com/advisories/34969/
|
|
Transmission-1.60 cross-site-request-forgery http://secunia.com/advisories/34969/
|
|
squirrelmail<1.4.18 multiple-vulnerabilities http://secunia.com/advisories/35073/
|
|
amule<2.2.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1440
|
|
drupal>5<5.18 cross-site-scripting http://drupal.org/node/461886
|
|
drupal>6<6.12 cross-site-scripting http://drupal.org/node/461886
|
|
p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663
|
|
p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341
|
|
cyrus-sasl<2.1.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688
|
|
eggdrop<1.6.19nb1 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html
|
|
kdegraphics<3.5.10nb2 remote-system-access http://secunia.com/advisories/34754/
|
|
geeklog<1.5.2.4 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr4
|
|
apache>=2.2.0<2.2.11nb3 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
|
|
plone3<3.2.2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0662
|
|
file<5.03 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515
|
|
py{15,20,21,22,23,24,25,26,27,31}-prewikka-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34928/
|
|
memcached<1.2.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255
|
|
cscope<15.7a remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148
|
|
coccinelle<0.1.9 privilege-escalation http://secunia.com/advisories/35012/
|
|
ntp>=4<4.2.4p7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252
|
|
openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377
|
|
openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378
|
|
openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379
|
|
pango<1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194
|
|
nsd<3.2.2 remote-system-access http://secunia.com/advisories/35165/
|
|
ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
|
|
prelude-manager-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34987/
|
|
quagga<0.99.12 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572
|
|
wireshark>=0.8.20<1.0.8 remote-denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-03.html
|
|
pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373
|
|
pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374
|
|
pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375
|
|
pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376
|
|
gst-plugins0.10-png<0.10.15nb1 arbitrary-code-execution http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc
|
|
xvidcore<1.2.2 arbitrary-code-execution http://secunia.com/advisories/35274/
|
|
libsndfile<1.0.20nb1 denial-of-service http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831
|
|
ImageMagick<6.5.2.9 arbitrary-code-execution http://secunia.com/advisories/35216/
|
|
apache>=2.2<2.2.11nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
|
|
base<1.4.3.1 cross-site-scripting http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346
|
|
base<1.4.3.1 cross-site-request-forgery http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346
|
|
base<1.4.3.1 sql-injection http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346
|
|
libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1788
|
|
libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1791
|
|
apache-tomcat>=6<6.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033
|
|
apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
|
|
apache-tomcat>=6<6.0.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781
|
|
apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783
|
|
apache-tomcat>=5<5.5.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033
|
|
apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
|
|
apache-tomcat>=5<5.5.28 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781
|
|
apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783
|
|
jakarta-tomcat4-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033
|
|
jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
|
|
jakarta-tomcat4-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781
|
|
jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783
|
|
wxGTK2{4,6}-[0-9]* arbitrary-code-execution http://secunia.com/advisories/35292/
|
|
wxGTK28<2.8.10nb1 arbitrary-code-execution http://secunia.com/advisories/35292/
|
|
apr-util<1.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
|
|
png<1.2.37 information-disclosure http://secunia.com/advisories/35346/
|
|
suse{,32}_libpng<11.3 information-disclosure http://secunia.com/advisories/35346/
|
|
ruby18-base<1.8.7.173 denial-of-service http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/
|
|
acroread7<7.1.3 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html
|
|
acroread8<8.1.6 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html
|
|
p5-Compress-Raw-Zlib<2.017 denial-of-service http://secunia.com/advisories/35422/
|
|
xfig<3.2.5b privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1962
|
|
pdflib-lite<7.0.4p4 remote-system-access http://secunia.com/advisories/35180/
|
|
suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377
|
|
suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378
|
|
suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.4 remote-security-bypass http://secunia.com/advisories/35407/
|
|
scmgit-base<1.6.3.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2108
|
|
rt<3.8.4 remote-security-bypass http://secunia.com/advisories/35451/
|
|
icu<4.0.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153
|
|
firefox3{,-bin}<3.0.11 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html
|
|
firefox3{,-bin}<3.0.11 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html
|
|
firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html
|
|
firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html
|
|
firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-28.html
|
|
firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html
|
|
firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-30.html
|
|
firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html
|
|
firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html
|
|
thunderbird{,-gtk1}<2.0.0.22 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html
|
|
thunderbird{,-gtk1}<2.0.0.22 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html
|
|
thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html
|
|
thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html
|
|
seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html
|
|
pcsc-lite<1.5.4 denial-of-service http://secunia.com/advisories/35500/
|
|
php5-exif<5.2.10 denial-of-service http://secunia.com/advisories/35441/
|
|
ruby18-base<1.8.7.72nb3 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0642
|
|
jakarta-tomcat{4,5}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
tiff<3.8.2nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
|
|
samba>=3.0.31<3.0.34nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888
|
|
drupal>5<5.19 multiple-vulnerabilities http://drupal.org/node/507572
|
|
drupal>6<6.13 multiple-vulnerabilities http://drupal.org/node/507572
|
|
nagios-base<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288
|
|
xemacs<21.4.24 remote-system-access http://secunia.com/advisories/35348/
|
|
apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890
|
|
apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891
|
|
tor<0.2.0.35 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2425
|
|
tor<0.2.0.35 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2426
|
|
amsn-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/35621/
|
|
pidgin<2.5.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1889
|
|
wxGTK-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369
|
|
amaya<11.3.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369
|
|
p5-IO-Socket-SSL<1.26 remote-security-bypass http://secunia.com/advisories/35703/
|
|
ruby18-actionpack<2.3.2nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422
|
|
dillo<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2294
|
|
mysql-server<5.0.67nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446
|
|
bugzilla>=3.1.1<3.2.4 remote-security-bypass http://www.bugzilla.org/security/3.2.3/
|
|
mimetex<1.71 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382
|
|
mimetex<1.71 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459
|
|
isc-dhclient>=4<4.1.0p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
|
|
isc-dhcp-client<3.1.2p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692
|
|
mediawiki>=1.14<1.15.1 cross-site-scripting http://secunia.com/advisories/35818/
|
|
htmldoc<1.8.27nb2 remote-system-access http://secunia.com/advisories/35780/
|
|
tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347
|
|
xmlsec1<1.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
|
|
xml-security-c<1.5.1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
|
|
mono<2.4.2.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
|
|
sun-{jdk,jre}6<6.0.15 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
|
|
libmodplug<0.8.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513
|
|
gst-plugins0.10-bad<0.10.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438
|
|
gst-plugins0.10-bad<0.10.11 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513
|
|
kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945
|
|
kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687
|
|
kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690
|
|
kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
|
|
kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709
|
|
p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663
|
|
p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341
|
|
wireshark<1.2.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-04.html
|
|
squid>=3.0<3.0.18 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
|
|
squid>=3.1<3.1.0.13 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
|
|
pulseaudio<0.9.14nb3 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1894
|
|
firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-34.html
|
|
firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-35.html
|
|
firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-36.html
|
|
firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-37.html
|
|
firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-39.html
|
|
firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-40.html
|
|
wordpress<2.8.2 cross-site-scripting http://wordpress.org/development/2009/07/wordpress-2-8-2/
|
|
bind<9.4.3pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
|
|
bind>=9.5.0<9.5.1pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
|
|
bind>=9.6.0<9.6.1pl1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<1.0.3 remote-file-view http://www.djangoproject.com/weblog/2009/jul/28/security/
|
|
bash-completion>10<20080705 command-injection http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259987
|
|
webkit-gtk<1.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2419
|
|
suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077
|
|
suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386
|
|
suse{,32}_libcups<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
|
|
suse{,32}_gtk2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194
|
|
camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265
|
|
python24<2.4.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031
|
|
python25<2.5.4 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031
|
|
adobe-flash-plugin<10.0.32.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
|
|
ns-flash<9.0.246.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
|
|
silc-client<1.1.8 arbitrary-code-execution http://www.silcnet.org/docs/changelog/SILC%20Client%201.1.8
|
|
wordpress<2.8.3 privilege-escalation http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/
|
|
apr-util<1.3.9 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
|
|
subversion-base<1.6.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411
|
|
apr<0.9.19 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
|
|
apr>=1.0<1.3.8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
|
|
GraphicsMagick<1.3.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097
|
|
openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720
|
|
openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721
|
|
openexr<1.6.1nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722
|
|
vlc<0.8.6inb5 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html
|
|
vlc>=0.9<0.9.9anb2 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html
|
|
vlc>=1.0<1.0.0nb1 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html
|
|
mplayer<1.0rc10nb14 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html
|
|
firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408
|
|
firefox3{,-bin}<3.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404
|
|
firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654
|
|
fetchmail<6.3.11 spoofing-attacks http://www.fetchmail.info/fetchmail-SA-2009-01.txt
|
|
sun-{jdk,jre}14<2.22 multiple-vulnerabilities http://secunia.com/advisories/36159/
|
|
sun-{jdk,jre}15<5.0.20 multiple-vulnerabilities http://secunia.com/advisories/36159/
|
|
sun-{jdk,jre}6<6.0.15 multiple-vulnerabilities http://secunia.com/advisories/36159/
|
|
irssi<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959
|
|
asterisk>=1.6.1<1.6.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2009-004.html
|
|
kdelibs<3.5.10nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725
|
|
firefox3{,-bin}<3.0.12 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-38.html
|
|
firefox3{,-bin}<3.0.13 www-address-spoof http://www.mozilla.org/security/announce/2009/mfsa2009-44.html
|
|
firefox3{,-bin}<3.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-45.html
|
|
zope29<2.9.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668
|
|
zope210<2.10.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668
|
|
zope211<2.11.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668
|
|
zope3<3.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668
|
|
zope29<2.9.11 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669
|
|
zope210<2.10.9 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669
|
|
zope211<2.11.4 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669
|
|
zope3<3.3.3 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669
|
|
xerces-c<2.8.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885
|
|
camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660
|
|
asterisk>=1.6.1<1.6.1.4 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html
|
|
asterisk>=1.6.0<1.6.0.13 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html
|
|
wordpress<2.8.4 bypass-security-check http://wordpress.org/development/2009/08/2-8-4-security-release/
|
|
gnutls<2.8.2 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730
|
|
viewvc<1.0.9 cross-site-scripting http://secunia.com/advisories/36292/
|
|
squirrelmail<1.4.20rc2 cross-site-scripting http://www.squirrelmail.org/security/issue/2009-08-12
|
|
curl<7.19.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417
|
|
samba-3.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414
|
|
libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416
|
|
libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414
|
|
libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416
|
|
p5-Compress-Raw-Bzip2<2.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1884
|
|
libvorbis<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663
|
|
ntop<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2732
|
|
isc-dhcp-server<3.1.2p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892
|
|
cogito-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
asterisk>=1.2<1.2.35 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html
|
|
asterisk>=1.6.0<1.6.0.15 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html
|
|
asterisk>=1.6.1<1.6.1.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html
|
|
libspf2<1.2.9nb1 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2009/09/08/msg029522.html
|
|
expat<2.0.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
|
|
geeklog<1.5.2.5 remote-security-bypass http://www.geeklog.net/article.php/geeklog-1.6.0sr2
|
|
geeklog<1.5.2.5 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.6.0sr1
|
|
geeklog<1.5.2.5 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.0sr1
|
|
neon<0.28.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473
|
|
neon<0.28.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474
|
|
squid<2.7.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855
|
|
libpurple<2.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694
|
|
libpurple-2.6.0{,nb[0-9]*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025
|
|
libpurple<2.6.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026
|
|
ikiwiki<3.1415926 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2944
|
|
opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3047
|
|
opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3046
|
|
opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3045
|
|
opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3044
|
|
opera<10.0 html-form-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3048
|
|
opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3049
|
|
wget<1.11.4nb1 ssl-cert-spoofing http://cve.circl.lu/cve/CVE-2009-3490
|
|
qt4-libs<4.5.2nb3 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700
|
|
openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200
|
|
openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201
|
|
openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200
|
|
openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201
|
|
dnsmasq<2.50 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957
|
|
dnsmasq<2.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958
|
|
freeradius<1.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111
|
|
rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086
|
|
rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009
|
|
libpurple>=2.5.2<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085
|
|
libpurple>=2.6.0<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084
|
|
libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083
|
|
libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703
|
|
apache<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
|
|
apache>=2.2.0<2.2.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
|
|
apache-2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094
|
|
kdelibs-3.[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702
|
|
cyrus-imapd<2.2.13p1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632
|
|
dovecot-sieve<1.1.7 arbitrary-code-execution http://www.dovecot.org/list/dovecot-news/2009-September/000135.html
|
|
slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159
|
|
slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160
|
|
seamonkey{,-bin,-gtk1}<1.1.18 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
|
|
seamonkey{,-bin,-gtk1}<1.1.18 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html
|
|
thunderbird{,-gtk1}<2.0.0.23 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
|
|
thunderbird{,-gtk1}<2.0.0.23 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html
|
|
firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
|
|
xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
|
|
firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
|
|
firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html
|
|
xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html
|
|
firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html
|
|
firefox<3.5.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
|
|
xulrunner<1.9.1.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
|
|
firefox3<3.0.14 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
|
|
xapian-omega<1.0.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947
|
|
bugzilla<3.2.5 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165
|
|
rt<3.8.5 script-insertion http://secunia.com/advisories/36752/
|
|
wireshark<1.0.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-05.html
|
|
wireshark<1.2.2 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-06.html
|
|
vlc<1.0.2 arbitrary-code-execution http://secunia.com/advisories/36762/
|
|
ffmpeg<20090611nb4 heap-overflow http://secunia.com/advisories/36760/
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4631
|
|
ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4632
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4633
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4634
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4635
|
|
ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4636
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4637
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4638
|
|
ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639
|
|
ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4640
|
|
php<5.2.11 multiple-vulnerabilities http://www.php.net/releases/5_2_11.php
|
|
nginx<0.5.38 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629
|
|
nginx>=0.6<0.6.39 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629
|
|
nginx>=0.7<0.7.62 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629
|
|
nginx>=0.8<0.8.15 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629
|
|
nginx<0.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896
|
|
nginx>=0.6<0.6.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896
|
|
nginx>=0.7<0.7.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896
|
|
nginx>=0.8<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896
|
|
fprot-workstation-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
drupal>5<5.20 multiple-vulnerabilities http://drupal.org/node/579482
|
|
drupal>6<6.14 multiple-vulnerabilities http://drupal.org/node/579482
|
|
newt<0.52.11 denial-of-service http://secunia.com/advisories/36810/
|
|
merkaartor<0.15 privilege-escalation http://secunia.com/advisories/36897/
|
|
nginx<0.7.63 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898
|
|
nginx>=0.8<0.8.17 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898
|
|
samba<3.0.37 information-disclosure http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948
|
|
samba<3.0.37 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906
|
|
samba<3.0.37 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813
|
|
snort<2.8.5 denial-of-service http://secunia.com/advisories/36808/
|
|
thin<1.2.4 source-address-spoofing http://secunia.com/advisories/36825/
|
|
apache>=2.0<2.0.64 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
|
|
apache>=2.2.0<2.2.13nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
|
|
apache<1.3.42 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095
|
|
tkman-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137
|
|
horde<3.3.5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236
|
|
horde<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237
|
|
glib2<2.2.21 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289
|
|
puppet<0.24.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564
|
|
xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
|
|
xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
|
|
xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
|
|
xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
|
|
xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
|
|
aria2<1.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<1.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695
|
|
py{15,20,21,22,23,24,25,26,27,31}-django>=1.1<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695
|
|
unbound<1.3.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3602
|
|
py{15,20,21,22,23,24,25,26,27,31}-postgresql<4.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2940
|
|
gd<2.0.35nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
|
|
php5-gd<5.2.11nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
|
|
typo3<4.2.10 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/
|
|
asterisk>=1.6.1<1.6.1.8 security-restrictions-bypass http://downloads.digium.com/pub/security/AST-2009-007.html
|
|
wireshark<1.2.3 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-07.html
|
|
firefox3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox<3.5.4 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-52.html
|
|
firefox<3.5.4 insecure-temp-files http://www.mozilla.org/security/announce/2009/mfsa2009-53.html
|
|
firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-54.html
|
|
firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html
|
|
firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html
|
|
firefox<3.5.4 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-57.html
|
|
firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html
|
|
firefox<3.5.4 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-60.html
|
|
firefox<3.5.4 local-filename-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-61.html
|
|
firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html
|
|
xulrunner<1.9.1.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4
|
|
proftpd<1.3.3 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3639
|
|
bftpd<2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4593
|
|
opera<10.01 multiple-vulnerabilities http://secunia.com/advisories/37182/
|
|
acroread7<7.1.4 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html
|
|
acroread8<8.1.7 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html
|
|
wordpress<2.8.5 denial-of-service http://secunia.com/advisories/37088/
|
|
squidGuard<1.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700
|
|
squidGuard-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826
|
|
snort<2.8.5.1 denial-of-service http://secunia.com/advisories/37135/
|
|
p5-HTML-Parser<3.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627
|
|
seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html
|
|
seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html
|
|
seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html
|
|
asterisk<1.2.35 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html
|
|
asterisk>=1.6.0<1.6.0.17 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html
|
|
asterisk>=1.6.1<1.6.1.9 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html
|
|
asterisk>=1.6.1<1.6.1.9 cross-site-scripting http://downloads.digium.com/pub/security/AST-2009-009.html
|
|
roundcube<0.3 cross-site-request-forgery http://secunia.com/advisories/37235/
|
|
openssl<0.9.8l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
sun-{jdk,jre}14-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
sun-{jdk,jre}15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gnutls<2.10.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
libwww<5.4.0nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
|
|
opera<10.10 multiple-vulnerabilities http://secunia.com/advisories/37469/
|
|
mysql-server<5.0.88 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019
|
|
mysql-client<5.0.88 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028
|
|
php<5.2.11nb2 multiple-vulnerabilities http://secunia.com/advisories/37412/
|
|
php5-pear-Mail<1.1.14nb2 security-bypass http://secunia.com/advisories/37410/
|
|
opera<10.10 arbitrary-code-execution http://secunia.com/advisories/37431/
|
|
suse{,32}_openssl<11.3 session-hijack http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html
|
|
cups<1.4.3 denial-of-service http://secunia.com/advisories/37364/
|
|
gimp<2.6.8 remote-system-access http://secunia.com/advisories/37348/
|
|
qt4-libs<4.5.3 multiple-vulnerabilities http://secunia.com/advisories/37396/
|
|
mpop<1.0.19 spoofing-attacks http://secunia.com/advisories/37312/
|
|
cups<1.4.2 cross-site-scripting http://secunia.com/advisories/37308/
|
|
gimp<2.6.8 remote-system-access http://secunia.com/advisories/37232/
|
|
libexif-0.6.18 denial-of-service http://secunia.com/advisories/37378/
|
|
wordpress<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/37332/
|
|
bind>=9.0<9.4.3pl5 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
|
|
bind>=9.5<9.5.2pl2 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
|
|
bind>=9.6<9.6.1pl3 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
|
|
libltdl<2.2.6b privilege-escalation http://secunia.com/advisories/37414/
|
|
ruby18-actionpack<2.3.5 cross-site-scripting http://secunia.com/advisories/37446/
|
|
kdelibs<3.5.10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
|
|
kdelibs>4<4.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
|
|
rt<3.8.6 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3585
|
|
asterisk<1.2.37 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html
|
|
asterisk>=1.6.0<1.6.0.19 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html
|
|
asterisk>=1.6.1<1.6.1.11 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html
|
|
sun-{jre,jdk}14<2.24 multiple-vulnerabilities http://secunia.com/advisories/37231/
|
|
sun-{jre,jdk}15<5.0.22 multiple-vulnerabilities http://secunia.com/advisories/37231/
|
|
sun-{jre,jdk}6<6.0.17 multiple-vulnerabilities http://secunia.com/advisories/37231/
|
|
libvorbis<1.2.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379
|
|
apr<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699
|
|
vmware-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
vmware-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
phpmyadmin<2.11.9.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696
|
|
phpmyadmin<2.11.9.6 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697
|
|
xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188
|
|
poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
|
|
poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
|
|
poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
|
|
poppler-glib<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607
|
|
poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608
|
|
poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
|
|
transfig<3.2.5nb2 arbitrary-code-execution http://secunia.com/advisories/37577/
|
|
xfig<3.2.5bnb5 arbitrary-code-execution http://secunia.com/advisories/37571/
|
|
libpurple<2.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615
|
|
automake<1.11.1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029
|
|
automake14<1.4.6nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029
|
|
centerim<4.22.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776
|
|
devIL<1.7.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994
|
|
ntp<4.2.4p8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
|
|
firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html
|
|
firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html
|
|
firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html
|
|
firefox<3.5.6 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html
|
|
firefox<3.5.6 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-69.html
|
|
firefox<3.5.6 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-70.html
|
|
firefox<3.5.6 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-71.html
|
|
xulrunner<1.9.1.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6
|
|
seamonkey<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.1
|
|
drupal>5<5.21 cross-site-scripting http://drupal.org/node/661586
|
|
drupal>6<6.15 cross-site-scripting http://drupal.org/node/661586
|
|
typolight<2.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html
|
|
typolight26<2.6.7nb3 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html
|
|
typolight27<2.7.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html
|
|
typolight28<2.8rc2 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html
|
|
coreutils<6.12nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4135
|
|
wireshark<1.2.5 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-09.html
|
|
gtk2+>2<2.18.5 denial-of-service https://bugzilla.gnome.org/show_bug.cgi?id=598476
|
|
ghostscript<8.70nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4270
|
|
php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557
|
|
php<5.2.11nb2 arbitrary-fifo-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558
|
|
php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017
|
|
php<5.2.12 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142
|
|
php<5.2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143
|
|
horde<3.3.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3701
|
|
kdegraphics<4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035
|
|
kdelibs<3.5.10nb5 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt
|
|
kdelibs>4<4.3.3 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt
|
|
proftpd<1.3.2c man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html
|
|
acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html
|
|
acroread7-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html
|
|
acroread8-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html
|
|
sunbird-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
|
|
thunderbird{,-gtk1}-2.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689
|
|
spamassassin>=3.2.0<3.2.5nb4 denial-of-service https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269
|
|
qt4-libs<4.5.3nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2816
|
|
qt4-libs<4.5.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384
|
|
xmlsec1<1.2.14 privilege-escalation http://secunia.com/advisories/37615/
|
|
adobe-flash-plugin<10.0.42.34 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html
|
|
ns-flash<9.0.260 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html
|
|
webmin<1.500 cross-site-scripting http://secunia.com/advisories/37648/
|
|
kdegraphics-3.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035
|
|
ampache<3.5.3 remote-security-bypass http://secunia.com/advisories/37867/
|
|
trac<0.11.6 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405
|
|
ja-trac<0.11.5pl1nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405
|
|
php{5,53,54,55}-jpgraph-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4422
|
|
openttd<0.7.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4007
|
|
libpurple<2.6.5 remote-information-exposure http://secunia.com/advisories/37953/
|
|
ruby18-base<1.8.7.174nb3 escape-sequence-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4492
|
|
typo3<4.3.1 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
|
|
libthai<0.1.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012
|
|
powerdns-recursor<3.1.7.2 arbitrary-code-execution http://doc.powerdns.com/powerdns-advisory-2010-01.html
|
|
powerdns-recursor<3.1.7.2 spoofing-attacks http://doc.powerdns.com/powerdns-advisory-2010-02.html
|
|
Transmission<1.77 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0012
|
|
openssl<0.9.8lnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355
|
|
tnftpd<20091122 denial-of-service http://secunia.com/advisories/38098/
|
|
cherokee<0.99.32 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4489
|
|
phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251
|
|
phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252
|
|
phpmyadmin<2.11.10 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605
|
|
lib3ds<2.0rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0280
|
|
tor<0.2.1.22 sensitive-information-exposure http://secunia.com/advisories/38198/
|
|
gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624
|
|
gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001
|
|
apache-tomcat<5.5.29 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693
|
|
apache-tomcat<5.5.29 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901
|
|
apache-tomcat<5.5.29 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902
|
|
apache-tomcat>=6<6.0.21 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693
|
|
apache-tomcat>=6<6.0.21 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901
|
|
apache-tomcat>=6<6.0.21 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902
|
|
zope29<2.9.12 cross-site-scripting http://secunia.com/advisories/38007/
|
|
zope210<2.10.11 cross-site-scripting http://secunia.com/advisories/38007/
|
|
zope211<2.11.6 cross-site-scripting http://secunia.com/advisories/38007/
|
|
mit-krb5<1.4.2nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212
|
|
acroread7-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html
|
|
acroread7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
acroread8-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html
|
|
acroread8-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
maildrop<2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0301
|
|
wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-01.html
|
|
wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-02.html
|
|
apache<1.3.42 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010
|
|
ircd-hybrid<7.2.3nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4016
|
|
fuse>=2.0<2.8.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789
|
|
samba<3.3.10 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787
|
|
squid<2.7.7nb2 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
|
|
squid>=3.0<3.0.23 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
|
|
squid>=3.1<3.1.0.16 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
|
|
apache-1.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
puppet<0.24.9 local-file-write https://bugzilla.redhat.com/show_bug.cgi?id=502881
|
|
php5-pear-DB<1.7.8 sql-injection http://secunia.com/advisories/20231/
|
|
lighttpd<1.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295
|
|
fetchmail<6.3.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562
|
|
gmime<2.2.25nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409
|
|
gmime24<2.4.15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409
|
|
GraphicsMagick<1.3.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882
|
|
asterisk>=1.6.1<1.6.1.14 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html
|
|
asterisk>=1.6.2<1.6.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html
|
|
squid<2.7.7nb3 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt
|
|
squid>=3.0<3.0.24 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt
|
|
mysql-server>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484
|
|
RealPlayerGold<11.0.2 multiple-vulnerabilities http://service.real.com/realplayer/security/01192010_player/en/
|
|
bugzilla-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
bugzilla<3.2.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989
|
|
typo3<4.3.2 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/
|
|
ejabberd<2.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0305
|
|
libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995
|
|
libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996
|
|
nss<3.12.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
samba<3.3.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926
|
|
chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0292
|
|
chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0293
|
|
chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0294
|
|
gnome-screensaver<2.28.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0414
|
|
opera<10.50 man-in-the-middle-attack http://secunia.com/advisories/38546/
|
|
netpbm<10.35.72 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274
|
|
openoffice2{,-bin}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0668
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0669
|
|
adobe-flash-plugin<10.0.45.2 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html
|
|
ns-flash<9.0.262 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html
|
|
sudo>=1.6.9<1.7.2p4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426
|
|
sudo-1.6.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427
|
|
openoffice2-bin-[0-9]* signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
|
|
openoffice3-bin<3.2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
|
|
openoffice2{,-bin}-[0-9]* remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
|
|
openoffice3{,-bin}<3.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217
|
|
openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949
|
|
openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949
|
|
openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950
|
|
openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950
|
|
openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301
|
|
openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301
|
|
openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302
|
|
openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302
|
|
curl>=7.10.5<7.20.0 denial-of-service http://secunia.com/advisories/38427/
|
|
dillo<2.2 sensitive-information-exposure http://secunia.com/advisories/38569/
|
|
gnome-screensaver<2.28.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0422
|
|
libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277
|
|
libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420
|
|
pidgin<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423
|
|
asterisk>=1.6.1<1.6.1.17 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html
|
|
asterisk>=1.6.2<1.6.2.5 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html
|
|
thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html
|
|
thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html
|
|
thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html
|
|
firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html
|
|
firefox>=3.5<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html
|
|
firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html
|
|
firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html
|
|
firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html
|
|
xulrunner<1.9.1.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8
|
|
seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html
|
|
seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html
|
|
seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html
|
|
seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html
|
|
seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html
|
|
thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html
|
|
thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html
|
|
php<5.2.13 remote-security-bypass http://secunia.com/advisories/38708/
|
|
gnome-screensaver<2.28.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4641
|
|
openldap-client<2.4.18 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767
|
|
drupal>5<5.22 multiple-vulnerabilities http://drupal.org/node/731710
|
|
drupal>6<6.16 multiple-vulnerabilities http://drupal.org/node/731710
|
|
png<1.2.43 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205
|
|
cups<1.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393
|
|
mediawiki<1.15.2 security-restrictions-bypass http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
|
|
opera<10.51 arbitrary-code-execution http://secunia.com/advisories/38820/
|
|
apache>=2.2<2.2.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408
|
|
apache>=2.2<2.2.15 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
|
|
apache-2.0.[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434
|
|
dovecot>=1.2<1.2.11 denial-of-service http://www.dovecot.org/list/dovecot-news/2010-March/000152.html
|
|
gtar-base<1.23 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624
|
|
gcpio<2.6nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624
|
|
vlc<1.0.6 arbitrary-code-execution http://secunia.com/advisories/38853/
|
|
lshell<0.9.10 security-bypass http://secunia.com/advisories/38879/
|
|
samba<3.3.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728
|
|
spamass-milter<0.3.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1132
|
|
viewvc<1.0.10 cross-site-scripting http://secunia.com/advisories/38895/
|
|
unbound<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0969
|
|
ikiwiki<3.20100312 cross-site-scripting http://secunia.com/advisories/38983/
|
|
Transmission<1.92 remote-system-access http://secunia.com/advisories/39031/
|
|
seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html
|
|
seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html
|
|
seamonkey{,-bin}<1.1.19 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html
|
|
seamonkey{,-bin}<1.1.19 remote-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2010-06.html
|
|
seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-07.html
|
|
m4<1.4.14 insecure-file-permissions http://secunia.com/advisories/38707/
|
|
nss<3.12.3 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
|
|
nss<3.12.3 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html
|
|
openssl<0.9.8mnb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245
|
|
spice-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
seamonkey{,-bin}-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
dpkg<1.14.29 remote-manipulation-data http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396
|
|
heimdal<1.3.2 denial-of-service http://secunia.com/advisories/39037/
|
|
openssl<0.9.8mnb2 denial-of-service http://www.openssl.org/news/secadv_20100324.txt
|
|
php5-xmlrpc<5.2.13nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397
|
|
php53-xmlrpc<5.3.2nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397
|
|
pango<1.26.2nb2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0421
|
|
deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0439
|
|
deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1123
|
|
ctorrent-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ctorrent-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759
|
|
sun-{jre,jdk}6<6.0.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847
|
|
firefox<3.6.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-25.html
|
|
libnids<1.24 denial-of-service http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828
|
|
firefox<3.0.19 arbitrary-code-execution http://secunia.com/advisories/39240/
|
|
firefox<3.5.9 arbitrary-code-execution http://secunia.com/advisories/39136/
|
|
seamonkey{,-bin}<2.0.4 arbitrary-code-execution http://secunia.com/advisories/39243/
|
|
trac<0.11.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2010-5108
|
|
ja-trac<0.11.7pl1 security-bypass http://secunia.com/advisories/39123/
|
|
viewvc<1.0.11 cross-site-scripting http://secunia.com/secunia_research/2010-26/
|
|
thunderbird<3.0.4 arbitrary-code-execution http://secunia.com/advisories/39242/
|
|
expat<2.0.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
|
|
typo3>=4.3.0<4.3.3 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/
|
|
hamlib<1.2.11 privilege-escalation http://secunia.com/advisories/39299/
|
|
kdebase<4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436
|
|
kdebase-workspace<4.3.5nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436
|
|
sun-{jre,jdk}6<6.0.20 arbitrary-code-execution http://www.kb.cert.org/vuls/id/886582
|
|
teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739
|
|
dvipsk<5.98nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739
|
|
nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160
|
|
nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161
|
|
irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155
|
|
irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156
|
|
sudo<1.7.2p6 arbitrary-command-execution http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html
|
|
erlang<13.2.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371
|
|
memcached<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152
|
|
clamav<0.96 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098
|
|
clamav<0.96 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311
|
|
abcm2ps<5.9.12 remote-system-access http://secunia.com/advisories/39345/
|
|
mediawiki<1.15.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1150
|
|
suse{,32}_openssl<11.3 man-in-the-middle-attack http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html
|
|
mysql-server>=5.1<5.1.45 denial-of-service http://secunia.com/advisories/39454/
|
|
p5-Crypt-OpenSSL-DSA<0.13nb6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0129
|
|
mit-krb5>=1.7<1.8.2 remote-system-access http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt
|
|
vlc>0.5<1.0.6 arbitrary-command-execution http://www.videolan.org/security/sa1003.html
|
|
libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192
|
|
libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194
|
|
apache-tomcat<5.5.30 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157
|
|
apache-tomcat>=6<6.0.27 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157
|
|
smalltalk<3.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
|
|
apache-tomcat<6.0.30 cross-site-request-forgery http://secunia.com/advisories/39261/
|
|
wordpress-2.* sensitive-information-exposure http://secunia.com/advisories/39040/
|
|
gcc44<4.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
|
|
gcc34<3.4.6nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
|
|
gcc3-java-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
|
|
qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
|
|
qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
|
|
qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
|
|
qt4-libs<4.6.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
|
|
qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
|
|
qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
|
|
memcached<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415
|
|
postgresql82-server<8.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442
|
|
postgresql83-server<8.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442
|
|
postgresql84-server<8.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442
|
|
typolight<2.6 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html
|
|
typolight26<2.6.7nb3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html
|
|
typolight27<2.7.7 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html
|
|
typolight28<2.8.3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html
|
|
fetchmail<6.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167
|
|
wireshark<1.2.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-04.html
|
|
dvipng<1.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829
|
|
openttd<1.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0402
|
|
pcre<8.0.2 denial-of-service http://secunia.com/advisories/39738/
|
|
gnustep-base<1.20.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1620
|
|
gnustep-base<1.20.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1457
|
|
ghostscript<8.71 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1869
|
|
modular-xorg-server<1.6.5nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166
|
|
p5-POE-Component-IRC<6.32 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3438
|
|
mysql-server>=5.0<5.0.91 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848
|
|
mysql-server>=5.1<5.1.47 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848
|
|
mysql-server>=5.0<5.0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849
|
|
mysql-server>=5.1<5.1.47 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849
|
|
mysql-server>=5.0<5.0.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850
|
|
mysql-server>=5.1<5.1.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850
|
|
libtheora<1.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389
|
|
aria2<1.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1512
|
|
kdenetwork4<4.3.5nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000
|
|
kdenetwork4<4.3.5nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1511
|
|
libpurple<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624
|
|
geeklog<1.6.1.1 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.1sr1
|
|
mysql-client>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484
|
|
lftp<4.0.6 security-bypass http://www.ocert.org/advisories/ocert-2010-001.html
|
|
postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169
|
|
postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170
|
|
postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169
|
|
postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170
|
|
postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169
|
|
postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170
|
|
mit-krb5<1.4.2nb10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
|
|
clamav<0.96.1 denial-of-service http://secunia.com/advisories/39895/
|
|
libprelude<1.0.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736
|
|
mediawiki<1.15.4 cross-site-scripting http://secunia.com/advisories/39922/
|
|
heimdal<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
|
|
html2ps<1.0b6 sensitive-information-exposure http://secunia.com/advisories/39957/
|
|
exim<4.72 privilege-escalation http://secunia.com/advisories/40019/
|
|
openssl<0.9.8o multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt
|
|
openssl>=1.0.0<1.0.0a multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt
|
|
camlimages<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296
|
|
sudo<1.7.2p7 command-injection http://www.sudo.ws/sudo/alerts/secure_path.html
|
|
py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 cross-site-scripting http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
|
|
abcm2ps<5.9.13 arbitrary-code-execution http://secunia.com/advisories/40033/
|
|
gnutls<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7239
|
|
bftpd<2.9 privilege-escalation http://secunia.com/advisories/40014/
|
|
rpm<4.8.1 privilege-escalation http://secunia.com/advisories/40028/
|
|
adobe-flash-plugin<10.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa10-01.html
|
|
freeciv-server<2.2.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2445
|
|
openoffice3-bin<3.2.1 man-in-the-middle-attack http://www.openoffice.org/security/cves/CVE-2009-3555.html
|
|
openoffice3{,-bin}<3.2.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2010-0395.html
|
|
teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440
|
|
dvipsk<5.98nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440
|
|
php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39573/
|
|
php<5.2.14 multiple-vulnerabilities http://secunia.com/advisories/39675/
|
|
php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39675/
|
|
wireshark<1.2.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2010-06.html
|
|
ghostscript<8.71nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628
|
|
apache>=2.2.9<2.2.15nb3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068
|
|
isc-dhcpd<4.1.1p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156
|
|
tiff<3.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411
|
|
bozohttpd>=20090522<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195
|
|
bozohttpd<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320
|
|
samba<3.0.37nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063
|
|
samba>=3.3.0<3.3.13 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063
|
|
plone25-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422
|
|
plone3-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422
|
|
opera<10.54 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2421
|
|
suse{,32}_krb5<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
|
|
suse{,32}_openssl<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
|
|
suse{,32}_libpng<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
|
|
cups<1.4.3nb6 multiple-vulnerabilities http://cups.org/articles.php?L596
|
|
python24-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
|
|
python25<2.5.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
|
|
python26<2.6.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
|
|
python26-2.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
|
|
python27<2.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
|
|
python31<3.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
|
|
moodle<1.9.9 cross-site-scripting http://secunia.com/advisories/40248/
|
|
firefox<3.6.7 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206
|
|
sendmail<8.14.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565
|
|
w3m<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074
|
|
w3m-img<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074
|
|
unrealircd<3.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4893
|
|
adobe-flash-plugin<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html
|
|
adobe-flash-plugin>=10.0<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html
|
|
{firefox-bin,seamonkey-bin,ns}-flash<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html
|
|
{firefox-bin,seamonkey-bin,ns}-flash<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html
|
|
perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168
|
|
perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447
|
|
irrtoolset-nox11-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
seamonkey{,-bin}<2.0.5 multiple-vulnerabilities http://secunia.com/advisories/40326/
|
|
firefox<3.6.4 multiple-vulnerabilities http://secunia.com/advisories/40309/
|
|
thunderbird<3.0.5 multiple-vulnerabilities http://secunia.com/advisories/40323/
|
|
bugzilla<3.2.7 security-bypass http://secunia.com/advisories/40300/
|
|
konversation<1.2.3 denial-of-service http://secunia.com/advisories/38711/
|
|
xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
|
|
xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
|
|
ufoai<2.3 remote-system-access http://secunia.com/advisories/40321/
|
|
squirrelmail<1.4.21 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637
|
|
tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067
|
|
png<1.4.3 remote-system-access http://secunia.com/advisories/40302/
|
|
suse{,32}_libpng<11.3 remote-system-access http://secunia.com/advisories/40302/
|
|
mysql-server>=5.1<5.1.48 denial-of-service http://secunia.com/advisories/40333/
|
|
mDNSResponder<108nb2 unknown-impact http://www.vuxml.org/freebsd/1cd87e2a-81e3-11df-81d8-00262d5ed8ee.html
|
|
qt4-libs<4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2621
|
|
opera<10.60 information-disclosure http://secunia.com/advisories/40375/
|
|
tiff<3.9.4nb1 denial-of-service http://secunia.com/advisories/40422/
|
|
suse{,32}_libtiff<12.1 denial-of-service http://secunia.com/advisories/40422/
|
|
py{15,20,21,22,23,24,25,26,27,31}-Paste<1.7.4 cross-site-scripting http://secunia.com/advisories/40408/
|
|
xulrunner<1.9.2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4
|
|
php<5.2.14 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225
|
|
php>=5.3.0<5.3.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225
|
|
bind>=9.0<9.4.3pl4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
|
|
bind>=9.5<9.5.2pl1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
|
|
bind>=9.6<9.6.1pl2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
|
|
freeciv-server<2.3.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5645
|
|
roundup<1.4.14 cross-site-scripting http://secunia.com/advisories/40433/
|
|
bogofilter<1.2.2 denial-of-service http://secunia.com/advisories/40427/
|
|
avahi<0.6.26 denial-of-service http://secunia.com/advisories/40470/
|
|
suse{,32}<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_alsa<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_aspell<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_compat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_expat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_fontconfig<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_freetype2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_gdk-pixbuf<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_glx<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_gtk<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_gtk2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_krb5<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libcups<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libidn<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libjpeg<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libpng<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libsigc++2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libtiff<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libxml2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_locale<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openmotif<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openssl<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_qt3<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_resmgr<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_slang<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_vmware<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_x11<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby-base19>=1.9<1.9.1-p429 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489
|
|
gv<3.7.0 privilege-escalation http://secunia.com/advisories/40475/
|
|
ghostscript<8.71nb6 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2055
|
|
bind>=9.7.1<9.7.1pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2010-0213
|
|
mono-xsp<2.6.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459
|
|
pango<1.27.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421
|
|
freetype2<2.4.0 remote-system-access http://secunia.com/advisories/40586/
|
|
postgresql8{0,1}{,-server,-client}<8.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0070
|
|
vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713
|
|
openldap-server<2.4.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211
|
|
openldap-server<2.4.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212
|
|
pulseaudio<0.9.21nb3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1299
|
|
firefox<3.6.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7
|
|
xulrunner<1.9.2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7
|
|
seamonkey<2.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.6
|
|
thunderbird>=3.1<3.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.1
|
|
thunderbird<3.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.6
|
|
ocaml-mysql<1.1.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2942
|
|
qemu<0.12.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0741
|
|
libpurple<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528
|
|
openttd<1.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2534
|
|
qt4-libs<4.7.2 denial-of-service http://secunia.com/advisories/40588/
|
|
squirrelmail<1.4.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813
|
|
php<5.2.14 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531
|
|
php>=5.3.0<5.3.3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531
|
|
dovecot>=1.2<1.2.13 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2010-July/000163.html
|
|
apache>=2.0<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
|
|
apache>=2.2<2.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452
|
|
typo3<4.3.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/
|
|
typo3>=4.4.0<4.4.1 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/
|
|
gnupg2<2.0.14nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547
|
|
bozohttpd<20100621 remote-security-bypass http://secunia.com/advisories/40737/
|
|
mediawiki<1.15.5 multiple-vulnerabilities http://secunia.com/advisories/40740/
|
|
firefox<3.6.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-48.html
|
|
cabextract<1.3 denial-of-service http://secunia.com/advisories/40719/
|
|
gdm<2.20.11 information-disclosure https://bugzilla.gnome.org/show_bug.cgi?id=571846
|
|
socat<1.7.1.3 remote-system-access http://secunia.com/advisories/40806/
|
|
mantis<1.2.2 cross-site-scripting http://secunia.com/advisories/40812/
|
|
mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2539
|
|
mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2540
|
|
wireshark<1.2.10 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2010-08.html
|
|
citrix_ica<11.100 arbitrary-code-execution http://secunia.com/advisories/40808/
|
|
wget<1.12nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252
|
|
mantis<1.2.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2574
|
|
freetype2<2.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797
|
|
bugzilla-3.0* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
bugzilla>=2.19.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756
|
|
bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756
|
|
bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756
|
|
bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756
|
|
bugzilla>=2.22rc1<3.2.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757
|
|
bugzilla>=3.3.1<3.4.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757
|
|
bugzilla>=3.5.1<3.6.2 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757
|
|
bugzilla>=3.7<3.7.3 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757
|
|
bugzilla>=2.17.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758
|
|
bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758
|
|
bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758
|
|
bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758
|
|
bugzilla>=2.23.1<3.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759
|
|
bugzilla>=3.3.1<3.4.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759
|
|
bugzilla>=3.5.1<3.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759
|
|
bugzilla>=3.7<3.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759
|
|
cabextract<1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2801
|
|
acroread8-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862
|
|
openoffice3{,-bin}<3.3 arbitrary-code-execution http://secunia.com/advisories/40775/
|
|
openssl<0.9.8onb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939
|
|
win32-codecs-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40936/
|
|
win32-codecs-[0-9]* remote-system-access http://secunia.com/advisories/40934/
|
|
glpng<1.46 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1519
|
|
dbus-glib<0.88 local-security-bypass http://secunia.com/advisories/40908/
|
|
adobe-flash-plugin<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html
|
|
adobe-flash-plugin>=10.0<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html
|
|
{firefox-bin,seamonkey-bin,ns}-flash<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html
|
|
{firefox-bin,seamonkey-bin,ns}-flash<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html
|
|
drupal>5<5.23 multiple-vulnerabilities http://drupal.org/node/731710
|
|
drupal>6<6.18 multiple-vulnerabilities http://drupal.org/node/731710
|
|
opera<10.61 remote-system-access http://secunia.com/advisories/40120/
|
|
ruby18-base<1.8.7.174nb6 cross-site-scripting http://secunia.com/advisories/41003/
|
|
ruby{,-base,14,14-base,16,16-base}<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ssmtp<2.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7258
|
|
openjdk7-icedtea-plugin<1.13 multiple-vulnerabilities http://blog.fuseyism.com/index.php/2010/07/29/icedtea7-113-released/
|
|
phpmyadmin<2.11.10.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055
|
|
phpmyadmin<2.11.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056
|
|
PAM<1.1.1 privilege-escalation http://secunia.com/advisories/40978/
|
|
mysql-server>=5.1<5.1.49 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
|
|
libgdiplus<2.6nb1 remote-system-access http://secunia.com/advisories/40792/
|
|
quagga<0.99.17 remote-system-access http://secunia.com/advisories/41038/
|
|
squid>=3.1.5.1<3.1.7 denial-of-service http://bugs.squid-cache.org/show_bug.cgi?id=3021
|
|
kdegraphics>=4.3.0 remote-system-access http://secunia.com/advisories/40952/
|
|
fuse-encfs<1.7 multiple-vulnerabilities http://secunia.com/advisories/41158/
|
|
qt4-libs<4.7.0rc1 ssl-certificate-spoofing http://secunia.com/advisories/41236/
|
|
nss<3.12.8 ssl-certificate-spoofing http://secunia.com/advisories/41237/
|
|
firefox<3.6.11 ssl-certificate-spoofing http://secunia.com/advisories/41244/
|
|
koffice-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40966/
|
|
p5-libwww<5.835 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2253
|
|
corkscrew-[0-9]* buffer-overflow http://people.freebsd.org/~niels/issues/corkscrew-20100821.txt
|
|
mantis<1.2.3 cross-site-scripting http://secunia.com/advisories/41278/
|
|
zope210<2.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198
|
|
zope211<2.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198
|
|
squid>=3.0<3.1.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
|
|
xulrunner<1.9.2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9
|
|
firefox<3.6.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9
|
|
thunderbird>=3.1<3.1.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.3
|
|
thunderbird<3.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.7
|
|
seamonkey<2.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7
|
|
horde<3.3.9 cross-site-scripting http://secunia.com/advisories/41283/
|
|
sudo<1.7.4p4 local-security-bypass http://secunia.com/advisories/41316/
|
|
apache-tomcat<5.5.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
|
|
apache-tomcat>=6<6.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
|
|
mednafen<0.8.13 buffer-overflow http://secunia.com/advisories/41337/
|
|
samba>=3.3.0<3.3.14 buffer-overrun http://www.samba.org/samba/security/CVE-2010-3069.html
|
|
mailscanner-[0-9]* denial-of-service http://secunia.com/advisories/41384/
|
|
adobe-flash-plugin<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
|
|
ns-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
|
|
seamonkey-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
|
|
firefox-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884
|
|
mailman<2.1.12nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089
|
|
python26<2.6.6nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492
|
|
bozohttpd<20100920 remote-file-view http://eterna.com.au/bozohttpd/
|
|
wireshark<1.4.0 denial-of-service http://secunia.com/advisories/41535/
|
|
bzip2<1.0.6 remote-system-access http://cve.circl.lu/cve/CVE-2010-0405
|
|
clamav<0.96.3 remote-system-access http://secunia.com/advisories/41503/
|
|
poppler<0.14.2nb1 remote-system-access http://secunia.com/advisories/41596/
|
|
scmgit-base<1.7.0.7 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542
|
|
scmgit-base>=1.7.1<1.7.1.2 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542
|
|
scmgit-base>=1.7.2<1.7.2.1 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542
|
|
dovecot>=1.2.8<1.2.15 weak-acl-enforcement http://www.dovecot.org/list/dovecot-news/2010-October/000177.html
|
|
imp<4.3.8 cross-site-scripting http://secunia.com/advisories/41627/
|
|
bind>=9.7.0<9.7.2pl2 remote-security-bypass http://www.isc.org/software/bind/advisories/cve-2010-0218
|
|
py{26,27,34,35,36}-mercurial<1.6.4 remote-spoofing http://secunia.com/advisories/41674/
|
|
ffmpeg<20100927 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
|
|
gmplayer<1.0rc20100913nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
|
|
mencoder<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
|
|
mplayer<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
|
|
typo3<4.4.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/
|
|
suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939
|
|
mysql-server<5.1.50 arbitrary-code-execution http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
|
|
mysql-server<5.1.51 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html
|
|
apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
|
|
apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
|
|
apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
|
|
ap{2,22}-subversion>=1.5<1.5.8 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315
|
|
ap{2,22}-subversion>=1.6<1.6.13 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315
|
|
xpdf<3.02pl4nb3 remote-system-access http://secunia.com/advisories/41709/
|
|
php<5.2.14nb1 denial-of-service http://secunia.com/advisories/41724/
|
|
php>=5.3.0<5.3.3nb1 denial-of-service http://secunia.com/advisories/41724/
|
|
opera<10.63 multiple-vulnerabilities http://secunia.com/advisories/41740/
|
|
kdegraphics<3.5.10nb9 remote-system-access http://secunia.com/advisories/41727/
|
|
sun-j{re,dk}6<6.0.22 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
|
|
gnome-subtitles<1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3357
|
|
postgresql90-plperl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql90-pltcl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql84-plperl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql84-pltcl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql83-plperl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql83-pltcl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql82-plperl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql82-pltcl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433
|
|
postgresql82{,-server,-client,-adminpack,-plperl,-plpython,-pltcl,-tsearch2}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
monotone-server<0.48.1 denial-of-service http://secunia.com/advisories/41960/
|
|
moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/41980/
|
|
libpurple<2.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711
|
|
firefox<3.6.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765
|
|
thunderbird<3.1.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765
|
|
cvs<1.12.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3846
|
|
webkit-gtk<1.2.5 multiple-vulnerabilities http://secunia.com/advisories/41871/
|
|
freetype2<2.4.3nb1 buffer-overflow http://secunia.com/advisories/41738/
|
|
suse{,32}_freetype2<11.3nb2 buffer-overflow http://secunia.com/advisories/44008/
|
|
libsmi<0.4.8nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2891
|
|
python26<2.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493
|
|
adobe-flash-plugin<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
|
|
ns-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
|
|
seamonkey-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
|
|
firefox-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654
|
|
mono<2.8.1 information-disclosure http://secunia.com/advisories/41919/
|
|
suse{,32}_freetype2<11.3nb1 arbitrary-code-execution http://secunia.com/advisories/41958/
|
|
gnucash<2.2.9nb10 privilege-escalation http://secunia.com/advisories/42048/
|
|
proftpd<1.3.3c remote-system-access http://secunia.com/advisories/42052/
|
|
PAM<1.1.3 privilege-escalation http://secunia.com/advisories/42088/
|
|
bugzilla<3.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172
|
|
bugzilla>=3.3<3.4.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172
|
|
bugzilla>=3.5<3.6.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172
|
|
bugzilla>=3.7<4.0rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172
|
|
bugzilla>=2.12<3.2.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764
|
|
bugzilla>=3.3<3.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764
|
|
bugzilla>=3.5<3.6.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764
|
|
bugzilla>=3.7<4.0rc1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764
|
|
bugzilla>=3.7.1<4.0rc1 cross-site-scripting http://secunia.com/advisories/41955/
|
|
isc-dhcpd>=4<4.0.2 denial-of-service http://secunia.com/advisories/42082/
|
|
isc-dhcpd>=4.1<4.1.2 denial-of-service http://secunia.com/advisories/42082/
|
|
isc-dhcpd>=4.2<4.2.0p1 denial-of-service http://secunia.com/advisories/42082/
|
|
acroread8-[0-9]* arbitrary-code-execution http://secunia.com/advisories/42095/
|
|
acroread9<9.4.1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb10-28.html
|
|
mysql-server<5.1.52 denial-of-service http://secunia.com/advisories/42097/
|
|
cups<1.4.3nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941
|
|
php>=5.3.0<5.3.3nb1 sensitive-information-exposure http://secunia.com/advisories/42135/
|
|
seamonkey<2.0.9 multiple-vulnerabilities http://secunia.com/advisories/41923/
|
|
mono<2.8nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159
|
|
wireshark<1.4.2 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2010-14.html
|
|
openssl<0.9.8p remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864
|
|
suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864
|
|
eclipse-[0-9]* cross-site-scripting http://secunia.com/advisories/42236/
|
|
ap{2,22}-fcgid<2.3.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872
|
|
libtlen<20041113nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
|
|
apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172
|
|
horde<3.3.11 cross-site-scripting http://secunia.com/advisories/42355/
|
|
libxml2<2.7.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
|
|
openttd>=1.0.0<1.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4168
|
|
RealPlayerSP>=12.0.0<14.0.1 remote-system-access http://secunia.com/advisories/42203/
|
|
xine-lib<1.1.19 arbitrary-code-execution http://secunia.com/advisories/42359/
|
|
phpmyadmin<2.11.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php
|
|
mit-krb5<1.4.2nb11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
|
|
suse{,32}_krb5<11.3nb1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
|
|
suse{,32}_krb5<11.3nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324
|
|
suse{,32}_krb5<11.3nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020
|
|
wordpress<3.0.2 remote-data-manipulation http://secunia.com/advisories/42431/
|
|
clamav<0.96.5 denial-of-service http://secunia.com/advisories/42426/
|
|
openssl<0.9.8q information-disclosure http://www.openssl.org/news/secadv_20101202.txt
|
|
bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
|
|
bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
|
|
bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613
|
|
bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614
|
|
bind>=9.7<9.7.2pl3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615
|
|
gnash<0.8.9 insecure-temp-files http://secunia.com/advisories/42416/
|
|
p5-CGI<3.50 http-response-splitting http://secunia.com/advisories/42443/
|
|
p5-CGI<3.51 http-header-injection http://secunia.com/advisories/42461/
|
|
p5-CGI-Simple<1.113 http-header-injection http://secunia.com/advisories/42460/
|
|
xenkernel3<3.1.4nb4 denial-of-service http://secunia.com/advisories/42395/
|
|
xenkernel33<3.3.2nb1 denial-of-service http://secunia.com/advisories/42395/
|
|
mit-krb5<1.4.2nb11 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323
|
|
p5-IO-Socket-SSL<1.35 security-bypass http://secunia.com/advisories/42508/
|
|
ImageMagick<6.6.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4167
|
|
thunderbird<3.1.7 multiple-vulnerabilities http://secunia.com/advisories/42519/
|
|
seamonkey<2.0.11 multiple-vulnerabilities http://secunia.com/advisories/42518/
|
|
firefox<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/42517/
|
|
wordpress<3.0.3 security-bypass http://secunia.com/advisories/42553/
|
|
suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/40165/
|
|
suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/41706/
|
|
suse{,32}_libxml2<11.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
|
|
RealPlayerGold<11.0.2.2315 multiple-vulnerabilities http://secunia.com/advisories/38550/
|
|
phpmyadmin<2.11.11.1nb1 ui-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480
|
|
phpmyadmin<2.11.11.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481
|
|
dbus<1.2.4.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352
|
|
xulrunner<1.9.2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13
|
|
php5-intl<5.2.15.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409
|
|
php53-intl<5.3.4.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409
|
|
typo3<4.4.5 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/
|
|
fontforge<20100501nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4259
|
|
echoping-[0-9]* remote-system-access http://secunia.com/advisories/42619/
|
|
xfig<3.2.5bnb9 remote-system-access https://bugzilla.redhat.com/show_bug.cgi?id=659676
|
|
mantis<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42597/
|
|
opensc<0.11.13nb1 local-system-access http://secunia.com/advisories/42658/
|
|
pcsc-lite<1.5.5nb2 remote-system-access http://secunia.com/advisories/42659/
|
|
gitweb<1.7.3.4 cross-site-scripting http://secunia.com/advisories/42645/
|
|
opera<11.0 multiple-vulnerabilities http://secunia.com/advisories/42653/
|
|
tor<0.2.1.28 remote-system-access http://secunia.com/advisories/42536/
|
|
mhonarc<2.6.16nb1 cross-site-scripting http://secunia.com/advisories/42694/
|
|
calibre<0.7.35 multiple-vulnerabilities http://secunia.com/advisories/42689/
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42715/
|
|
libpurple>=2.7.6<2.7.9 remote-denial-of-service http://www.pidgin.im/news/security//?id=49
|
|
libxml2<2.7.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
|
|
suse{,32}_libxml2<11.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
|
|
geeklog<1.7.1.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.7.1sr1
|
|
wordpress<3.0.4 script-insertion http://wordpress.org/news/2010/12/3-0-4-update/
|
|
vlc<1.1.6 denial-of-service http://www.videolan.org/security/sa1007.html
|
|
wireshark<1.4.2nb1 denial-of-service http://secunia.com/advisories/42767/
|
|
mediawiki<1.16.1 cross-site-scripting http://secunia.com/advisories/42810/
|
|
ap{2,22}-subversion<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539
|
|
subversion-base<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644
|
|
gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540
|
|
gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541
|
|
gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542
|
|
gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543
|
|
typolight28<2.8.4nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508
|
|
contao29<2.9.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508
|
|
php<5.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645
|
|
php>=5.3.0<5.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645
|
|
evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640
|
|
evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641
|
|
evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
|
|
evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643
|
|
dpkg<1.14.31 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679
|
|
mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225
|
|
mono-xsp>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225
|
|
ap{2,22}-mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225
|
|
wireshark<1.4.3 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-02.html
|
|
sudo>=1.7<1.7.4p5 security-bypass http://www.sudo.ws/sudo/alerts/runas_group_pw.html
|
|
exim<4.73 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345
|
|
asterisk<1.6.2.16.1 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html
|
|
asterisk>=1.8<1.8.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html
|
|
p5-Convert-UUlib<1.34 denial-of-service http://secunia.com/advisories/42998/
|
|
pango<1.28.3nb2 denial-of-service http://secunia.com/advisories/42934/
|
|
fuse>=2.0 denial-of-service http://secunia.com/advisories/42961/
|
|
maradns<1.4.06 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520
|
|
dpkg<1.14.31 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402
|
|
suse{,32}_openssl<11.3nb2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180
|
|
gif2png<2.5.4 remote-system-access http://secunia.com/advisories/42339/
|
|
freeradius>2<2.1.10 denial-of-service http://secunia.com/advisories/41621/
|
|
mupdf<0.7nb1 remote-system-access http://secunia.com/advisories/43020/
|
|
bugzilla<3.2.10 multiple-vulnerabilities http://secunia.com/advisories/43033/
|
|
webkit-gtk<1.2.6 multiple-vulnerabilities http://secunia.com/advisories/43086/
|
|
ruby1{8,9}-mail<2.2.15 remote-system-access http://secunia.com/advisories/43077/
|
|
opera<11.01 multiple-vulnerabilities http://secunia.com/advisories/43023/
|
|
awstats<7.0 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367
|
|
isc-dhcpd<4.1.2p1 denial-of-service http://secunia.com/advisories/43006/
|
|
exim<4.74 local-privilege-escalation http://secunia.com/advisories/43101/
|
|
vlc<1.1.6nb1 remote-system-access http://www.videolan.org/security/sa1102.html
|
|
moodle<2.0.2 cross-site-scripting http://secunia.com/advisories/43133/
|
|
postgresql83-datatypes>=8.3<8.3.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
|
|
postgresql84-datatypes>=8.4<8.4.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
|
|
postgresql90-datatypes>=9.0<9.0.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015
|
|
openssh>=5.6<5.8 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539
|
|
bind>=9.5<9.6.3 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record
|
|
bind>=9.7<9.7.2 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record
|
|
tsclient-0.[0-9]* remote-system-access http://secunia.com/advisories/43120/
|
|
plone25-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720
|
|
plone3-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720
|
|
mediawiki<1.16.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0047
|
|
openssl<0.9.8qnb1 denial-of-service http://www.openssl.org/news/secadv_20110208.txt
|
|
ruby1{8,9}-actionpack<2.3.11 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
|
|
ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
|
|
ruby19-railties<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
|
|
bind<9.6 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
libpurple<2.7.10 information-leak http://www.pidgin.im/news/security/?id=50
|
|
cgiirc<0.5.10 cross-site-scripting http://sourceforge.net/mailarchive/message.php?msg_id=27024589
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<1.2.5 multiple-vulnerabilities http://www.djangoproject.com/weblog/2011/feb/08/security/
|
|
adobe-flash-plugin<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html
|
|
ns-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html
|
|
seamonkey-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html
|
|
firefox-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html
|
|
wordpress<3.0.5 multiple-vulnerabilities http://wordpress.org/news/2011/02/wordpress-3-0-5/
|
|
ffmpeg<20110623.0.7.1 denial-of-service http://secunia.com/advisories/43197/
|
|
feh<1.11.2 privilege-escalation http://secunia.com/advisories/43221/
|
|
phpmyadmin<2.11.11.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986
|
|
phpmyadmin<2.11.11.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987
|
|
qemu<0.11.0 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0011
|
|
apache-tomcat<5.5.33 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html
|
|
apache-tomcat>=5.5.0<5.5.32 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013
|
|
apache-tomcat>=5.5.0<5.5.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718
|
|
wireshark<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538
|
|
apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534
|
|
apache-tomcat>=6<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013
|
|
apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172
|
|
apache-tomcat>=6<6.0.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718
|
|
proftpd<1.3.3d multiple-vulnerabilities http://www.proftpd.org/docs/NEWS-1.3.3d
|
|
acroread9<9.4.2 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-03.html
|
|
sun-jre<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/
|
|
ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0449
|
|
ruby1{8,9}-activerecord>=3.0<3.0.4 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0448
|
|
php5-zip<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
|
|
php5-exif<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708
|
|
php53-zip<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
|
|
php53-exif<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708
|
|
php>=5<5.3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
telepathy-gabble<0.11.7 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1000
|
|
typo3<4.5 cross-site-request-forgery http://wiki.typo3.org/TYPO3_4.5#Security
|
|
openldap-server<2.4.24 security-bypass http://secunia.com/advisories/43331/
|
|
asterisk<1.6.2.16.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html
|
|
asterisk>=1.8<1.8.2.4 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html
|
|
bind>=9.7.1<9.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414
|
|
t1lib<5.1.2nb2 arbitrary-code-execution http://secunia.com/advisories/43491/
|
|
evince<2.32.0nb4 buffer-overflow https://bugzilla.gnome.org/show_bug.cgi?id=640923
|
|
python24-[0-9]* sensitive-information-exposure http://secunia.com/advisories/43463/
|
|
python25<2.5.5nb2 sensitive-information-exposure http://secunia.com/advisories/43463/
|
|
python26<2.6.6nb6 sensitive-information-exposure http://secunia.com/advisories/43463/
|
|
mupdf<0.8 remote-system-access http://secunia.com/advisories/42320/
|
|
rt<3.8.9 sensitive-information-exposure http://secunia.com/advisories/43438/
|
|
suse{,32}_krb5<11.3nb2 denial-of-service http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html
|
|
moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/
|
|
mailman<2.1.14.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0707
|
|
lft<3.3 unknown-impact http://secunia.com/advisories/43381/
|
|
asterisk<1.4.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
asterisk>=1.6<1.6.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
clamav<0.97 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003
|
|
avahi<0.6.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002
|
|
ruby18-base<1.8.7.370nb2 remote-security-bypass http://secunia.com/advisories/43420/
|
|
ruby18-base<1.8.7.334 privilege-escalation http://secunia.com/advisories/43434/
|
|
ruby19-base<1.9.2pl180 privilege-escalation http://secunia.com/advisories/43434/
|
|
suse{,32}_base<11.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
|
|
wireshark<1.4.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713
|
|
wireshark<1.4.4 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2011-04.html
|
|
moodle<1.9.11 multiple-vulnerabilities http://secunia.com/advisories/43570/
|
|
pango<1.28.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064
|
|
tor<0.2.1.30 denial-of-service http://secunia.com/advisories/43548/
|
|
firefox<3.6.14 multiple-vulnerabilities http://secunia.com/advisories/43550/
|
|
seamonkey<2.0.12 multiple-vulnerabilities http://secunia.com/advisories/43550/
|
|
thunderbird<3.1.8 multiple-vulnerabilities http://secunia.com/advisories/43586/
|
|
weechat<0.3.4 spoofing-attack http://secunia.com/advisories/43543/
|
|
ap{2,22}-subversion<1.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715
|
|
moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/
|
|
openafs<1.4.14 multiple-vulnerabilities http://secunia.com/advisories/43407/
|
|
py{24,25,26,27,31}-moin<1.9.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1058
|
|
postfix<2.7.3 command-injection http://www.kb.cert.org/vuls/id/555316
|
|
postfix>=2.8.20100000<2.8.20110115 command-injection http://www.kb.cert.org/vuls/id/555316
|
|
TeXmacs-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394
|
|
hiawatha-[0-9]* multiple-vulnerabilities http://www.hiawatha-webserver.org/changelog
|
|
patch<2.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651
|
|
tiff<3.9.4nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
|
|
suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5022
|
|
suse{,32}_libtiff<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3087
|
|
suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
|
|
suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
|
|
xulrunner<1.9.2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14
|
|
apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534
|
|
unixodbc<2.3.0nb1 remote-system-access http://secunia.com/advisories/43679/
|
|
webkit-gtk<1.2.7 multiple-vulnerabilities http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS
|
|
sun-{jre,jdk}6<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/
|
|
nagios-base<3.3.1 cross-site-scripting http://secunia.com/advisories/43287/
|
|
libpurple<2.7.11 denial-of-service http://secunia.com/advisories/43695/
|
|
py{24,25,26,27,31}-feedparser<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/43730/
|
|
adobe-flash-plugin<10.2.152.33 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-01.html
|
|
php5-shmop<5.2.17nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092
|
|
php53-shmop<5.3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092
|
|
php>=5.3<5.3.6 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153
|
|
samba-3.0.[0-9]* memory-corruption http://samba.org/samba/security/CVE-2011-0719.html
|
|
samba>=3.3.0<3.3.15 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html
|
|
samba>=3.5.0<3.5.7 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html
|
|
php{5,53}-pear<1.9.2 privilege-escalation http://pear.php.net/advisory-20110228.txt
|
|
php{5,53}-pear<1.9.2nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1144
|
|
cups<1.4.5 multiple-vulnerabilities http://www.cups.org/articles.php?L597
|
|
libzip<0.10 denial-of-service http://secunia.com/advisories/43621/
|
|
xenkernel33<3.3.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166
|
|
xenkernel3<3.1.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166
|
|
openslp<1.2.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609
|
|
quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674
|
|
quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1675
|
|
moodle<2.0.2 multiple-vulnerabilities http://secunia.com/advisories/43570/
|
|
vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3275
|
|
vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3276
|
|
suse{,32}_gtk2<11.3nb3 denial-of-service http://lists.opensuse.org/opensuse-updates/2011-03/msg00019.html
|
|
suse{,32}_base<11.3nb4 arbitrary-code-execution https://hermes.opensuse.org/messages/7712778
|
|
loggerhead<1.18.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0728
|
|
python23-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python25<2.5.5nb3 sensitive-information-disclosure http://secunia.com/advisories/43831/
|
|
python26<2.6.6nb7 sensitive-information-disclosure http://secunia.com/advisories/43831/
|
|
python27<2.7.1nb1 sensitive-information-disclosure http://secunia.com/advisories/43831/
|
|
tiff<3.9.4nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
|
|
suse{,32}_openssl<11.3nb3 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014
|
|
fengoffice<1.7.5 cross-site-scripting http://secunia.com/advisories/43912/
|
|
xmlsec1<1.2.17 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425
|
|
gdm>=2.28.0<2.32.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0727
|
|
suse{,32}_krb5<11.3nb3 arbitrary-code-execution http://secunia.com/advisories/44027/
|
|
xymon<4.3.2 cross-site-scripting http://secunia.com/advisories/44036/
|
|
perl<5.12.2nb2 remote-security-bypass http://secunia.com/advisories/43921/
|
|
erlang<14.1.2 remote-system-access http://secunia.com/advisories/43898/
|
|
pure-ftpd<1.0.30 remote-data-manipulation http://secunia.com/advisories/43988/
|
|
ruby1{8,9}-rack<1.1.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867
|
|
ruby1{8,9}-rack>=1.2.0<1.2.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867
|
|
ruby1{8,9}-actionpack>=3.0<3.0.6 cross-site-scripting http://weblog.rubyonrails.org/2011/4/6/rails-3-0-6-has-been-released
|
|
xrdb<1.0.9 privilege-escalation http://secunia.com/advisories/44040/
|
|
libvpx<0.9.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489
|
|
isc-dhclient<4.2.1p1 remote-system-access http://secunia.com/advisories/44037/
|
|
libmodplug<0.8.8.2 remote-system-access http://secunia.com/advisories/44054/
|
|
roundcube<0.5.1 remote-security-bypass http://secunia.com/advisories/44050/
|
|
rsync<3.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097
|
|
wordpress<3.1.1 multiple-vulnerabilities http://secunia.com/advisories/44038/
|
|
suse{,32}_gtk2<11.3nb2 local-security-bypass http://secunia.com/advisories/43933/
|
|
dhcpcd<5.2.12 remote-system-access http://secunia.com/advisories/44070/
|
|
tinyproxy<1.8.3 remote-security-bypass http://secunia.com/advisories/43948/
|
|
ikiwiki<3.20110328 script-insertion http://secunia.com/advisories/44137/
|
|
kdelibs4<4.5.5nb2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1168
|
|
xulrunner<1.9.2.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html
|
|
firefox<3.6.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html
|
|
vlc<1.1.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684
|
|
mediawiki<1.16.3 multiple-vulnerabilities http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html
|
|
mediawiki<1.16.4 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000097.html
|
|
mediawiki<1.16.5 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html
|
|
mit-krb5<1.8.3nb5 denial-of-service http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-004.txt
|
|
vsftpd<2.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762
|
|
php<5.3.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148
|
|
opera<11.10 denial-of-service http://www.securityfocus.com/bid/46872
|
|
rt<3.8.11 multiple-vulnerabilities http://secunia.com/advisories/44189/
|
|
wireshark<1.4.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-06.html
|
|
adobe-flash-plugin<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611
|
|
ns-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611
|
|
seamonkey-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611
|
|
firefox-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611
|
|
kdenetwork4<4.5.5nb3 remote-system-access http://secunia.com/advisories/44124/
|
|
xfce4-thunar>=1.1<1.2.1 remote-system-access http://secunia.com/advisories/44104/
|
|
p5-Jifty-DBI<0.68 remote-data-manipulation http://secunia.com/advisories/44224/
|
|
p5-Mojolicious<1.16 sensitive-information-exposure http://secunia.com/advisories/44051/
|
|
rdesktop<1.7.0 remote-system-access http://secunia.com/advisories/44200/
|
|
webmin<1.550 privilege-escalation http://secunia.com/advisories/44263/
|
|
wordpress<3.1.2 remote-security-bypass http://secunia.com/advisories/44372/
|
|
suse{,32}_base<12.1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1071.html
|
|
suse{,32}_base<12.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659
|
|
php>=5.3<5.3.13nb2 arbitrary-code-execution http://secunia.com/advisories/44335/
|
|
ffmpeg<20110626.0.6.3 denial-of-service http://secunia.com/advisories/44378/
|
|
xulrunner<1.9.2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17
|
|
firefox<3.6.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17
|
|
firefox>=4<4.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1
|
|
seamonkey<2.0.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.14
|
|
thunderbird<3.1.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.10
|
|
xulrunner>=2<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1
|
|
bind>=9.8.0<9.8.0pl1 denial-of-service https://www.isc.org/CVE-2011-1907
|
|
mysql-server<5.0.91 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html
|
|
mysql-server<5.0.92 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html
|
|
mysql-server<5.0.93 denial-of-service http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html
|
|
postfix<2.8.3 denial-of-service http://www.postfix.org/CVE-2011-1720.html
|
|
ampache-[0-9]* cross-site-scripting http://secunia.com/advisories/44497/
|
|
xentools33<3.3.2nb7 multiple-vulnerabilities http://secunia.com/advisories/44502/
|
|
xentools41<4.1.0nb4 multiple-vulnerabilities http://secunia.com/advisories/44502/
|
|
suse{,32}_gtk2<11.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352
|
|
exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407
|
|
exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764
|
|
php<5.1.3 multiple-vulnerabilities http://secunia.com/advisories/18694/
|
|
wordpress<3.1.3 remote-system-access http://secunia.com/advisories/44409/
|
|
apr<0.9.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
|
|
apr>=1.0<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
|
|
openssh<5.8.2 sensitive-information-exposure http://secunia.com/advisories/44347/
|
|
horde>=4<4.0.2 multiple-vulnerabilities http://secunia.com/advisories/44408/
|
|
simgear-[0-9]* denial-of-service http://secunia.com/advisories/44434/
|
|
vino<2.28.3 denial-of-service http://secunia.com/advisories/44463/
|
|
libmodplug<0.8.8.3 remote-system-access http://secunia.com/advisories/44388/
|
|
cyrus-imapd<2.3.16nb4 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926
|
|
cyrus-imapd>=2.4<2.4.7 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926
|
|
adobe-flash-plugin<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/
|
|
ns-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/
|
|
seamonkey-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/
|
|
firefox-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/
|
|
tor<0.2.1.29 multiple-vulnerabilities http://secunia.com/advisories/42907/
|
|
openssh<5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161
|
|
p5-Jifty-DBI<0.68 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2011-1933s
|
|
p5-libwww<6.00 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0633
|
|
dovecot<1.2.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929
|
|
dovecot>=2<2.0.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929
|
|
viewvc<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024
|
|
apr<1.4.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
|
|
openssl<0.9.8qnb3 sensitive-information-exposure http://secunia.com/advisories/44572/
|
|
opera<11.11 arbitrary-code-execution http://secunia.com/advisories/44611/
|
|
moodle<2.0.3 multiple-vulnerabilities http://secunia.com/advisories/44630/
|
|
qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1751
|
|
php53-pdo_mysql<5.3.6 sql-injection http://bugs.php.net/bug.php?id=47802
|
|
php5-pdo_mysql-[0-9]* sql-injection http://bugs.php.net/bug.php?id=47802
|
|
dirmngr<1.1.0nb2 denial-of-service http://secunia.com/advisories/44680/
|
|
bind<9.6.3.1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910
|
|
bind>=9.7.0<9.7.3pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910
|
|
bind>=9.8.0<9.8.0pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910
|
|
drupal<6.21 multiple-vulnerabilities http://drupal.org/node/1168756
|
|
ruby18-base<1.8.7.334nb3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188
|
|
ruby19-base<1.9.2pl180nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188
|
|
rssh<2.3.3 remote-security-bypass http://www.pizzashack.org/rssh/security.shtml
|
|
fetchmail<6.3.20 denial-of-service http://www.fetchmail.info/fetchmail-SA-2011-01.txt
|
|
wireshark<1.4.7 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-08.html
|
|
ejabberd<2.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1753
|
|
jabberd<1.4.2nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1754
|
|
jabberd>=2<2.2.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755
|
|
libxml2<2.7.8nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944
|
|
plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948
|
|
plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948
|
|
plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949
|
|
plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949
|
|
ap{2,22}-subversion<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
|
|
ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1783-advisory.txt
|
|
ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1921-advisory.txt
|
|
unbound<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4008
|
|
cherokee<1.2.99 cross-site-request-forgery http://secunia.com/advisories/44821/
|
|
asterisk>=1.8<1.8.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2216
|
|
adobe-flash-plugin<10.3.181.22 cross-site-scripting http://www.adobe.com/support/security/bulletins/apsb11-13.html
|
|
lua-expat<1.2.0 denial-of-service http://secunia.com/advisories/44866/
|
|
prosody<0.8.1 denial-of-service http://secunia.com/advisories/44852/
|
|
sun-{jre,jdk}6<6.0.26 multiple-vulnerabilities http://secunia.com/advisories/44784/
|
|
p5-Data-FormValidator-[0-9]* sensitive-information-exposure http://secunia.com/advisories/44832/
|
|
ruby1{8,9}-actionpack>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/
|
|
ruby1{8,9}-activesupport>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/
|
|
asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html
|
|
asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html
|
|
asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html
|
|
asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html
|
|
asterisk<1.6.2.17.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html
|
|
asterisk>=1.8<1.8.3.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html
|
|
asterisk<1.6.2.17.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html
|
|
asterisk>=1.8<1.8.3.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html
|
|
asterisk>=1.8<1.8.4.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-007.html
|
|
tiff<3.9.5 multiple-vulnerabilities http://www.remotesensing.org/libtiff/v3.9.5.html
|
|
dbus<1.2.4.6nb4 denial-of-service http://secunia.com/advisories/44896/
|
|
open-vm-tools-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43798/
|
|
vte<0.26.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2198
|
|
php<5.2.17nb4 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103
|
|
php>=5.3<5.3.6nb2 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103
|
|
vlc<1.1.10 remote-system-access http://secunia.com/advisories/44412/
|
|
png>=1.2.23<1.5.3rc02 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501
|
|
pngcrush<1.7.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501
|
|
perl<5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761
|
|
erlang<14.1.3 denial-of-service http://www.erlang.org/download/otp_src_R14B03.readme
|
|
php<5.2.17nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
|
|
php>=5.3<5.3.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
|
|
adobe-flash-plugin<10.3.181.26 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb11-18.html
|
|
suse{,32}_openssl<11.3nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2011-1945.html
|
|
tomboy<1.2.1nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005
|
|
opera<11.50 denial-of-service http://www.securityfocus.com/bid/48262
|
|
ruby1{8,9}-actionpack<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/
|
|
ruby1{8,9}-activesupport<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/
|
|
fabric<1.1.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2185
|
|
firefox>=4<5.0 sensitive-information-exposure http://secunia.com/advisories/44972/
|
|
groff<1.20.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5044
|
|
postgresql84-pgcrypto<8.4.9 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1
|
|
postgresql90-pgcrypto<9.0.5 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1
|
|
php>=5.3<5.3.6nb4 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1
|
|
john<1.7.6nb1 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1
|
|
firefox<3.6.18 multiple-vulnerabilities http://secunia.com/advisories/44982/
|
|
thunderbird<3.1.11 multiple-vulnerabilities http://secunia.com/advisories/44982/
|
|
libreoffice3-bin<3.3.3 arbitrary-code-execution http://www.kb.cert.org/vuls/id/953183
|
|
asterisk>=1.6<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html
|
|
asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html
|
|
asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-009.html
|
|
asterisk>=1.6.2.15<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html
|
|
asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html
|
|
curl>=7.10.6<7.21.7 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192
|
|
suse{,32}_libcurl<12.1 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192
|
|
pidgin<2.9.0 denial-of-service http://www.pidgin.im/news/security/?id=52
|
|
seamonkey<2.2 sensitive-information-exposure http://secunia.com/advisories/45007/
|
|
apache-tomcat>=5.5<5.5.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
|
|
apache-tomcat>=6<6.0.33 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
|
|
opera<11.50 multiple-vulnerabilities http://secunia.com/advisories/45060/
|
|
plone3-[0-9]* privilege-escalation http://plone.org/products/plone/security/advisories/20110622
|
|
drupal-5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wordpress<3.1.4 remote-security-bypass http://secunia.com/advisories/45099/
|
|
wireshark<1.4.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-09.html
|
|
asterisk>=1.6.2<1.6.2.18.2 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html
|
|
asterisk>=1.8<1.8.4.4 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html
|
|
amaya<11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6005
|
|
{firefox-bin,seamonkey-bin,ns}-flash-9.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
bind<9.6.3.1.ESV.4pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464
|
|
bind>=9.7.0<9.7.3pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464
|
|
bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464
|
|
bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2465
|
|
mit-krb5-appl<1.0.1nb1 remote-system-access http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-005.txt
|
|
qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2212
|
|
qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527
|
|
xml-security-c<1.6.1 denial-of-service http://secunia.com/advisories/45151/
|
|
zope210<2.10.13 privilege-escalation http://plone.org/products/plone/security/advisories/20110622
|
|
zope211<2.11.8 privilege-escalation http://plone.org/products/plone/security/advisories/20110622
|
|
freetype2<2.4.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0226
|
|
suse{,32}_freetype2<11.3nb3 remote-system-access http://support.novell.com/security/cve/CVE-2011-0226.html
|
|
squirrelmail<1.4.22 multiple-vulnerabilities http://secunia.com/advisories/45197/
|
|
libsndfile<1.0.24nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696
|
|
vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587
|
|
vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588
|
|
apache-tomcat<5.5.34 denial-of-service http://secunia.com/advisories/45232/
|
|
apache-tomcat>=6<6.0.33 denial-of-service http://secunia.com/advisories/45232/
|
|
foomatic-filters>=4<4.0.6nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964
|
|
foomatic-filters<4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697
|
|
ioquake3<1.36.20200125 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764
|
|
phpmyadmin<3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
clamav<0.97.2 denial-of-service http://secunia.com/advisories/45382/
|
|
kdeutils-[0-9]* directory-traversal http://secunia.com/advisories/45378/
|
|
kdeutils4-[0-9]* directory-traversal http://secunia.com/advisories/45378/
|
|
freeradius-2.1.11 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2701
|
|
opensaml<2.4.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411
|
|
sun-{jre,jdk}6-[0-9]* arbitrary-code-execution http://secunia.com/advisories/45173/
|
|
suse{,32}_libxml2<11.3nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1944.html
|
|
samba<3.3.16 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html
|
|
samba<3.3.16 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html
|
|
samba>=3.5.0<3.5.10 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html
|
|
samba>=3.5.0<3.5.10 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html
|
|
libsoup24<2.34.2nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524
|
|
suse{,32}_base<11.3nb5 remote-system-access http://lists.opensuse.org/opensuse-updates/2011-07/msg00041.html
|
|
mapserver<5.6.7 remote-system-access http://secunia.com/advisories/45257/
|
|
libmodplug<0.8.8.4 remote-system-access http://secunia.com/advisories/45131/
|
|
bugzilla<3.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
bugzilla<3.4.11 multiple-vulnerabilities http://secunia.com/advisories/45501/
|
|
suse{,32}_gtk2<11.3nb5 denial-of-service http://secunia.com/advisories/45308/
|
|
gdk-pixbuf<0.22.0nb15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897
|
|
typo3<4.5.4 multiple-vulnerabilities http://secunia.com/advisories/45557/
|
|
moodle<2.1.1 remote-security-bypass http://secunia.com/advisories/45487/
|
|
ffmpeg<20110907.0.7.4 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2011-002.html
|
|
mplayer<1.0rc20100913nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3362
|
|
libXfont<1.4.4 privilege-escalation http://secunia.com/advisories/45544/
|
|
adobe-flash-plugin<10.3.183.5 remote-system-access http://www.adobe.com/support/security/bulletins/apsb11-21.html
|
|
isc-dhcpd<4.2.2 denial-of-service http://secunia.com/advisories/45582/
|
|
mplayer<1.0rc20100913nb8 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3625
|
|
gimp<2.6.11nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896
|
|
stunnel<4.42 remote-code-execution http://stunnel.org/?page=sdf_ChangeLog
|
|
thunderbird<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-31.html
|
|
firefox{,-bin}<3.6.20 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-30.html
|
|
firefox{,-bin}>=4<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-29.html
|
|
seamonkey{,-bin}<2.3 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-33.html
|
|
libpurple<2.10.0 multiple-vulnerabilities http://pidgin.im/news/security/
|
|
pidgin<2.10.0 unsafe-file-execution http://pidgin.im/news/security/?id=55
|
|
suse{,32}_libpng<11.3nb2 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2011-08/msg00026.html
|
|
gdk-pixbuf2<2.22.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485
|
|
roundcube<0.5.4 cross-site-scripting http://secunia.com/advisories/45605/
|
|
php-5.3.7 remote-security-bypass http://secunia.com/advisories/45678/
|
|
ruby1{8,9}-actionpack>=3.0<3.0.10 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2929
|
|
ruby1{8,9}-activerecord>=3.0<3.0.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930
|
|
ruby1{8,9}-activerecord<2.3.14 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930
|
|
ruby1{8,9}-actionpack>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931
|
|
ruby1{8,9}-actionpack<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931
|
|
ruby18-activesupport>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932
|
|
ruby18-activesupport<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932
|
|
ruby1{8,9}-actionpack<2.3.14 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186
|
|
apache>=2.0<2.0.64nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
|
|
apache>=2.2<2.2.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
|
|
RealPlayerGold-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
phpmyadmin>=3.3.0<3.4.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php
|
|
cups<1.4.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896
|
|
cups<1.4.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170
|
|
squid>=3.0<3.1.15 remote-system-access http://www.squid-cache.org/Advisories/SQUID-2011_3.txt
|
|
apache-tomcat<5.5.34 remote-security-bypass http://secunia.com/advisories/45748/
|
|
apache-tomcat>=6<6.0.34 remote-security-bypass http://secunia.com/advisories/45748/
|
|
opera<11.51 multiple-vulnerabilities http://secunia.com/advisories/45791/
|
|
xenkernel33<3.3.2nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901
|
|
xenkernel3<3.1.4nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901
|
|
xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/45622/
|
|
openttd<1.1.3 multiple-vulnerabilities http://secunia.com/advisories/45832/
|
|
mantis<1.2.8 multiple-vulnerabilities http://secunia.com/advisories/45829/
|
|
firefox<6.0.1 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
|
|
firefox36<3.6.21 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
|
|
thunderbird<3.1.13 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
|
|
seamonkey<2.3.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
|
|
firefox<6.0.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
|
|
firefox36<3.6.22 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
|
|
thunderbird<3.1.14 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
|
|
seamonkey<2.3.3 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
|
|
openssl<0.9.8s denial-of-service http://www.openssl.org/news/secadv_20110906.txt
|
|
wireshark<1.6.2 multiple-vulnerabilities http://web.nvd.nist.gov/view/vuln/detail?vulnId=2011-3266
|
|
librsvg<2.34.1 denial-of-service http://secunia.com/advisories/45877/
|
|
cyrus-imapd>=2.2<2.3.17 buffer-overflow http://secunia.com/advisories/45938/
|
|
cyrus-imapd>=2.4<2.4.11 buffer-overflow http://secunia.com/advisories/45938/
|
|
p5-FCGI>=0.70<0.74 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2766
|
|
py{15,20,21,22,23,24,25,26,27,31}-django<1.2.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
|
|
mozilla-rootcerts<1.0.20110902 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
|
|
apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
|
|
typo3<4.5.6 sql-injection http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/
|
|
typo3<4.5.6 denial-of-service http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/
|
|
phpmyadmin>=3.4.0<3.4.5 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
|
|
evolution-data-server<3.1.1 remote-information-exposure http://secunia.com/advisories/45941/
|
|
openvas-server-[0-9]* local-privilege-escalation http://secunia.com/advisories/45836/
|
|
acroread9<9.4.6 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-24.html
|
|
swi-prolog-packages<5.11.18nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896
|
|
firefox<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7
|
|
firefox36<3.6.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.23
|
|
thunderbird<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7
|
|
seamonkey<2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.4
|
|
quagga<0.99.19 denial-of-service http://secunia.com/advisories/46139/
|
|
etherape<0.9.12 denial-of-service http://sourceforge.net/mailarchive/message.php?msg_id=27582286
|
|
adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-26.html
|
|
ffmpeg<20111002.0.7.6 remote-system-access http://secunia.com/advisories/46134/
|
|
ffmpeg<20111002.0.7.6 multiple-vulnerabilities http://secunia.com/advisories/46245/
|
|
ldns<1.6.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3581
|
|
php<5.3.8nb1 remote-system-access http://secunia.com/advisories/46107/
|
|
awstats<7.0nb3 cross-site-scripting http://secunia.com/advisories/46160/
|
|
libpurple<2.10.1 unknown-impact http://developer.pidgin.im/ticket/14636
|
|
cyrus-imapd>=2.2<2.3.18 security-bypass http://secunia.com/advisories/46093/
|
|
cyrus-imapd>=2.4<2.4.12 security-bypass http://secunia.com/advisories/46093/
|
|
kdelibs4<.5.5nb8 spoofing-attack http://secunia.com/advisories/46157/
|
|
p5-Crypt-DSA<1.17 security-bypass http://secunia.com/advisories/46275/
|
|
vlc<1.1.11nb2 denial-of-service http://www.videolan.org/security/sa1107.html
|
|
puppet-[0-9]* local-system-compromise http://secunia.com/advisories/46223/
|
|
ruby1{8,9,93}-puppet<2.7.4 local-system-compromise http://secunia.com/advisories/46223/
|
|
puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46286/
|
|
ruby1{8,9,93}-puppet<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/46286/
|
|
apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
|
|
apache>=2.2<2.2.21nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368
|
|
xpdf<3.03 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES
|
|
typolight28<2.8.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335
|
|
contao29<2.9.5nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335
|
|
contao210<2.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335
|
|
qemu<0.15.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3346
|
|
png>=1.5.4<1.5.5 denial-of-service http://secunia.com/advisories/46148/
|
|
xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/46105/
|
|
xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/46105/
|
|
perl<5.14.2 remote-system-access http://secunia.com/advisories/46172/
|
|
p5-Digest<1.17 remote-system-access http://secunia.com/advisories/46279/
|
|
perl<5.14.2nb1 remote-system-access http://secunia.com/advisories/46299/
|
|
phppgadmin<5.0.2 code-injection http://archives.postgresql.org/pgsql-announce/2010-11/msg00021.php
|
|
phppgadmin<5.0.3 cross-site-scripting http://secunia.com/advisories/46248/
|
|
geeklog<1.8.1 cross-site-scripting http://secunia.com/advisories/46348/
|
|
opera<11.52 remote-system-access http://secunia.com/advisories/46375/
|
|
logsurfer<1.8 command-injection http://seclists.org/oss-sec/2011/q4/81
|
|
asterisk>=1.8<1.8.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-012.html
|
|
psi-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/46349/
|
|
phpmyadmin<3.4.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php
|
|
clamav<0.97.3 denial-of-service http://secunia.com/advisories/46455/
|
|
suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3207.html
|
|
suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3210.html
|
|
suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3193.html
|
|
suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3194.html
|
|
qt4-libs<4.7.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3193
|
|
qt4-tiff<4.7.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194
|
|
moodle<2.1.2 multiple-vulnerabilities http://secunia.com/advisories/46247/
|
|
sun-{jre,jdk}6<6.0.29 multiple-vulnerabilities http://secunia.com/advisories/46512/
|
|
libpurple<2.10.1 denial-of-service http://secunia.com/advisories/46298/
|
|
modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028
|
|
modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029
|
|
mit-krb5<1.8.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529
|
|
empathy<3.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3635
|
|
puppet-[0-9]* man-in-the-middle-attack http://secunia.com/advisories/46550/
|
|
ruby1{8,9,93}-puppet<2.7.6 man-in-the-middle-attack http://secunia.com/advisories/46550/
|
|
suse{,32}_krb5<11.3nb4 multiple-vulnerabilities http://secunia.com/advisories/46546/
|
|
freetype2<2.4.7 remote-system-access http://secunia.com/advisories/46575/
|
|
suse{,32}_freetype2<11.3nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256
|
|
phpldapadmin<1.2.2 multiple-vulnerabilities http://secunia.com/advisories/46551/
|
|
PAM-[0-9]* privilege-escalation http://secunia.com/advisories/46583/
|
|
libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
|
|
libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
|
|
libxml2<2.7.8nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905
|
|
libxml2<2.7.8nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
|
|
suse{,32}_libxml2<11.3nb4 remote-system-access http://secunia.com/advisories/47572/
|
|
suse{,32}_libxml2<11.3nb5 remote-system-access http://secunia.com/advisories/47647/
|
|
openldap-server<2.4.24nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4079
|
|
tor<0.2.2.34 remote-security-bypass http://secunia.com/advisories/46634/
|
|
net6-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46605/
|
|
gobby-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46698/
|
|
calibre<0.8.25 multiple-vulnerabilities http://secunia.com/advisories/46620/
|
|
squid>=3<3.1.16 denial-of-service http://secunia.com/advisories/46609/
|
|
qt4-tiff<4.7.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194
|
|
wireshark<1.6.3 multiple-vulnerabilities http://secunia.com/advisories/46644/
|
|
php>=5.3<5.3.8nb1 arbitrary-code-execution http://secunia.com/advisories/46107/
|
|
phpmyadmin<3.4.7.1 information-disclosure http://secunia.com/advisories/46447/
|
|
ffmpeg<20110907.0.7.4 multiple-vulnerabilities http://secunia.com/advisories/46111/
|
|
apache>=2.2<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
|
|
apache<2.0.65 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
|
|
apache>=2.2<2.2.21nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
|
|
xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/46105/
|
|
caml-light<0.74nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119
|
|
moscow_ml<2.01nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119
|
|
adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://secunia.com/advisories/46113/
|
|
p5-Parallel-ForkManager<1.0.0 insecure-temp-files https://nvd.nist.gov/vuln/detail/CVE-2011-4115
|
|
ffmpeg<20111104.0.7.7 multiple-vulnerabilities http://secunia.com/advisories/46736/
|
|
gnutls<2.12.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128
|
|
adobe-flash-plugin>=10.1<10.3.183.11 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html
|
|
adobe-flash-plugin>=11<11.1.102.55 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html
|
|
firefox<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox8
|
|
thunderbird<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird8
|
|
proftpd<1.3.3g remote-system-access http://bugs.proftpd.org/show_bug.cgi?id=3711
|
|
audacious-plugins<3.0.3 remote-system-access http://jira.atheme.org/browse/AUDPLUG-394
|
|
freetype2<2.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
|
|
suse{,32}_freetype2<12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439
|
|
python25-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
bind<9.6.3.1.ESV.5pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313
|
|
bind>=9.7.0<9.7.4pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313
|
|
bind>=9.8.0<9.8.1pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313
|
|
nginx<1.0.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315
|
|
dovecot>=2<2.0.16 ssl-cert-spoofing http://secunia.com/advisories/46886/
|
|
ruby1{8,9,93}-actionpack>=3<3.0.11 cross-site-scripting http://secunia.com/advisories/46877/
|
|
apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
|
|
gnash<0.8.10 insecure-temp-files http://secunia.com/advisories/46955/
|
|
ffmpeg<20111121.0.7.8 multiple-vulnerabilities http://secunia.com/advisories/46888/
|
|
namazu<2.0.21 cross-site-scripting http://secunia.com/advisories/46925/
|
|
ejabberd<2.1.9 denial-of-service http://secunia.com/advisories/46915/
|
|
apache>=2.0<2.2.21nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639
|
|
apache<2.2.21nb5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317
|
|
lighttpd<1.4.29nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362
|
|
mediawiki<1.17.1 remote-information-exposure http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html
|
|
py{25,26,27,31}-clearsilver<0.10.5nb1 denial-of-service http://secunia.com/advisories/47016/
|
|
p5-Proc-ProcessTable<0.47 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4363
|
|
phpmyadmin<3.4.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php
|
|
p5-PAR<1.003 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4114
|
|
libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777
|
|
libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1778
|
|
opera<11.60 denial-of-service http://www.securityfocus.com/bid/50421
|
|
chasen-base>=2.4<2.4.4nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4000
|
|
privoxy>=3.0.5<3.0.18 http-response-splitting http://www.securityfocus.com/bid/50768
|
|
moodle<1.9.15 multiple-vulnerabilities http://secunia.com/advisories/47076/
|
|
moodle>2.1<2.1.3 multiple-vulnerabilities http://secunia.com/advisories/47103/
|
|
moodle>2.0<2.0.6 multiple-vulnerabilities http://secunia.com/advisories/47103/
|
|
acroread9<9.4.7 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-04.html
|
|
firefox<31 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4688
|
|
isc-dhcpd<4.2.3p1 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4539
|
|
jasper<1.900.1nb6 remote-system-access http://secunia.com/advisories/47175/
|
|
asterisk>=1.6<1.6.2.21 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html
|
|
asterisk>=1.8<1.8.7.2 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html
|
|
asterisk>=1.6.2<1.6.2.21 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html
|
|
asterisk>=1.8<1.8.7.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html
|
|
opera<11.60 multiple-vulnerabilities http://secunia.com/advisories/47077/
|
|
cacti<0.8.7i cross-site-scripting http://secunia.com/advisories/47195/
|
|
icu<4.8.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599
|
|
typo3<4.5.9 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/
|
|
typo3>=4.6.0<4.6.2 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/
|
|
unbound<1.4.14 denial-of-service http://secunia.com/advisories/47220/
|
|
adobe-flash-plugin<11.1.102.62 remote-system-access http://secunia.com/advisories/47161/
|
|
tor<0.2.2.35 remote-system-access http://secunia.com/advisories/47276/
|
|
firefox<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9
|
|
thunderbird<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird9
|
|
seamonkey<2.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.6
|
|
xulrunner192<1.9.2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7
|
|
xulrunner>=2<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html
|
|
opera-[0-9]* sensitive-information-exposure http://secunia.com/advisories/47128/
|
|
ipmitool<ipmitool-1.8.11nb1 denial-of-service http://secunia.com/advisories/47173/
|
|
p5-HTML-Template-Pro<0.9507 cross-site-scripting http://secunia.com/advisories/47184/
|
|
websvn<2.3.1 cross-site-scripting http://secunia.com/advisories/47288/
|
|
php{5,53}-tiki6<6.5 cross-site-scripting http://secunia.com/advisories/47278/
|
|
plib<1.8.5nb2 remote-system-access http://secunia.com/advisories/47297/
|
|
vlc<1.1.13 remote-system-access http://secunia.com/advisories/47325/
|
|
vlc08-[0-9]* remote-system-access http://secunia.com/advisories/47325/
|
|
phpmyadmin<3.4.9 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php
|
|
phpmyadmin<3.4.9 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php
|
|
mit-krb5-appl<1.0.1nb3 remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
|
|
heimdal<1.4nb2 remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
|
|
mit-krb5<1.8 remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
|
|
kth-krb4-[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
|
|
php{5,53}-tiki6<6.5nb1 code-injection http://secunia.com/advisories/47320/
|
|
ruby18-base<1.8.7.357 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2011-4815
|
|
plone25-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
plone3-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
jetty<7.6.0rc3 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
php<5.3.8nb2 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
apache-tomcat<5.5.35 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
apache-tomcat>=6<6.0.35 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
apache-tomcat>=7<7.0.23 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
maradns<1.4.09 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
mpack<1.6nb3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4919
|
|
bugzilla>=2.0<3.4.13 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668
|
|
bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668
|
|
bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668
|
|
bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668
|
|
bugzilla>=2.0<3.4.12 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669
|
|
bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669
|
|
bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669
|
|
bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669
|
|
bugzilla>=2.17.1<3.4.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657
|
|
bugzilla>=3.5.1<3.6.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657
|
|
bugzilla>=3.7.1<4.0.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657
|
|
bugzilla>=4.1.1<4.2rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657
|
|
bugzilla>=2.23.3<3.4.13 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667
|
|
bugzilla>=3.5.1<3.6.7 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667
|
|
bugzilla>=3.7.1<4.0.3 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667
|
|
bugzilla>=4.1.1<4.2rc1 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667
|
|
wordpress<3.3.1 unauthorized-account-creation http://secunia.com/advisories/47371/
|
|
suse{,32}_base<11.3nb8 information-disclosure http://secunia.com/advisories/47432/
|
|
suse{,32}_base<11.3nb8 local-system-compromise http://secunia.com/advisories/47409/
|
|
spamdyke<4.2.1 plaintext-injection http://secunia.com/advisories/47435/
|
|
firefox<10.0.3 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455
|
|
openssl<0.9.8s multiple-vulnerabilities http://secunia.com/advisories/47426/
|
|
suse113{,32}_openssl<11.3nb6 multiple-vulnerabilities http://secunia.com/advisories/47426/
|
|
ffmpeg<20120112.0.7.11 multiple-vulnerabilities http://secunia.com/advisories/47383/
|
|
openttd<1.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0048
|
|
gnutls>=3<3.0.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0390
|
|
mysql-client-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mysql-server-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-01.html
|
|
wireshark<1.6.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-02.html
|
|
wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-03.html
|
|
emacs>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035
|
|
emacs-nox11>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035
|
|
emacs>=24<24.0.93 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035
|
|
powerdns<2.9.22.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0206
|
|
ruby{18,19,193}-rack>=1.3<1.3.6 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
ruby{18,19,193}-rack>=1.2<1.2.5 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
ruby{18,19,193}-rack<1.1.3 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html
|
|
mediawiki<1.17.2 sensitive-information-exposure http://secunia.com/advisories/47547/
|
|
isc-dhcpd<4.2.3p2 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4868
|
|
apache<2.0.65 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
|
|
apache>=2.2.0<2.2.21nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031
|
|
tahoe-lafs<1.9.1 remote-data-manipulation http://secunia.com/advisories/47506/
|
|
apache-tomcat>=6.0.30<6.0.34 remote-security-bypass http://secunia.com/advisories/47554/
|
|
moodle<2.1.4 remote-security-bypass http://secunia.com/advisories/47559/
|
|
moodle>=2.2<2.2.1 remote-security-bypass http://secunia.com/advisories/47559/
|
|
jenkins<1.424.2 denial-of-service https://www.cloudbees.com/jenkins-security-advisory-2012-01-12
|
|
ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
|
|
ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
|
|
php<5.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0057
|
|
spamdyke<4.3.0 remote-system-access http://secunia.com/advisories/47548/
|
|
openssl<0.9.8t denial-of-service http://www.openssl.org/news/secadv_20120118.txt
|
|
asterisk>=1.8<1.8.8.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html
|
|
asterisk>=10.0<10.0.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html
|
|
php53-suhosin<5.3.9.0.9.33 buffer-overflow http://www.securityfocus.com/archive/1/521309
|
|
suse{,32}_qt4<11.3nb2 remote-system-access http://secunia.com/advisories/47645/
|
|
smokeping<2.6.7 cross-site-scripting http://secunia.com/advisories/47678/
|
|
qemu<1.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029
|
|
qemu<1.3.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075
|
|
curl<7.23.1nb1 sensitive-information-disclosure http://secunia.com/advisories/47690/
|
|
php5-suhosin<5.2.17.0.9.33 buffer-overflow http://secunia.com/advisories/47689/
|
|
php53-suhosin<5.3.9.0.9.33 buffer-overflow http://secunia.com/advisories/47689/
|
|
libvpx<1 unknown-impact http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html
|
|
openssh<5.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814
|
|
apache>=2.2.17<2.2.21nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021
|
|
apache<2.0.65 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
|
|
apache>=2.2.0<2.2.21nb7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053
|
|
opera<11.61 multiple-vulnerabilities http://secunia.com/advisories/47686/
|
|
samba>=3.6.0<3.6.3 denial-of-service http://www.samba.org/samba/history/samba-3.6.3.html
|
|
drupal>6<6.23 multiple-vulnerabilities http://drupal.org/node/1425084
|
|
drupal>7<7.11 multiple-vulnerabilities http://drupal.org/node/1425084
|
|
firefox<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10
|
|
thunderbird<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10
|
|
seamonkey<2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7
|
|
xulrunner192<1.9.2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10
|
|
xulrunner>=2<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10
|
|
php>=5.3.9<5.3.9nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
|
|
xentools33<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029
|
|
xentools41<4.1.2nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029
|
|
xkeyboard-2.4 local-access http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/
|
|
sudo>=1.8.0<1.8.3p2 privilege-escalation http://www.sudo.ws/sudo/alerts/sudo_debug.html
|
|
ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/47765/
|
|
phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0834
|
|
png>=1.5.4<1.5.7 multiple-vulnerabilities http://secunia.com/advisories/47827/
|
|
bugzilla>=3.5.1<3.6.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440
|
|
bugzilla>=3.7.1<4.0.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440
|
|
bugzilla>=4.1.1<4.2rc2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440
|
|
bugzilla>=2.0<3.4.14 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448
|
|
bugzilla>=3.5.1<3.6.8 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448
|
|
bugzilla>=3.7.1<4.0.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448
|
|
bugzilla>=4.1<4.2rc2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448
|
|
ocaml<4.00.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0839
|
|
imp<4.3.11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0791
|
|
horde<3.3.13 cross-site-scripting http://secunia.com/advisories/47904/
|
|
putty<0.62 sensitive-information-exposure http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html
|
|
base-[0-9]* sql-injection http://www.securityfocus.com/bid/51874/discuss
|
|
apr<1.4.5nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840
|
|
suse{,32}<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_alsa<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_aspell<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_compat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_expat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_fontconfig<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_freetype2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_glx<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_gtk2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_krb5<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libcups<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libcurl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libdrm<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libjpeg<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libpng<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libsigc++2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libtiff<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libxml2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_locale<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openmotif<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openssl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_qt4<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_slang<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_vmware<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_x11<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ImageMagick<6.7.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247
|
|
ImageMagick<6.7.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248
|
|
firefox>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10.0.1
|
|
thunderbird>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10.0.1
|
|
seamonkey>=2.7<2.7.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7.1
|
|
firefox36<3.6.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.24
|
|
firefox36<3.6.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.26
|
|
netsurf<2.9 sensitive-information-exposure http://secunia.com/advisories/48021/
|
|
mysql-server<5.1.62 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882
|
|
mysql-server>=5.5<5.5.22 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882
|
|
mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/47586/
|
|
mysql-server>=5.1<5.1.61 unknown-impact http://secunia.com/advisories/47928/
|
|
python25<2.5.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845
|
|
python26<2.6.7nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845
|
|
python27<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845
|
|
python31<3.1.4nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845
|
|
libvorbis<1.3.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444
|
|
sun-{jdk,jre}6<6.0.31 multiple-vulnerabilities http://secunia.com/advisories/48009/
|
|
openjdk7<1.7.3 multiple-vulnerabilities http://secunia.com/advisories/48009/
|
|
openjdk7-icedtea-plugin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libpng<12.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
|
|
png<1.5.8nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
|
|
adobe-flash-plugin<11.1.102.62 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-03.html
|
|
phpmyadmin<3.4.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190
|
|
firefox>=4<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
|
|
thunderbird<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
|
|
seamonkey<2.7.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
|
|
firefox36<3.6.27 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
|
|
xulrunner>=2<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
|
|
xulrunner192-[0-9]* arbitrary-code-execution http://secunia.com/advisories/48069/
|
|
jenkins-[0-9]* cross-site-scripting http://secunia.com/advisories/48056/
|
|
samba<3.0.37nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
|
|
samba>=3.1<3.3.16nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
|
|
php{5,53,54,55}-tiki6-[0-9]* cross-site-scripting http://secunia.com/advisories/48102/
|
|
powerdns-recursor<3.5 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1193
|
|
libxml2<2.7.8nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
|
|
csound5<5.16.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270
|
|
bugzilla>=4.0.2<4.0.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453
|
|
bugzilla>=4.1.1<4.2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453
|
|
contao29<2.9.5nb6 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297
|
|
contao210<2.10.4nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297
|
|
contao211<2.11.2nb1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297
|
|
dropbear<2012.55 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920
|
|
ruby1{8,9,93}-activesupport>=3<3.0.11nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098
|
|
ruby1{8,9,93}-activesupport>=3.1.0<3.1.3nb2 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098
|
|
ruby1{8,9,93}-actionpack>=3<3.0.11nb3 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098
|
|
ruby1{8,9,93}-actionpack>=3.1.0<3.1.3nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098
|
|
postgresql83{,-server,-client}<8.3.18 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/
|
|
postgresql84{,-server,-client}<8.4.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/
|
|
postgresql90{,-server,-client}<9.0.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/
|
|
postgresql91{,-server,-client}<9.1.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/
|
|
openssl<0.9.8tnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250
|
|
p5-XML-Atom<0.39 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1102
|
|
taglib<1.7.1 denial-of-service http://secunia.com/advisories/48211/
|
|
adobe-flash-plugin>10<11.1.102.63 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html
|
|
adobe-flash-plugin<10.3.183.16 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html
|
|
mantis<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/48258/
|
|
freetype2<2.4.9 multiple-vulnerabilities http://secunia.com/advisories/48268/
|
|
puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/
|
|
ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/
|
|
puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/
|
|
ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/
|
|
kadu>=0.9.0<0.11.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1410
|
|
jenkins<1.424.5 cross-site-scripting http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb
|
|
py{24,25,26,27,31}-sqlalchemy<0.7.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0805
|
|
ruby{18,19,193}-rails-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{18,19,193}-activesupport-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{18,19,193}-activerecord-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{18,19,193}-actionpack-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{18,19,193}-actionmailer-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{18,19,193}-activeresource-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{18,19,193}-actionpack>3<3.0.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099
|
|
ruby{18,19,193}-actionpack>3.1<3.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099
|
|
p5-YAML-LibYAML<0.38nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1152
|
|
phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114
|
|
phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115
|
|
p5-DBD-postgresql<2.19.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1151
|
|
libxslt<1.1.26nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970
|
|
openssl<0.9.8u man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884
|
|
openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619
|
|
openldap-server<2.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164
|
|
python25-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150
|
|
python26<2.6.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150
|
|
python27<2.7.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150
|
|
python31<3.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150
|
|
gnash-[0-9]* remote-system-access http://secunia.com/advisories/47183/
|
|
firefox>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox11
|
|
thunderbird>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird11
|
|
seamonkey<2.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.8
|
|
firefox36<3.6.28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.28
|
|
xulrunner>=2<11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
|
|
xulrunner10>=2<10.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
|
|
xulrunner192<1.9.2.28 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
|
|
libpurple<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178
|
|
pidgin<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939
|
|
nginx<1.0.14 sensitive-information-exposure http://secunia.com/advisories/48366/
|
|
lshell<0.9.15 security-bypass http://secunia.com/advisories/48367/
|
|
lshell<0.9.15.1 security-bypass http://secunia.com/advisories/48424/
|
|
libgdata<0.11.1 man-in-the-middle-attack http://secunia.com/advisories/48315/
|
|
audacious-plugins<3.1 remote-system-access http://secunia.com/advisories/48439/
|
|
gif2png<2.5.8 remote-system-access http://secunia.com/advisories/48437/
|
|
quagga<0.99.20.1 multiple-vulnerabilities http://secunia.com/advisories/48388/
|
|
asterisk>=1.6<1.6.2.23 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html
|
|
asterisk>=1.8<1.8.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html
|
|
asterisk>=10.0<10.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html
|
|
asterisk>=1.8<1.8.10.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html
|
|
asterisk>=10.0<10.2.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html
|
|
moodle<2.1.5 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.5_release_notes#Security_issues
|
|
maradns<2 remote-spoofing http://secunia.com/advisories/48492/
|
|
vlc08-[0-9]* remote-system-access http://secunia.com/advisories/48503/
|
|
vlc-1.* remote-system-access http://secunia.com/advisories/48503/
|
|
vlc>=2<2.0.1 remote-system-access http://secunia.com/advisories/48500/
|
|
libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1162
|
|
libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1163
|
|
inspircd<2.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1836
|
|
openoffice3{,-bin}-[0-9]* sensitive-information-exposure http://www.openoffice.org/security/cves/CVE-2012-0037.html
|
|
libreoffice3-bin<3.4.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037
|
|
gnutls<2.12.17 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573
|
|
libtasn1<2.12 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569
|
|
openjpeg<1.5 arbitrary-code-execution http://secunia.com/advisories/48498/
|
|
raptor-[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037
|
|
raptor2<2.0.7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037
|
|
mediawiki<1.17.3 multiple-vulnerabilities http://secunia.com/advisories/48504/
|
|
suse{,32}_openssl<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2006-7250.html
|
|
opera<11.62 multiple-vulnerabilities http://secunia.com/advisories/48535/
|
|
typo3<4.5.14 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/
|
|
typo3>=4.6.0<4.6.7 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/
|
|
nginx>=0.1.0<0.7.65 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
nginx>=0.8.0<0.8.22 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-04.html
|
|
wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-05.html
|
|
wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-06.html
|
|
wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-07.html
|
|
file<5.11 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571
|
|
suse{,32}_libpng<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3045.html
|
|
phppgadmin<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1600
|
|
png<1.5.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048
|
|
adobe-flash-plugin>10<11.2.202.228 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html
|
|
adobe-flash-plugin<10.3.183.18 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html
|
|
expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
|
|
expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147
|
|
expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148
|
|
suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-0876.html
|
|
suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1147.html
|
|
suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1148.html
|
|
jdbc-postgresql80-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
jdbc-postgresql81-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
jdbc-postgresql82-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
csound5-[0-9]* remote-system-access http://secunia.com/advisories/48719/
|
|
csound5<5.16.7 remote-system-access http://secunia.com/advisories/48148/
|
|
rpm<4.9.1.3 remote-system-access http://secunia.com/advisories/48651/
|
|
tiff<4.0.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173
|
|
suse{,32}_libtiff<12.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173
|
|
ImageMagick<6.7.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610
|
|
ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259
|
|
ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260
|
|
ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798
|
|
ap{2,22}-fcgid>=2.3.6<2.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1181
|
|
slock<1.0 local-security-bypass http://secunia.com/advisories/48700/
|
|
gajim<0.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2085
|
|
gajim<0.15 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2086
|
|
mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/
|
|
mysql-client>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/
|
|
ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/48770/
|
|
flightgear-[0-9]* buffer-overflow http://secunia.com/advisories/48780/
|
|
acroread9<9.5.1 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-08.html
|
|
samba<3.0.37nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
|
|
samba>=3.3<3.3.16nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
|
|
samba>=3.5<3.5.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
|
|
samba>=3.6<3.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
|
|
puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/48743/
|
|
ruby1{8,9}-puppet<2.7.13 multiple-vulnerabilities http://secunia.com/advisories/48743/
|
|
suse{,32}_openssl<12.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2012-1165.html
|
|
openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165
|
|
openssl>=1.0<1.0.0h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165
|
|
links{,-gui}<2.6 local-system-compromise http://secunia.com/advisories/48689/
|
|
gcc<4.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gcc3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gcc34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gcc44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_freetype2<12.1nb1 local-system-compromise http://secunia.com/advisories/48805/
|
|
gallery>=2.0<2.3.2 cross-site-scripting http://secunia.com/advisories/48767/
|
|
gallery>=3.0<3.0.3 cross-site-scripting http://secunia.com/advisories/48767/
|
|
suse{,32}_libpng<12.1nb2 local-system-compromise http://support.novell.com/security/cve/CVE-2011-3048.html
|
|
openjpeg<1.5.0 arbitrary-code-execution http://secunia.com/advisories/48781/
|
|
phpmyadmin>=3.4.0<3.4.10.2 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php
|
|
mysql-server<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html
|
|
mysql-client<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html
|
|
mysql-server>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html
|
|
mysql-client>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html
|
|
mysql-server>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
|
|
mysql-client>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html
|
|
mysql-server>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html
|
|
mysql-client>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html
|
|
mysql-server>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html
|
|
mysql-client>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html
|
|
mysql-server>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
|
|
mysql-client>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html
|
|
gajim<0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2093
|
|
typo3<4.5.15 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
|
|
typo3>=4.6.0<4.6.8 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/
|
|
openssl<0.9.8v denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
|
|
openssl>=1.0<1.0.0i denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
|
|
openssl>=1.0.1<1.0.1a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
|
|
php{5,53}-owncloud<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2269
|
|
php{5,53}-owncloud<3.0.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2270
|
|
bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465
|
|
bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465
|
|
bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465
|
|
bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466
|
|
bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466
|
|
bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466
|
|
php{5,53}-owncloud<3.0.2 remote-security-bypass https://seclists.org/fulldisclosure/2012/Apr/223
|
|
ruby1{8,9,93}-rubygems<1.8.23 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126
|
|
ruby19-base<1.9.2pl320 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126
|
|
ruby193-base<1.9.3p194 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126
|
|
mysql-server>=5.1<5.1.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583
|
|
mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583
|
|
mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688
|
|
mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688
|
|
mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690
|
|
mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690
|
|
mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1696
|
|
mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1697
|
|
mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703
|
|
mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703
|
|
apache>=2.0<2.2.22nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883
|
|
apache>=2.4<2.4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883
|
|
asterisk>=1.6<1.6.2.24 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html
|
|
asterisk>=1.8<1.8.11.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html
|
|
asterisk>=10.0<10.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html
|
|
asterisk>=1.6<1.6.2.24 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html
|
|
asterisk>=1.8<1.8.11.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html
|
|
asterisk>=10.0<10.3.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html
|
|
asterisk>=1.8<1.8.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html
|
|
asterisk>=10.0<10.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html
|
|
firefox36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xulrunner192-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openssl<12.1nb3 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-0884.html
|
|
wordpress<3.3.2 multiple-vulnerabilities http://secunia.com/advisories/48957/
|
|
firefox10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.4
|
|
firefox<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox12
|
|
thunderbird10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.4
|
|
thunderbird<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12
|
|
seamonkey<2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.9
|
|
xulrunner<12 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html
|
|
xulrunner10<10.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html
|
|
openssl<0.9.8w denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131
|
|
net-snmp<5.6.1.1nb3 denial-of-service http://secunia.com/advisories/48938/
|
|
ruby1{8,9,93}-mail<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/48970/
|
|
python32<3.2.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2135
|
|
php{5,53,54,55}-concrete5<5.7.4.2 cross-site-scripting http://secunia.com/advisories/48997/
|
|
samba>=3.5<3.5.15 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
|
|
samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
|
|
drupal>=7<7.13 multiple-vulnerabilities http://secunia.com/advisories/49012/
|
|
p5-Config-IniFiles<2.71 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2451
|
|
php<5.3.12nb1 sensitive-information-exposure http://secunia.com/advisories/49014/
|
|
libpurple<2.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214
|
|
adobe-flash-plugin<10.3.183.19 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html
|
|
adobe-flash-plugin>=11<11.2.202.235 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html
|
|
php{5,53}-orangehrm<2.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1506
|
|
php{5,53}-orangehrm<2.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1507
|
|
opera<11.64 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/
|
|
openssl<0.9.8x denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
|
|
drupal<6.27 information-disclosure http://secunia.com/advisories/49131/
|
|
drupal>=7.0<7.15 information-disclosure http://secunia.com/advisories/49131/
|
|
sympa<6.1.11 multiple-vulnerabilities http://secunia.com/advisories/49045/
|
|
pidgin-otr<3.2.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2369
|
|
socat<1.7.2.1 remote-system-access http://secunia.com/advisories/49105/
|
|
gdk-pixbuf2<2.26.1nb2 remote-system-access http://secunia.com/advisories/49125/
|
|
taglib<1.7.2 denial-of-service http://secunia.com/advisories/49159/
|
|
libxml2<2.7.8nb10 remote-system-access http://secunia.com/advisories/49177/
|
|
openoffice3{,-bin}<3.4 remote-system-access http://secunia.com/advisories/46992/
|
|
libreoffice3{,-bin}<3.5.3 remote-system-access http://secunia.com/advisories/47244/
|
|
sudo<1.7.9p1 local-security-bypass http://secunia.com/advisories/49219/
|
|
ikiwiki<3.20120516 cross-site-scripting http://secunia.com/advisories/49232/
|
|
moodle<2.1.6 multiple-vulnerabilities http://secunia.com/advisories/49233/
|
|
wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-08.html
|
|
wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-09.html
|
|
wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-10.html
|
|
rt<3.8.12 multiple-vulnerabilities http://secunia.com/advisories/49259/
|
|
haproxy<1.4.21 arbitrary-code-execution http://secunia.com/advisories/49261/
|
|
py{25,26,27,31,32}-crypto<2.6 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2417
|
|
apache-ant<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098
|
|
py{25,26,27,31,32}-feedparser<5.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921
|
|
xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625
|
|
xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544
|
|
asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html
|
|
asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html
|
|
asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html
|
|
asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html
|
|
qemu<1.1.0 local-security-bypass http://secunia.com/advisories/49283/
|
|
focal81<0nb1 uses-gets http://gnats.netbsd.org/46510
|
|
asterisk<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
postgresql84-pgcrypto<8.4.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/
|
|
postgresql90-pgcrypto<9.0.8 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/
|
|
postgresql91-pgcrypto<9.1.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/
|
|
ups-nut<2.6.4 denial-of-service http://secunia.com/advisories/49348/
|
|
ruby{18,19,193}-activerecord>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/
|
|
ruby{18,19,193}-activerecord>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/
|
|
ruby{18,19,193}-activerecord>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/
|
|
ruby{18,19,193}-actionpack>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/
|
|
ruby{18,19,193}-actionpack>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/
|
|
ruby{18,19,193}-actionpack>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/
|
|
gimp>=2.6.11<2.8.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763
|
|
bind>=9.6<9.6.3.1.ESV.7pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667
|
|
bind>=9.7<9.7.6pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667
|
|
bind>=9.8<9.8.3pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667
|
|
bind>=9.9<9.9.1pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667
|
|
mit-krb5<1.8.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013
|
|
xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html
|
|
xulrunner<13 privilege-escalation http://www.mozilla.org/security/announce/2012/mfsa2012-35.html
|
|
xulrunner<13 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html
|
|
xulrunner<13 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html
|
|
xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
|
|
nss<3.13.5 denial-of-service http://www.mozilla.org/security/announce/2012/mfsa2012-39.html
|
|
xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
|
|
xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html
|
|
xulrunner10<10.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html
|
|
xulrunner10<10.0.5 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html
|
|
xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
|
|
xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
|
|
firefox10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.5
|
|
firefox<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox13
|
|
thunderbird10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.5
|
|
thunderbird<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13
|
|
seamonkey<2.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.10
|
|
quagga-[0-9]* denial-of-service http://secunia.com/advisories/49401/
|
|
adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html
|
|
adobe-flash-plugin>=11<11.2.202.236 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html
|
|
xenkernel33-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability
|
|
xenkernel3-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability
|
|
xenkernel41<4.1.2nb1 privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability
|
|
xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation
|
|
xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation
|
|
xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation
|
|
xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29
|
|
xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29
|
|
xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29
|
|
mantis<1.2.11 remote-security-bypass http://secunia.com/advisories/49414/
|
|
mysql-server>=5.1<5.1.63 multiple-vulnerabilities http://secunia.com/advisories/49409/
|
|
mysql-server>=5.5<5.5.25 multiple-vulnerabilities http://secunia.com/advisories/49409/
|
|
sun-{jdk,jre}6<6.0.33 multiple-vulnerabilities http://secunia.com/advisories/49472/
|
|
ruby{18,19,193}-activerecord>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/
|
|
ruby{18,19,193}-activerecord>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/
|
|
ruby{18,19,193}-activerecord>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/
|
|
ruby{18,19,193}-actionpack>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/
|
|
ruby{18,19,193}-actionpack>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/
|
|
ruby{18,19,193}-actionpack>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/
|
|
asterisk>=10.0<10.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-009.html
|
|
contao211<2.11.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2012-4383
|
|
mediawiki<1.19.1 cross-site-scripting http://secunia.com/advisories/49484/
|
|
opera<12 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unix/1200/
|
|
suse{,32}_libxml2<12.1nb2 remote-system-access http://support.novell.com/security/cve/CVE-2011-3102.html
|
|
ioquake3<1.36.20200125 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3345
|
|
tiff<4.0.2 arbitrary-code-execution http://secunia.com/advisories/49493/
|
|
ap{2,22}-modsecurity{,2}<2.6.6 remote-security-bypass http://secunia.com/advisories/49576/
|
|
apache-roller<5.0.1 cross-site-scripting http://secunia.com/advisories/49593/
|
|
mini_httpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4490
|
|
thttpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4491
|
|
wordpress<3.4.1 multiple-vulnerabilities http://wordpress.org/news/2012/06/wordpress-3-4-1/
|
|
typo3<4.5.17 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/
|
|
typo3>=4.6.0<4.6.10 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/
|
|
typo3>=4.7.0<4.7.2 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/
|
|
suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2088.html
|
|
suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2113.html
|
|
asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html
|
|
asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html
|
|
asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html
|
|
asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html
|
|
libpurple<2.10.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3374
|
|
at-spi2-atk<2.5.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3378
|
|
mono<2.10.9nb12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382
|
|
vlc<2.0.2 remote-system-access http://secunia.com/advisories/49835/
|
|
libreoffice3{,-bin}<3.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713
|
|
openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713
|
|
ruby1{8,9}-puppet<2.7.18 multiple-vulnerabilities http://secunia.com/advisories/49863/
|
|
libexif<0.6.21 multiple-vulnerabilities http://secunia.com/advisories/49857/
|
|
bash>4.2<4.2nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410
|
|
tcl-snack-[0-9]* remote-system-access http://secunia.com/advisories/49889/
|
|
openjpeg<1.5.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3358
|
|
moodle<2.1.7 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.7_release_notes
|
|
firefox10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.6
|
|
firefox<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox14
|
|
thunderbird10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.6
|
|
thunderbird<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14
|
|
seamonkey<2.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.11
|
|
xulrunner<14 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html
|
|
xulrunner10<10.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html
|
|
tiff<4.0.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
|
|
suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-3401.html
|
|
php<5.3.15 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3365
|
|
nsd<3.2.12 denial-of-service http://secunia.com/advisories/49795/
|
|
suse{,32}_gtk2<12.1nb2 remote-system-access http://secunia.com/advisories/49983/
|
|
wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-11.html
|
|
wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-12.html
|
|
contao211<2.11.5 information-leak https://github.com/contao/core/issues/4535
|
|
squidclamav<6.7 denial-of-service https://secunia.com/advisories/49057/
|
|
isc-dhcp<4.2.4p1 multiple-vulnerabilities https://secunia.com/advisories/50018/
|
|
bind>=9.6<9.6.3.1.ESV.7pl2 denial-of-service http://secunia.com/advisories/50020/
|
|
bind>=9.7<9.7.6pl2 denial-of-service http://secunia.com/advisories/50020/
|
|
bind>=9.8<9.8.3pl2nb1 denial-of-service http://secunia.com/advisories/50020/
|
|
bind>=9.9<9.9.1pl2 denial-of-service http://secunia.com/advisories/50020/
|
|
RTFM<2.4.4 cross-site-scripting http://secunia.com/advisories/50024/
|
|
bugzilla>=2.17.5<3.6.10 sensitive-information-exposure https://secunia.com/advisories/50040/
|
|
bugzilla>=3.7.1<4.0.7 sensitive-information-exposure https://secunia.com/advisories/50040/
|
|
bugzilla>=4.1.1<4.2.2 sensitive-information-exposure https://secunia.com/advisories/50040/
|
|
bugzilla>=4.3.1<4.3.2 sensitive-information-exposure https://secunia.com/advisories/50040/
|
|
ganglia-webfrontend>=3.1.7<3.5.1 remote-code-execution https://secunia.com/advisories/50047/
|
|
ruby{18,19,193}-actionpack>=3<3.0.16 denial-of-service https://secunia.com/advisories/48682/
|
|
ruby{18,19,193}-actionpack>=3.1<3.1.7 denial-of-service https://secunia.com/advisories/48682/
|
|
ruby{18,19,193}-actionpack>=3.2<3.2.7 denial-of-service https://secunia.com/advisories/48682/
|
|
Transmission<2.61 cross-site-scripting https://secunia.com/advisories/50027/
|
|
xenkernel33<3.3.2nb6 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html
|
|
xenkernel41<4.1.2nb3 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html
|
|
openttd<1.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3436
|
|
libxml2<2.8.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807
|
|
suse{,32}_libxml2<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-2807.html
|
|
ImageMagick<6.7.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3437
|
|
GraphicsMagick<1.3.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438
|
|
openldap-client<2.4.32 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668
|
|
py{25,26,27,31,32}-django<1.4.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442
|
|
py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443
|
|
py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444
|
|
mit-krb5>=1.8<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014
|
|
mit-krb5>=1.10<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015
|
|
libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3445
|
|
suse{,32}_libjpeg<12.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2806.html
|
|
icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422
|
|
icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423
|
|
suse{,32}_libpng<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-3425.html
|
|
libreoffice3-bin<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665
|
|
libreoffice<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665
|
|
opera<12.01 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/
|
|
opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1025/
|
|
opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1026/
|
|
opera<12.01 remote-code-execution http://www.opera.com/support/kb/view/1027/
|
|
ntop<5.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4165
|
|
openoffice3<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665
|
|
openoffice3-bin<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665
|
|
phpmyadmin>=3.5<3.5.2.1 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php
|
|
koffice<2.3.3 buffer-overflow http://secunia.com/advisories/50199/
|
|
gnome-screensaver>=3.4.2<3.4.4 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3452
|
|
emacs24{,-nox11}<24.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479
|
|
emacs{,-nox11}>23.1<23.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479
|
|
typo3<4.5.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/
|
|
typo3>=4.6.0<4.6.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/
|
|
typo3>=4.7.0<4.7.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/
|
|
adobe-flash-plugin<11.2.202.238 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-18.html
|
|
php{5,53}-owncloud<4.0.6 multiple-vulnerabilities http://secunia.com/advisories/49894/
|
|
php{5,53}-owncloud<4.0.7 multiple-vulnerabilities http://secunia.com/advisories/50214/
|
|
acroread9-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/50290/
|
|
fetchmail<6.3.21nb1 multiple-vulnerabilities http://www.fetchmail.info/fetchmail-SA-2012-02.txt
|
|
fetchmail<6.3.22 information-disclosure http://www.fetchmail.info/fetchmail-SA-2012-01.txt
|
|
ruby{18,19,193}-rails<3.0.17 cross-site-scripting http://secunia.com/advisories/50128/
|
|
ruby{18,19,193}-rails>=3.1<3.1.8 cross-site-scripting http://secunia.com/advisories/50128/
|
|
ruby{18,19,193}-rails>=3.2<3.2.8 cross-site-scripting http://secunia.com/advisories/50128/
|
|
rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/50272/
|
|
wireshark<1.6.10 multiple-vulnerabilities http://secunia.com/advisories/50276/
|
|
postgresql83-server<8.3.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/
|
|
postgresql84-server<8.4.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/
|
|
postgresql90-server<9.0.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/
|
|
postgresql91-server<9.1.5 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/
|
|
phpmyadmin>=3.4<3.5.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
|
|
nss<3.13.4 denial-of-service http://secunia.com/advisories/49288/
|
|
xenkernel41<4.1.2nb4 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-08/msg00855.html
|
|
gimp<2.8.0nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481
|
|
gimp<2.8.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403
|
|
tinyproxy<1.8.3nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-3505
|
|
inn<2.5.3 remote-data-manipulation http://secunia.com/advisories/50320/
|
|
apache>=2.4<2.4.3 multiple-vulnerabilities http://httpd.apache.org/security/vulnerabilities_24.html#2.4.3
|
|
adobe-flash-plugin<11.2.202.238 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-19.html
|
|
gnugk<3.1 unknown http://secunia.com/advisories/50343/
|
|
jabberd>=2<2.2.17 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3525
|
|
xetex<0.9998 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702
|
|
firefox10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7
|
|
firefox<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox15
|
|
thunderbird10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.7
|
|
thunderbird<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird15
|
|
seamonkey<2.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.12
|
|
xulrunner<15 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html
|
|
xulrunner10<10.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html
|
|
openjpeg<1.5.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3535
|
|
mono<2.10.9nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543
|
|
asterisk>=1.8<1.8.15.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html
|
|
asterisk>=10.0<10.7.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html
|
|
asterisk>=1.8<1.8.15.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html
|
|
asterisk>=10.0<10.7.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html
|
|
opera<12.02 arbitrary-code-execution http://www.opera.com/support/kb/view/1028/
|
|
sun-{jdk,jre}6<6.0.35 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681
|
|
mediawiki<1.19.2 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html
|
|
bugzilla>=2.12<3.6.10 information-disclosure http://secunia.com/advisories/50433/
|
|
bugzilla>=3.7.1<4.0.7 information-disclosure http://secunia.com/advisories/50433/
|
|
bugzilla>=4.1.1<4.2.2 information-disclosure http://secunia.com/advisories/50433/
|
|
bugzilla>=4.3.1<4.3.2 information-disclosure http://secunia.com/advisories/50433/
|
|
ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50468/
|
|
wireshark<1.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548
|
|
wireshark>=1.8.0<1.8.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548
|
|
py{25,26,27,31,32}-moin<1.9.5 remote-security-bypass http://secunia.com/advisories/50496/
|
|
openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/50133/
|
|
php{53,54}-concrete5<5.6.0 multiple-vulnerabilities http://secunia.com/advisories/50001/
|
|
xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html
|
|
xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html
|
|
xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html
|
|
xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html
|
|
xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html
|
|
qemu<1.2.0 privilege-escalation http://secunia.com/advisories/50461/
|
|
php{53,54}-tiki6>=8<8.5 unknown-impact http://secunia.com/advisories/50488/
|
|
mcrypt<2.6.8nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4409
|
|
webmin<1.600 multiple-vulnerabilities http://secunia.com/advisories/50512/
|
|
xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html
|
|
wordpress<3.4.2 remote-security-bypass http://wordpress.org/news/2012/09/wordpress-3-4-2/
|
|
freeradius>=2<2.1.12nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547
|
|
openslp<1.2.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4428
|
|
tor<0.2.2.39 denial-of-service http://secunia.com/advisories/50578/
|
|
vino-[0-9]* information-disclosure http://secunia.com/advisories/50527/
|
|
isc-dhcp<4.2.4p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
|
|
bacula<5.2.11 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-4430
|
|
apache>=2.2<2.2.23 multiple-vulnerabilities http://www.apache.org/dist/httpd/Announcement2.2.html
|
|
bind>=9.6<9.6.3.1.ESV.7pl3 denial-of-service https://kb.isc.org/article/AA-00778
|
|
bind>=9.7<9.7.6pl3 denial-of-service https://kb.isc.org/article/AA-00778
|
|
bind>=9.8<9.8.3pl3 denial-of-service https://kb.isc.org/article/AA-00778
|
|
bind>=9.9<9.9.1pl3 denial-of-service https://kb.isc.org/article/AA-00778
|
|
dbus>=1.5<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3524
|
|
xmlrpc-c-ss>=1.26<1.32 denial-of-service http://secunia.com/advisories/50648/
|
|
moodle<2.1.8 multiple-vulnerabilities http://secunia.com/advisories/50588/
|
|
optipng<0.7.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4432
|
|
jenkins<1.466.2 multiple-vulnerabilities http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
|
|
gnupg<1.4.12 remote-spoofing http://secunia.com/advisories/50639/
|
|
gnupg2<2.0.19 remote-spoofing http://secunia.com/advisories/50639/
|
|
wordpress<3.5 cross-site-scripting http://secunia.com/advisories/50715/
|
|
ghostscript<8.71nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405
|
|
ap{2,22}-rpaf<0.6 denial-of-service http://secunia.com/advisories/50400/
|
|
libxslt<1.1.27 multiple-vulnerabilities http://secunia.com/advisories/50864/
|
|
wireshark<1.8.3 multiple-vulnerabilities http://secunia.com/advisories/50843/
|
|
apache-tomcat-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.8
|
|
firefox<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16
|
|
thunderbird10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.8
|
|
thunderbird<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16
|
|
seamonkey<2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13
|
|
xulrunner<16 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
|
|
xulrunner10<10.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
|
|
bind>=9.6<9.6.3.1.ESV.7pl4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166
|
|
bind>=9.7<9.7.7 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166
|
|
bind>=9.8<9.8.4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166
|
|
bind>=9.9<9.9.2 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166
|
|
thunderbird10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
|
|
firefox10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
|
|
firefox<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16.0.1
|
|
thunderbird<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16.0.1
|
|
seamonkey<2.13.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13.1
|
|
xulrunner<16.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-88.html
|
|
adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html
|
|
adobe-flash-plugin>=11<11.2.202.243 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html
|
|
phpmyadmin>=3.5<3.5.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php
|
|
phpmyadmin>=3.5<3.5.3 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php
|
|
xlockmore-lite>=5.0<5.38nb2 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524
|
|
xlockmore-lite>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524
|
|
xlockmore>=5.0<5.38nb7 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524
|
|
xlockmore>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524
|
|
awstats<7.1 cross-site-scripting http://awstats.sourceforge.net/docs/awstats_changelog.txt
|
|
sun-{jdk,jre}6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/50949/
|
|
drupal>=7.0<7.16 multiple-vulnerabilities http://drupal.org/node/1815912
|
|
ruby18-base<1.8.7.370nb2 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/
|
|
ruby193-base<1.9.3p286 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/
|
|
ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50963/
|
|
ap{2,22}-modsecurity{,2}<2.7.0 remote-security-bypass http://secunia.com/advisories/49853/
|
|
openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/51029/
|
|
py{25,26,27,31,32}-django<1.4.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4520
|
|
tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
|
|
tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
|
|
tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581
|
|
suse{,32}_libtiff<12.1nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
|
|
viewvc<1.1.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4533
|
|
exim<4.80.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671
|
|
php{53,54}-tiki6<6.8 remote-system-access https://secunia.com/advisories/51067/
|
|
rt<3.8.15 multiple-vulnerabilities https://secunia.com/advisories/51062/
|
|
firefox<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html
|
|
firefox10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html
|
|
seamonkey<2.13.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html
|
|
thunderbird<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html
|
|
thunderbird10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html
|
|
RTFM<2.4.5 security-bypass https://secunia.com/advisories/51062/
|
|
webkit-gtk<1.8.3 multiple-vulnerabilities https://secunia.com/advisories/51070/
|
|
kdelibs4<4.10.2 multiple-vulnerabilities https://secunia.com/advisories/51097/
|
|
suse{,32}_gtk2<12.1nb4 multiple-vulnerabilities https://secunia.com/advisories/51170/
|
|
tiff<4.0.3nb1 buffer-overflow https://secunia.com/advisories/51133/
|
|
pgbouncer<1.5.3 denial-of-service https://secunia.com/advisories/51128/
|
|
mysql-server>=5.1<5.1.66 multiple-vulnerabilities http://secunia.com/advisories/51008/
|
|
mysql-server>=5.5<5.5.28 multiple-vulnerabilities http://secunia.com/advisories/51008/
|
|
libproxy<0.3.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505
|
|
libproxy<0.3.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5580
|
|
wbm-passwd<1.605 cross-site-scripting https://secunia.com/advisories/51201/
|
|
typo3<4.5.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/
|
|
typo3>=4.6.0<4.6.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/
|
|
typo3>=4.7.0<4.7.6 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/
|
|
ruby193-base<1.9.3p327 security-bypass http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/
|
|
opera<12.10 multiple-vulnerabilities http://secunia.com/advisories/51183/
|
|
adobe-flash-plugin<10.3.183.43 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html
|
|
adobe-flash-plugin>=11<11.2.202.251 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html
|
|
apache-tomcat<5.5.36 multiple-vulnerabilities http://secunia.com/advisories/51138/
|
|
apache-tomcat>=6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/51138/
|
|
apache-tomcat>=7<7.0.30 multiple-vulnerabilities http://secunia.com/advisories/51138/
|
|
gegl<0.2.0nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433
|
|
icedtea-web<1.2.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540
|
|
weechat<0.3.9.1 remote-system-access http://secunia.com/advisories/51231/
|
|
gajim<0.15.3 remote-spoofing http://secunia.com/advisories/51209/
|
|
roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6130
|
|
roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6131
|
|
roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6132
|
|
roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6133
|
|
xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51200/
|
|
xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51200/
|
|
xenkernel41<4.1.3nb1 denial-of-service http://secunia.com/advisories/51200/
|
|
xmlrpc-c-ss<1.16.42 unknown-impact http://xmlrpc-c.sourceforge.net/change_super_stable.html
|
|
moodle<2.1.9 multiple-vulnerabilities http://secunia.com/advisories/51243/
|
|
openvas-server<3.0.4 remote-system-access http://secunia.com/advisories/49128/
|
|
mantis<1.2.12 sensitive-information-exposure http://secunia.com/advisories/51300/
|
|
weechat<0.3.9.2 remote-system-access http://secunia.com/advisories/51294/
|
|
horde<4.0.9 cross-site-scripting http://secunia.com/advisories/51233/
|
|
kronolith<3.0.18 cross-site-scripting http://secunia.com/advisories/51233/
|
|
firefox10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.11
|
|
firefox<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox17
|
|
thunderbird10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.11
|
|
thunderbird<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17
|
|
seamonkey<2.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.14
|
|
xulrunner<17 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html
|
|
xulrunner10<10.0.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html
|
|
opera<12.11 multiple-vulnerabilities http://secunia.com/advisories/51331/
|
|
lighttpd-1.4.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533
|
|
php{53,54}-owncloud<4.5.2 multiple-vulnerabilities http://secunia.com/advisories/51357/
|
|
jenkins<1.480.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
|
|
tor<0.2.3.25 denial-of-service http://secunia.com/advisories/51329/
|
|
libssh<0.53 multiple-vulnerabilities http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/
|
|
rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/51343/
|
|
mediawiki<1.19.3 multiple-vulnerabilities http://secunia.com/advisories/51424/
|
|
wireshark<1.8.4 multiple-vulnerabilities http://secunia.com/advisories/51422/
|
|
dovecot>=2<2.1.11 denial-of-service http://secunia.com/advisories/51455/
|
|
mysql-server>=5.1<5.1.67 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611
|
|
mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611
|
|
mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612
|
|
mysql-server>=5.1<5.5 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
|
|
mysql-server>=5.5<5.6 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
|
|
bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00828
|
|
bind>=9.9<9.9.2pl1 denial-of-service https://kb.isc.org/article/AA-00828
|
|
opera<12.12 multiple-vulnerabilities http://secunia.com/advisories/51462/
|
|
apache-tomcat>=7.0<7.0.31 multiple-vulnerabilities http://secunia.com/advisories/51425/
|
|
apache-tomcat>=6.0<6.0.35 multiple-vulnerabilities http://secunia.com/advisories/51425/
|
|
p5-Locale-Maketext<1.23 arbitrary-code-execution http://secunia.com/advisories/51498/
|
|
perl<5.14.2nb6 arbitrary-code-execution http://secunia.com/advisories/51498/
|
|
perl>=5.16.1<5.16.2nb1 arbitrary-code-execution http://secunia.com/advisories/51498/
|
|
bogofilter<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5468
|
|
xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51397/
|
|
xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51397/
|
|
xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51397/
|
|
gimp<2.8.2nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576
|
|
mupdf<1.1 remote-system-access https://nvd.nist.gov/vuln/detail/CVE-2012-5340
|
|
adobe-flash-plugin<10.3.183.48 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html
|
|
adobe-flash-plugin>=11<11.2.202.258 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html
|
|
ffmpeg<20121209.1.0.1nb1 remote-system-access http://secunia.com/advisories/51464/
|
|
libxml2<2.9.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
|
|
suse{,32}_libxml2<12.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
|
|
squid<2.7.9nb5 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
|
|
squid>=3.1<3.1.23 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
|
|
drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651
|
|
drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5652
|
|
drupal<6.27 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653
|
|
drupal>=7.0<7.18 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651
|
|
drupal>=7.0<7.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653
|
|
isearch<1.47.01nb1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2012-5663
|
|
nagios-base<3.4.4 arbitrary-code-execution http://secunia.com/advisories/51537/
|
|
tiff<4.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581
|
|
qt4-libs<4.8.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5624
|
|
horde-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
imp-4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
turba-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ingo-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
kronolith-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php{53,54,55}-tiki6<6.9 remote-system-access http://secunia.com/advisories/51650/
|
|
php{53,54}-owncloud<4.5.5 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5665
|
|
php{53,54}-owncloud<4.5.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5666
|
|
grep<2.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5667
|
|
freetype2<2.4.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668
|
|
freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669
|
|
freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670
|
|
elinks>0.11<0.12rc6 remote-security-bypass http://bugzilla.elinks.cz/show_bug.cgi?id=1124
|
|
vlc<2.0.5 buffer-overflow http://secunia.com/advisories/51692/
|
|
gnupg<1.4.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085
|
|
asterisk>=1.8<1.8.19.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html
|
|
asterisk>=10.0<10.11.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html
|
|
asterisk>=11.0<11.1.2 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html
|
|
asterisk>=1.8<1.8.19.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html
|
|
asterisk>=10.0<10.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html
|
|
asterisk>=11.0<11.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html
|
|
py{26,27}-moin<1.9.6 multiple-vulnerabilities http://secunia.com/advisories/51663/
|
|
swi-prolog<6.2.5 buffer-overflow http://secunia.com/advisories/51709/
|
|
rpm>=4.10.0<4.10.2 security-bypass http://secunia.com/advisories/51706/
|
|
ruby{18,19,193}-activerecord>3.0<3.0.18 sql-injection http://secunia.com/advisories/51697/
|
|
ruby{18,19,193}-activerecord>3.1<3.1.9 sql-injection http://secunia.com/advisories/51697/
|
|
ruby{18,19,193}-activerecord>3.2<3.2.10 sql-injection http://secunia.com/advisories/51697/
|
|
ruby{18,19,193}-activerecord>3.0<3.0.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
|
|
ruby{18,19,193}-activerecord>3.1<3.1.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
|
|
ruby{18,19,193}-activerecord>3.2<3.2.11 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
|
|
ruby{18,19,193}-actionpack>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
|
|
ruby{18,19,193}-actionpack>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
|
|
ruby{18,19,193}-actionpack>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155
|
|
ruby{18,19,193}-activesupport>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156
|
|
ruby{18,19,193}-activesupport>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156
|
|
ruby{18,19,193}-activesupport>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156
|
|
php{53,54}-concrete5<5.6.0.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5181
|
|
proftpd<1.3.4c privilege-elevation http://bugs.proftpd.org/show_bug.cgi?id=3841
|
|
jenkins<1.480.2 multiple-vulnerabilities http://secunia.com/advisories/51712/
|
|
nginx<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968
|
|
firefox10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.12
|
|
firefox<18 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox18
|
|
thunderbird10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.12
|
|
thunderbird<17.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2
|
|
seamonkey<2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.15
|
|
xulrunner<18 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html
|
|
xulrunner10<10.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html
|
|
adobe-flash-plugin<10.3.183.50 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html
|
|
adobe-flash-plugin>=11<11.2.202.261 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html
|
|
freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4966
|
|
sun-{jdk,jre}7<7.0.11 remote-system-access http://secunia.com/advisories/51820/
|
|
xenkernel41<4.1.4 denial-of-service http://secunia.com/advisories/51734/
|
|
ettercap<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/
|
|
ettercap-NG<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/
|
|
acroread9<9.5.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-02.html
|
|
gnupg2<2.0.19nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085
|
|
couchdb<1.2.1 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5649
|
|
couchdb<1.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5650
|
|
drupal<6.28 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001
|
|
drupal>=7.0<7.19 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001
|
|
ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
|
|
ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
|
|
ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109
|
|
ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
|
|
ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
|
|
ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183
|
|
ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
|
|
ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
|
|
ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184
|
|
mysql-server>=5.1<5.1.67 multiple-vulnerabilities http://secunia.com/advisories/51894/
|
|
mysql-server>=5.5<5.5.29 multiple-vulnerabilities http://secunia.com/advisories/51894/
|
|
xentools41<4.1.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075
|
|
atheme-[0-9]* denial-of-service http://secunia.com/advisories/51852/
|
|
mantis<1.2.13 cross-site-scripting http://secunia.com/advisories/51853/
|
|
moodle<2.3.4 multiple-vulnerabilities http://secunia.com/advisories/51842/
|
|
php{53,54}-owncloud<4.5.6 multiple-vulnerabilities http://secunia.com/advisories/51872/
|
|
suse{,32}_qt4<12.1nb1 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-4929.html
|
|
suse{,32}_qt4<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2012-5624.html
|
|
suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5668.html
|
|
suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5669.html
|
|
py{25,26,27,31,32}-django-cms<2.3.5 script-insertion http://secunia.com/advisories/51953/
|
|
wordpress<3.5.1 multiple-vulnerabilities http://secunia.com/advisories/51967/
|
|
bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00855
|
|
bind>=9.9<9.9.2pl1nb2 denial-of-service https://kb.isc.org/article/AA-00855
|
|
ruby{18,19,193}-activesupport>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333
|
|
ruby{18,19,193}-activemodel>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333
|
|
ffmpeg>=20121018.1.0.0<20130121.1.0.2 multiple-vulnerabilities http://secunia.com/advisories/51964/
|
|
ffmpeg>=20130128.1.1.0<20130120.1.1.1 multiple-vulnerabilities http://secunia.com/advisories/51975/
|
|
libupnp<1.6.18 buffer-overflow http://secunia.com/advisories/51949/
|
|
libssh<0.54 null-dereference http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/
|
|
libvirt<1.0.2 arbitrary-code-execution http://secunia.com/advisories/52003/
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-01.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-02.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-03.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-04.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-05.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-06.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-07.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-08.html
|
|
wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-09.html
|
|
opera<12.13 multiple-vulnerabilities http://secunia.com/advisories/52005/
|
|
vlc<2.0.5nb2 buffer-overflow http://secunia.com/advisories/51995/
|
|
ircd-hybrid<7.2.3nb6 denial-of-service http://secunia.com/advisories/51948/
|
|
latd>=1.25<1.31 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0251
|
|
samba<3.5.21 clickjacking http://www.samba.org/samba/security/CVE-2013-0213
|
|
samba>=3.6<3.6.12 clickjacking http://www.samba.org/samba/security/CVE-2013-0213
|
|
samba<3.5.21 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214
|
|
samba>=3.6<3.6.12 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214
|
|
miniupnpd<1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0229
|
|
samba<3.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
sun-{jdk,jre}6<6.0.39 multiple-vulnerabilities http://secunia.com/advisories/52064/
|
|
sun-{jdk,jre}7<7.0.13 multiple-vulnerabilities http://secunia.com/advisories/52064/
|
|
ruby193-base<1.9.3p385 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/
|
|
ruby{18,19,193}-rdoc<3.12.1 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/
|
|
ruby19-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools41<4.1.4nb4 denial-of-service http://secunia.com/advisories/52055/
|
|
xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51881/
|
|
xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51881/
|
|
openssl<0.9.8y multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt
|
|
openssl>=1.0.0<1.0.1d multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt
|
|
qt4-libs<4.8.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254
|
|
curl>=7.26.0<7.28.1nb3 remote-system-access http://secunia.com/advisories/52103/
|
|
openssl-1.0.1d{,nb1} data-corruption http://www.mail-archive.com/openssl-dev@openssl.org/msg32009.html
|
|
ruby{18,193}-rack<1.2.8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
|
|
ruby{18,193}-rack>=1.3<1.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
|
|
ruby{18,193}-rack>=1.4<1.4.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263
|
|
ruby{18,193}-rack>=1.4<1.4.5 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262
|
|
roundcube<0.8.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6121
|
|
postgresql83-server<8.3.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
|
postgresql84-server<8.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
|
postgresql90-server<9.0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
|
postgresql91-server<9.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
|
postgresql92-server<9.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255
|
|
polarssl<1.2.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
|
|
gnutls<3.0.28 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
|
|
ffmpeg<20130206.1.1.2 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0862
|
|
ffmpeg<20130206.1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0863
|
|
ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0864
|
|
ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0865
|
|
ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0866
|
|
ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0867
|
|
ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868
|
|
ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0869
|
|
ffmpeg010<0.10.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868
|
|
ruby1{8,93}-puppet<2.7.1 multiple-vulnerabilities http://secunia.com/advisories/52127/
|
|
adobe-flash-plugin<10.3.183.51 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html
|
|
adobe-flash-plugin>=11<11.2.202.262 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html
|
|
ruby{18,193}-activerecord<3.1.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
|
|
ruby{18,193}-activerecord>3.2<3.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
|
|
ruby{18,193}-rails<3.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
|
|
ruby{18,193}-json<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
|
|
ruby{18,193}-json-pure<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
|
|
ruby193-base<1.9.3p385nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
|
|
ganglia-webfrontend-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275
|
|
adobe-flash-plugin<10.3.183.61 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html
|
|
adobe-flash-plugin>=11<11.2.202.270 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html
|
|
libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271
|
|
libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272
|
|
libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273
|
|
libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274
|
|
openjdk7{,-bin}<1.7.12 multiple-vulnerabilities http://secunia.com/advisories/52154/
|
|
sun-{jdk,jre}6-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
jenkins<1.480.3 multiple-vulnerabilities http://secunia.com/advisories/52236/
|
|
lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929
|
|
lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
|
firefox10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
|
|
firefox17<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.3
|
|
firefox<19 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19
|
|
thunderbird10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html
|
|
thunderbird<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.3
|
|
seamonkey<2.16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16
|
|
xulrunner10-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html
|
|
xulrunner17<17.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html
|
|
xulrunner<19 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html
|
|
firefox10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
thunderbird10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xulrunner10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
dbus-glib<0.100.1 privilege-escalation http://secunia.com/advisories/52225/
|
|
sun-{jdk,jre}6<6.0.41 multiple-vulnerabilities http://secunia.com/advisories/52257/
|
|
sun-{jdk,jre}7<7.0.15 multiple-vulnerabilities http://secunia.com/advisories/52257/
|
|
py{25,26,27,31,32}-django<1.4.4 multiple-vulnerabilities http://secunia.com/advisories/52243/
|
|
ruby193-base<1.9.3p392 denial-of-service http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/
|
|
drupal>=7.0<7.20 denial-of-service http://drupal.org/SA-CORE-2013-002
|
|
geeklog<1.8.2.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.8.2sr1
|
|
acroread9<9.5.4 remote-system-access http://www.adobe.com/support/security/advisories/apsa13-02.html
|
|
php{53,54}-owncloud<4.5.7 multiple-vulnerabilities http://secunia.com/advisories/52303/
|
|
hplip{,3}<3.11.10 multiple-vulnerabilities http://secunia.com/advisories/42956/
|
|
openjdk7{,-bin}<1.7.13 multiple-vulnerabilities http://secunia.com/advisories/52257/
|
|
php{53,54}-piwigo<2.4.7 cross-site-request-forgery http://secunia.com/advisories/52228/
|
|
bugzilla>=2.0<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/52254/
|
|
bugzilla>=3.7.1<4.0.10 multiple-vulnerabilities http://secunia.com/advisories/52254/
|
|
bugzilla>=4.1.1<4.2.5 multiple-vulnerabilities http://secunia.com/advisories/52254/
|
|
bugzilla>=4.3.1<4.4rc2 multiple-vulnerabilities http://secunia.com/advisories/52254/
|
|
suse{,32}_openssl<12.1nb4 multiple-vulnerabilities http://secunia.com/advisories/52292/
|
|
apache-maven<3.0.5 man-in-the-middle-attack http://secunia.com/advisories/52381/
|
|
mit-krb5>=1.6.3<1.10.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415
|
|
mit-krb5>=1.6.3<1.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016
|
|
scmgit-base<1.8.1.4 man-in-the-middle-attack http://secunia.com/advisories/52361/
|
|
apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499
|
|
apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558
|
|
apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499
|
|
apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558
|
|
sudo<1.7.10p6 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776
|
|
poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788
|
|
poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789
|
|
poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790
|
|
adobe-flash-plugin<10.3.183.67 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html
|
|
adobe-flash-plugin>=11<11.2.202.273 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html
|
|
libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338
|
|
libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339
|
|
openafs<1.6.2 multiple-vulnerabilities https://www.openafs.org/security/OPENAFS-SA-2013-001.txt
|
|
openafs<1.6.2 denial-of-service https://www.openafs.org/security/OPENAFS-SA-2013-002.txt
|
|
sun-{jdk,jre}6<6.0.43 multiple-vulnerabilities http://secunia.com/advisories/52451/
|
|
sun-{jdk,jre}7<7.0.17 multiple-vulnerabilities http://secunia.com/advisories/52451/
|
|
ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0872
|
|
ffmpeg<20130223.1.1.3 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0873
|
|
ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0874
|
|
ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0875
|
|
ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0876
|
|
ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0877
|
|
ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0878
|
|
ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2276
|
|
ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2277
|
|
ruby{18,193}-extlib<0.9.16 remote-system-access http://secunia.com/advisories/52440/
|
|
stunnel<4.55 multiple-vulnerabilities http://secunia.com/advisories/52460/
|
|
perl<5.16.2nb4 denial-of-service http://secunia.com/advisories/52472/
|
|
mediawiki<1.20.3 multiple-vulnerabilities http://secunia.com/advisories/52485/
|
|
typo3<4.5.24 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
|
|
typo3>=4.6.0<4.6.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
|
|
typo3>=4.7.0<4.7.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
|
|
php53-soap<5.3.22 sensitive-information-exposure http://secunia.com/advisories/52377/
|
|
php54-soap<5.4.12 sensitive-information-exposure http://secunia.com/advisories/52377/
|
|
icu<50.1.1 unknown-impact http://secunia.com/advisories/52511/
|
|
suse{,32}_qt4<12.1nb3 local-security-bypass http://support.novell.com/security/cve/CVE-2013-0254.html
|
|
openjdk7{,-bin}<1.7.16 multiple-vulnerabilities http://secunia.com/advisories/52490/
|
|
wireshark<1.8.6 denial-of-service http://secunia.com/advisories/52471/
|
|
firefox17<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.4
|
|
firefox<19.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19.0.2
|
|
thunderbird<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.4
|
|
seamonkey<2.16.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16.1
|
|
webkit-gtk<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912
|
|
webkit-gtk3<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912
|
|
adobe-flash-plugin<10.3.183.68 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html
|
|
adobe-flash-plugin>=11<11.2.202.275 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html
|
|
ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495
|
|
ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496
|
|
ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495
|
|
ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496
|
|
ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1640/
|
|
ruby1{8,9,93}-puppet<3.1.1 insufficient-input-validation http://puppetlabs.com/security/cve/CVE-2013-1652/
|
|
ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1653/
|
|
ruby1{8,9,93}-puppet<3.1.1 weak-cryptography http://puppetlabs.com/security/cve/CVE-2013-1654/
|
|
ruby193-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1655/
|
|
ruby1{8,9,93}-puppet<2.6.18 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-2274/
|
|
ruby1{8,9,93}-puppet<3.1.1 remote-security-bypass http://puppetlabs.com/security/cve/CVE-2013-2275/
|
|
squid>=3.2<3.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1839
|
|
php{53,54}-owncloud<4.5.8 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1851
|
|
clamav<0.97.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7088
|
|
clamav<0.97.7 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7087
|
|
clamav<0.97.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-7089
|
|
ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/
|
|
mysql-server>=5.1<5.1.70 denial-of-service http://secunia.com/advisories/52639/
|
|
mysql-server>=5.5<5.5.32 denial-of-service http://secunia.com/advisories/52639/
|
|
mysql-server>=5.6<5.6.12 denial-of-service http://secunia.com/advisories/52639/
|
|
ruby{18,19,193}-ruby-activerecord<3.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854
|
|
ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855
|
|
ruby{18,19,193}-ruby-activesupport<3.2.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856
|
|
ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857
|
|
djvulibre-lib<3.5.25.3 remote-code-execution http://secunia.com/advisories/52697/
|
|
ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/
|
|
ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/52673/
|
|
py{25,26,27,31,32}-pip<1.3 insecure-temp-files http://secunia.com/advisories/52674/
|
|
x3270<3.3.12ga12 man-in-the-middle-attack http://secunia.com/advisories/52650/
|
|
mysql-client>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/
|
|
mysql-server>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/
|
|
mysql-client>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/
|
|
mysql-server>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/
|
|
tnftpd<20130322 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0418
|
|
se<3.0.1 local-command-inject http://se-editor.org/security/SE-SA-2013-001.txt
|
|
asterisk>=11.0<11.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2013-001.html
|
|
asterisk>=1.8<1.8.20.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html
|
|
asterisk>=10.0<10.12.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html
|
|
asterisk>=11.0<11.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html
|
|
asterisk>=1.8<1.8.20.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html
|
|
asterisk>=10.0<10.12.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html
|
|
asterisk>=11.0<11.2.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html
|
|
moodle>=2.3<2.3.5 multiple-vulnerabilities http://secunia.com/advisories/52691/
|
|
moodle>=2.4<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/52691/
|
|
libxslt<1.1.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139
|
|
roundcube<0.8.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1904
|
|
bind>=9.7<9.7.7nb5 denial-of-service https://kb.isc.org/article/AA-00871
|
|
bind>=9.8<9.8.4pl2 denial-of-service https://kb.isc.org/article/AA-00871
|
|
bind>=9.9<9.9.2pl2 denial-of-service https://kb.isc.org/article/AA-00871
|
|
pixman<0.28.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1591
|
|
ap{2,22}-modsecurity{,2}<2.7.3 sensitive-information-exposure http://secunia.com/advisories/52847/
|
|
firefox17<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.5
|
|
firefox<20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox20
|
|
thunderbird<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5
|
|
seamonkey<2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.17
|
|
xulrunner17<17.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html
|
|
xulrunner<20 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html
|
|
samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454
|
|
postgresql83-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
postgresql84-server<8.4.17 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/
|
|
postgresql90-server<9.0.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/
|
|
postgresql91-server<9.1.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/
|
|
postgresql92-server<9.2.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/
|
|
opera<12.15 multiple-vulnerabilities http://secunia.com/advisories/52859/
|
|
haproxy<1.4.23 denial-of-service http://secunia.com/advisories/52725/
|
|
php{53,54}-owncloud<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/52833/
|
|
mantis<1.2.15 cross-site-scripting http://secunia.com/advisories/52843/
|
|
mantis<1.2.14 cross-site-scripting http://secunia.com/advisories/52883/
|
|
xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/52857/
|
|
xenkernel41<4.1.4nb2 privilege-escalation http://secunia.com/advisories/52857/
|
|
ap{2,22}-subversion<1.7.9 denial-of-service http://secunia.com/advisories/52966/
|
|
adobe-flash-plugin<10.3.183.75 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html
|
|
adobe-flash-plugin>=11<11.2.202.280 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html
|
|
php{53,54}-owncloud<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1942
|
|
php{53,54}-owncloud<5.0.4 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1941
|
|
php{53,54}-owncloud<5.0.4 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1939
|
|
curl<7.30 remote-information-disclosure http://secunia.com/advisories/53051/
|
|
suse{,32}_libcurl<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2013-1944.html
|
|
mediawiki<1.20.4 multiple-vulnerabilities http://secunia.com/advisories/53054/
|
|
qemu<1.4.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1922
|
|
mit-krb5<1.10.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416
|
|
xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html
|
|
xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html
|
|
libxml2<2.9.0nb3 multiple-vulnerabilities http://secunia.com/advisories/53061/
|
|
suse{,32}_libxml2<12.1nb6 multiple-vulnerabilities http://support.novell.com/security/cve/CVE-2013-1969.html
|
|
sun-{jdk,jre}6<6.0.45 multiple-vulnerabilities http://secunia.com/advisories/53008/
|
|
sun-{jdk,jre}7<7.0.21 multiple-vulnerabilities http://secunia.com/advisories/53008/
|
|
icedtea-web<1.2.3 multiple-vulnerabilities http://secunia.com/advisories/53109/
|
|
mysql-server>=5.1<5.1.69 multiple-vulnerabilities http://secunia.com/advisories/53022/
|
|
mysql-server>=5.5<5.5.31 multiple-vulnerabilities http://secunia.com/advisories/53022/
|
|
mysql-server>=5.6<5.6.11 multiple-vulnerabilities http://secunia.com/advisories/53022/
|
|
php{53,54}-owncloud<5.0.5 multiple-vulnerabilities http://secunia.com/advisories/53118/
|
|
libxmp<4.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1980
|
|
tinc<1.0.21 remote-system-access http://secunia.com/advisories/53108/
|
|
phpmyadmin<3.5.8 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php
|
|
phpmyadmin<3.5.8.1 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php
|
|
clamav<0.97.8 multiple-vulnerabilities http://secunia.com/advisories/53150/
|
|
mediawiki<1.20.5 multiple-vulnerabilities http://secunia.com/advisories/53284/
|
|
memcached<1.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971
|
|
jenkins<1.509.1 multiple-vulnerabilities http://secunia.com/advisories/53286/
|
|
jenkins<1.514 multiple-vulnerabilities http://secunia.com/advisories/53286/
|
|
xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53187/
|
|
nginx>=1.3.9<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028
|
|
abcmidi<20130430 arbitrary-code-execution http://secunia.com/advisories/53318/
|
|
qemu<1.4.2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007
|
|
telepathy-idle<0.1.16 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6746
|
|
mit-krb5<1.10.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
|
|
mit-krb5>=1.10.5<1.10.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443
|
|
firefox17<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.6
|
|
firefox<21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox21
|
|
thunderbird<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.6
|
|
xulrunner17<17.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
|
|
xulrunner<21 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
|
|
tiff<4.0.3nb3 multiple-vulnerabilities http://secunia.com/advisories/53237/
|
|
xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53312/
|
|
apache-tomcat>=7<7.0.33 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067
|
|
apache-tomcat>=6<6.0.37 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067
|
|
apache-tomcat>=6<6.0.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544
|
|
adobe-flash-plugin<10.3.183.86 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html
|
|
adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html
|
|
php{53,54}-owncloud<5.0.6 multiple-vulnerabilities http://secunia.com/advisories/53392/
|
|
ruby193-base<1.9.3p429 local-security-bypass http://secunia.com/advisories/53432/
|
|
acroread9<9.5.5 multiple-vulnerabilities https://www.adobe.com/support/security/bulletins/apsb13-15.html
|
|
libvirt>1.0.0 denial-of-service http://secunia.com/advisories/53440/
|
|
wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486
|
|
wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487
|
|
wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488
|
|
moodle<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/52522/
|
|
dovecot>=2<2.2.2 denial-of-service http://secunia.com/advisories/53492/
|
|
suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1960.html
|
|
suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1961.html
|
|
xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072
|
|
xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072
|
|
rt<3.8.17 multiple-vulnerabilities http://secunia.com/advisories/53522/
|
|
rt>=4<4.0.13 multiple-vulnerabilities http://secunia.com/advisories/53522/
|
|
transifex-client<0.9 ssl-certificate-spoofing http://secunia.com/advisories/53413/
|
|
xf86-video-openchrome<0.3.3 buffer-overflow http://secunia.com/advisories/53424/
|
|
MesaLib<7.11.2nb3 multiple-vulnerabilities http://secunia.com/advisories/53558/
|
|
libXinerama<1.1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985
|
|
libXtst<1.2.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXxf86vm<1.1.3 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXvmc<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXxf86dga<1.1.4 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXext<1.3.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXfixes<5.0.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXp<1.0.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libFS<1.0.5 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXrender<0.9.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXrandr<1.4.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXt<1.1.4 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXres<1.0.7 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXv<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libXcursor<1.1.14 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libxcb<1.9.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libX11<1.5.99.902 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
|
|
libraw<0.15.2 remote-system-access http://secunia.com/advisories/53547/
|
|
ap{2,22}-modsecurity{,2}<2.7.4 denial-of-service http://secunia.com/advisories/53535/
|
|
apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
|
|
apache>=2.2<2.2.24nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862
|
|
gnutls>=2.12.23<3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116
|
|
telepathy-gabble<0.16.6 remote-security-bypass http://www.secunia.com/advisories/53626/
|
|
subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
|
|
subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
|
|
subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt
|
|
subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt
|
|
bind>=9.6.3.1.ESV.9<9.6.3.1.ESV.9pl1 denial-of-service https://kb.isc.org/article/AA-00967
|
|
bind>=9.8.5<9.8.5pl1 denial-of-service https://kb.isc.org/article/AA-00967
|
|
bind>=9.9.3<9.9.3pl1 denial-of-service https://kb.isc.org/article/AA-00967
|
|
suse{,32}<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_alsa<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_aspell<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_base<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_compat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_expat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_fontconfig<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_freetype2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_glx<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_gtk2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_krb5<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libcups<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libcurl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libdrm<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libjpeg<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libpng<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libsigc++2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libtiff<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libxml2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_locale<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openmotif<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_openssl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_qt4<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_slang<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_x11<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2149
|
|
php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2150
|
|
php>=5.3<5.3.26 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110
|
|
php>=5.4<5.4.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110
|
|
MesaLib<10 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1872
|
|
xenkernel41<4.1.6.1 multiple-vulnerabilities http://secunia.com/advisories/53591/
|
|
xenkernel42<4.2.3 multiple-vulnerabilities http://secunia.com/advisories/53591/
|
|
wireshark<1.8.8 multiple-vulnerabilities http://secunia.com/advisories/53762/
|
|
adobe-flash-plugin<10.3.183.90 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html
|
|
adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html
|
|
wordpress<3.5.2 denial-of-service http://secunia.com/advisories/53676/
|
|
xenkernel20-[0-9]* privilege-escalation http://secunia.com/advisories/53686/
|
|
xenkernel3-[0-9]* privilege-escalation http://secunia.com/advisories/53686/
|
|
xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/53686/
|
|
xenkernel41<4.1.6.1 privilege-escalation http://secunia.com/advisories/53686/
|
|
xenkernel42<4.2.3 privilege-escalation http://secunia.com/advisories/53686/
|
|
ffmpeg<20130510-1.2.1 multiple-vulnerabilities http://secunia.com/advisories/53825/
|
|
dbus<1.6.12 denial-of-service http://secunia.com/advisories/53317/
|
|
haproxy<1.4.24 denial-of-service http://secunia.com/advisories/53803/
|
|
firefox17<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.7
|
|
firefox<22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox22
|
|
thunderbird<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.7
|
|
xulrunner17<17.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html
|
|
xulrunner<22 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html
|
|
acroread9-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xml-security-c<1.7.1 remote-spoofing http://santuario.apache.org/secadv.data/CVE-2013-2153.txt
|
|
xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2154.txt
|
|
xml-security-c<1.7.1 denial-of-service http://santuario.apache.org/secadv.data/CVE-2013-2155.txt
|
|
xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2156.txt
|
|
ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/53766/
|
|
ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/53766/
|
|
#ffmpeg2 not affected by http://secunia.com/advisories/53766/
|
|
sun-{jdk,jre}6<6.0.51 multiple-vulnerabilities http://secunia.com/advisories/53846/
|
|
sun-{jdk,jre}7<7.0.25 multiple-vulnerabilities http://secunia.com/advisories/53846/
|
|
openjdk7{,-bin}<1.7.25 multiple-vulnerabilities http://secunia.com/advisories/53846/
|
|
vlc<2.0.7 multiple-vulnerabilities http://www.videolan.org/vlc/releases/2.0.7.html
|
|
xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211
|
|
xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211
|
|
curl>=7.7<7.30.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
|
|
xml-security-c<1.7.2 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2210.txt
|
|
xenkernel41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432
|
|
xenkernel42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432
|
|
ruby18-base<1.8.7.374 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
|
|
ruby193-base<1.9.3p448 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
|
|
ruby18-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gallery-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gallery<3.0.8 cross-site-scripting http://secunia.com/advisories/53664/
|
|
gallery<3.0.9 unknown http://secunia.com/advisories/53964/
|
|
libzrtpcpp<3.2.0 multiple-vulnerabilities http://secunia.com/advisories/53818/
|
|
ruby1{8,9,93}-puppet<3.2.2 remote-system-access http://puppetlabs.com/security/cve/CVE-2013-3567/
|
|
libvirt<1.1.0 denial-of-service http://secunia.com/advisories/53969/
|
|
salt<0.15.1 multiple-vulnerabilities http://secunia.com/advisories/53958/
|
|
libXi<1.7.2 multiple-vulnerabilities http://www.debian.org/security/2013/dsa-2683
|
|
mantis<1.2.15 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=249
|
|
quagga<0.99.22.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236
|
|
suse{,32}_libcurl<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2174.html
|
|
libkdcraw-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2126
|
|
suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2062.html
|
|
suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1981.html
|
|
suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1997.html
|
|
suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2004.html
|
|
ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54044/
|
|
ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54044/
|
|
#ffmpeg2 not affected by http://secunia.com/advisories/54044/
|
|
subversion16{,-base}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
adove-flash-plugin-10.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
adobe-flash-plugin>=11<11.2.202.297 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-17.html
|
|
vlc<2.0.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245
|
|
libxml2>2.8.0<2.9.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877
|
|
squid<3.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115
|
|
php<5.3.27 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113
|
|
nagstamon<0.9.10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4114
|
|
squid<3.3.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2013_3.txt
|
|
apache<2.2.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896
|
|
apache-ant<1.9.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571
|
|
ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54164/
|
|
ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54164/
|
|
ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54164/
|
|
moodle<2.5.1 multiple-vulnerabilities http://secunia.com/advisories/54130/
|
|
cyrus-saslauthd<2.1.26nb2 denial-of-service http://secunia.com/advisories/54098/
|
|
php{53,54,55}-tiki6<6.12 multiple-vulnerabilities http://secunia.com/advisories/54149/
|
|
openoffice3-[0-9]* remote-system-access http://secunia.com/advisories/54133/
|
|
openoffice3-bin-[0-9]* remote-system-access http://secunia.com/advisories/54133/
|
|
openafs<1.6.5 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt
|
|
openafs>=1.7<1.7.26 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt
|
|
xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/53797/
|
|
xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/53797/
|
|
xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/53797/
|
|
libvirt-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54169/
|
|
apache>=2.4<2.4.6 multiple-vulnerabilities http://secunia.com/advisories/54241/
|
|
php>=5.4<5.4.17nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113
|
|
icedtea-web<1.5prenb3 multiple-vulnerabilities http://secunia.com/advisories/53846/
|
|
minidlna<1.1.0 sql-injection http://secunia.com/advisories/54127/
|
|
wireshark<1.8.9 multiple-vulnerabilities http://secunia.com/advisories/54296/
|
|
wireshark>=1.9<1.10.1 multiple-vulnerabilities http://secunia.com/advisories/54296/
|
|
phpmyadmin<3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
|
|
phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
|
|
phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php
|
|
phpmyadmin<=3.5.8.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php
|
|
phpmyadmin>=4<4.0.4.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php
|
|
bind>=9.8<9.8.5pl2 denial-of-service https://kb.isc.org/article/AA-01016
|
|
bind>=9.9<9.9.3pl2 denial-of-service https://kb.isc.org/article/AA-01016
|
|
py{26,27,32,33}-django<1.6 sensitive-information-exposure http://secunia.com/advisories/54197/
|
|
gnupg<1.4.14 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242
|
|
libgcrypt<1.5.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242
|
|
typo3<4.5.29 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/
|
|
typo3>=4.7<4.7.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/
|
|
typo3>=6.0<6.0.8 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/
|
|
typo3>=6.1<6.1.3 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/
|
|
libvirt-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4153
|
|
libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4154
|
|
apache-2.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
samba<3.5.22 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124
|
|
samba>3.6<3.6.17 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124
|
|
putty<0.62nb10 heap-overflow http://secunia.com/advisories/54354/
|
|
php{53,54}-owncloud<5.0.8 cross-site-scripting http://secunia.com/advisories/54357/
|
|
firefox<23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox23
|
|
firefox17<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8
|
|
thunderbird<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.8
|
|
seamonkey<2.20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.20
|
|
xulrunner17<17.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html
|
|
xulrunner<23 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html
|
|
cacti<0.8.8b sql-injection http://secunia.com/advisories/54386/
|
|
filezilla<3.7.2 multiple-vulnerabilities http://secunia.com/advisories/54415/
|
|
libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233
|
|
libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234
|
|
vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233
|
|
vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234
|
|
vlc<2.0.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
|
|
chrony<1.29 multiple-vulnerabilities http://secunia.com/advisories/54385/
|
|
polarssl<1.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4623
|
|
dovecot>=2<2.2.5 denial-of-service http://secunia.com/advisories/54438/
|
|
libvirt-[0-9]* denial-of-service http://secunia.com/advisories/54400/
|
|
python26<2.6.8nb4 ssl-certificate-spoofing http://secunia.com/advisories/54393/
|
|
python27<2.7.5nb1 ssl-certificate-spoofing http://secunia.com/advisories/54393/
|
|
python32-[0-9]* ssl-certificate-spoofing http://secunia.com/advisories/54393/
|
|
python33<3.3.3 ssl-certificate-spoofing http://secunia.com/advisories/54393/
|
|
php>=5.3<5.3.27nb2 ssl-certificate-spoofing http://secunia.com/advisories/54480/
|
|
php>=5.4<5.4.17nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/
|
|
php>=5.5<5.5.1nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/
|
|
ruby193-puppet<3.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
|
|
phpmyadmin<4.0.5 clickjacking-attack http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php
|
|
py{26,27,32,33}-django>=1.5<1.5.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249
|
|
py{26,27,32,33}-django<1.4.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249
|
|
xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html
|
|
xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html
|
|
xenkernel42<4.2.5 denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html
|
|
ffmpeg1<1.2.12 denial-of-service http://secunia.com/advisories/54389/
|
|
ffmpeg010<20150312.0.10.16 denial-of-service http://secunia.com/advisories/54389/
|
|
ffmpeg2<2.1 denial-of-service http://secunia.com/advisories/54389/
|
|
py{26,27,32,33}-graphite-web<0.9.11 remote-system-access http://secunia.com/advisories/54556/
|
|
ffmpeg2<2.0.1 denial-of-service http://secunia.com/advisories/54541/
|
|
ruby1{8,9,93}-puppet<3.2.4 multiple-vulnerabilities http://secunia.com/advisories/54623/
|
|
cacti<0.8.8b multiple-vulnerabilities http://secunia.com/advisories/54531/
|
|
asterisk>=1.8.17<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html
|
|
asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html
|
|
asterisk>=1.8<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html
|
|
asterisk>=10.0<10.12.3 information-disclosure http://downloads.digium.com/pub/security/AST-2013-005.html
|
|
asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html
|
|
roundcube<0.9.3 cross-site-scripting http://secunia.com/advisories/54536/
|
|
tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231
|
|
tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232
|
|
tiff<4.0.3nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243
|
|
ImageMagick<6.7.8.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4298
|
|
mediawiki<1.21.2 multiple-vulnerabilities http://secunia.com/advisories/54715/
|
|
mediawiki<1.21.2 remote-security-bypass http://secunia.com/advisories/54723/
|
|
ansible<1.2.3 symlink-attack http://secunia.com/advisories/54686/
|
|
typo3>=6.0<6.0.9 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/
|
|
typo3>=6.1<6.1.4 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/
|
|
py{26,27,32,33}-OpenSSL<0.13.1 information-disclosure http://secunia.com/advisories/54691/
|
|
moodle<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/54693/
|
|
wireshark<1.10.2 multiple-vulnerabilities http://secunia.com/advisories/54765/
|
|
adobe-flash-plugin<11.2.202.310 system-compromise http://www.adobe.com/support/security/bulletins/apsb13-21.html
|
|
wordpress<3.6.1 multiple-vulnerabilities http://secunia.com/advisories/54803/
|
|
py{26,27,32,33}-django>=1.5<1.5.3 sensitive-information-disclosure http://secunia.com/advisories/54772/
|
|
py{26,27,32,33}-django<1.4.7 sensitive-information-disclosure http://secunia.com/advisories/54772/
|
|
xentools41<4.1.6.1 denial-of-service http://secunia.com/advisories/54593/
|
|
xentools42<4.2.3 denial-of-service http://secunia.com/advisories/54593/
|
|
py{26,27,32,33}-django>=1.5<1.5.4 denial-of-service http://secunia.com/advisories/54815/
|
|
py{26,27,32,33}-django<1.4.8 denial-of-service http://secunia.com/advisories/54815/
|
|
ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54857/
|
|
firefox<24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox24
|
|
firefox17<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9
|
|
thunderbird<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.9
|
|
seamonkey<2.21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.21
|
|
xulrunner17<17.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html
|
|
xulrunner<24 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html
|
|
mplayer<1.1.1 remote-data-manipulation http://secunia.com/advisories/54871/
|
|
hplip<3.13.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325
|
|
polkit<0.112 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288
|
|
ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54921/
|
|
libvirt-0.[0-9]* denial-of-service http://secunia.com/advisories/54804/
|
|
ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54972/
|
|
ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54967/
|
|
ruby1{8,9,93}-rubygems<2.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363
|
|
ruby193-base<1.9.3p448nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363
|
|
ruby200-base<2.0.0p247nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363
|
|
ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55122/
|
|
vino<3.9.92 denial-of-service http://secunia.com/advisories/54995/
|
|
xenkernel41<4.1.6.1nb1 information-leak http://secunia.com/advisories/54838/
|
|
xenkernel42<4.2.4 information-leak http://secunia.com/advisories/54838/
|
|
xenkernel33-[0-9]* information-leak http://secunia.com/advisories/54838/
|
|
librsvg<2.36.4nb6 information-disclosure http://secunia.com/advisories/55088/
|
|
gnupg<1.4.15 denial-of-service http://secunia.com/advisories/55071/
|
|
gnupg2<2.0.22 denial-of-service http://secunia.com/advisories/55071/
|
|
dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-4421
|
|
dropbear<2013.59 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2013-4434
|
|
nss<3.15.2 uninitialized-memory-read http://secunia.com/advisories/55050/
|
|
libtar-[0-9]* data-manipulation http://secunia.com/advisories/55138/
|
|
libvirt-1.[0-9]* denial-of-service http://secunia.com/advisories/55202/
|
|
libtar<1.2.20 arbitrary-code-execution http://secunia.com/advisories/55188/
|
|
ap{2,22}-fcgid<2.3.9 buffer-overflow http://secunia.com/advisories/55197/
|
|
vino<3.9.92 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745
|
|
libvirt-1.[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54786/
|
|
isync<1.0.6 man-in-the-middle-attack http://secunia.com/advisories/55190/
|
|
xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55229/
|
|
xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55239/
|
|
modular-xorg-server<1.12.4nb3 system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396
|
|
polarssl<1.2.9 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5915
|
|
ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55293/
|
|
py{26,27,32,33}-scipy<0.12.1 privilege-escalation http://secunia.com/advisories/55256/
|
|
opera<12.16 unknown-impact http://www.opera.com/docs/changelogs/unified/1216/
|
|
sun-{jdk,jre}6<6.0.65 multiple-vulnerabilities http://secunia.com/advisories/55315/
|
|
sun-{jdk,jre}7<7.0.45 multiple-vulnerabilities http://secunia.com/advisories/55315/
|
|
openjdk7{,-bin}<1.7.45 multiple-vulnerabilities http://secunia.com/advisories/55315/
|
|
icu<51.2nb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924
|
|
ruby1{8,9,93}-actionmailer<3.2.15 denial-of-service http://secunia.com/advisories/55240/
|
|
openldap-server<2.4.39nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449
|
|
mysql-server>=5.1<5.1.71 multiple-vulnerabilities http://secunia.com/advisories/55327/
|
|
mysql-server>=5.5<5.5.33 multiple-vulnerabilities http://secunia.com/advisories/55327/
|
|
mysql-server>=5.6<5.6.13 multiple-vulnerabilities http://secunia.com/advisories/55327/
|
|
nodejs<0.10.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450
|
|
ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55234/
|
|
roundcube<0.9.5 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6172
|
|
ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55460/
|
|
mantis<1.2.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4460
|
|
firefox<25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox25
|
|
firefox24<24.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1
|
|
firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10
|
|
thunderbird<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.10
|
|
seamonkey<2.22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.22
|
|
xulrunner17<17.0.10 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html
|
|
xulrunner<25 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html
|
|
poppler-utils<0.24.3 format-string http://secunia.com/advisories/55258/
|
|
php{53,54,55}-tiki6<6.13 multiple-vulnerabilities http://secunia.com/advisories/55403/
|
|
varnish<3.0.5 denial-of-service http://secunia.com/advisories/55452/
|
|
ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55504/
|
|
wireshark<1.10.3 multiple-vulnerabilities http://secunia.com/advisories/55492/
|
|
xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55200/
|
|
xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55200/
|
|
xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/55200/
|
|
python26-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
openssh>=6.2<6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548
|
|
samba<3.6.20 security-bypass http://www.samba.org/samba/security/CVE-2013-4475
|
|
samba>=4<4.1.1 security-bypass http://www.samba.org/samba/security/CVE-2013-4475
|
|
samba>=4<4.1.1 sensitive-information-exposure http://www.samba.org/samba/security/CVE-2013-4476
|
|
xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55398/
|
|
xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55398/
|
|
blender<2.71 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5105
|
|
freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547
|
|
adobe-flash-plugin<11.2.202.327 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-26.html
|
|
libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629
|
|
lighttpd<1.4.34 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559
|
|
salt<0.17.1 multiple-vulnerabilities http://secunia.com/advisories/55625/
|
|
mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418
|
|
mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800
|
|
mediawiki<1.21.3 multiple-vulnerabilities http://secunia.com/advisories/55743/
|
|
nss<3.15.3 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741
|
|
nss<3.14.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605
|
|
nss<3.15.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606
|
|
drupal<6.29 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003
|
|
drupal>=7.0<7.24 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003
|
|
python26<2.6.9 multiple-vulnerabilities http://www.python.org/getit/releases/2.6.9/
|
|
nginx>=0.8.41<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
|
|
nginx>=1.5<1.5.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547
|
|
ruby193-base<1.9.3p484 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
|
|
ruby200-base<2.0.0p353 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/
|
|
dovecot>=2<2.2.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6171
|
|
unrealircd<3.2.10.2 multiple-vulnerabilities http://secunia.com/advisories/55839/
|
|
moodle<2.5.3 multiple-vulnerabilities http://secunia.com/advisories/55835/
|
|
thunderbird<24.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.1.1
|
|
jetty<7.6.14 remote-security-bypass http://secunia.com/advisories/55861/
|
|
subversion{,-base}<1.8.5 remote-security-bypass http://secunia.com/advisories/55855/
|
|
php{53,54,55}-owncloud<5.0.13 remote-security-bypass http://secunia.com/advisories/55792/
|
|
xenkernel42<4.2.4 privilege-escalation http://secunia.com/advisories/55650/
|
|
ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/55802/
|
|
openttd<1.3.3 denial-of-service http://secunia.com/advisories/55589/
|
|
ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/55854/
|
|
links{,-gui}<2.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6050
|
|
gimp<2.8.10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978
|
|
pixman<0.32.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425
|
|
ruby{193,200}-i18n<0.6.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492
|
|
libmicrohttpd<0.9.32 multiple-vulnerabilities http://secunia.com/advisories/55903/
|
|
ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/55946/
|
|
ffmpeg010<20140629.0.10.14 multiple-vulnerabilities http://secunia.com/advisories/55946/
|
|
ffmpeg2<2.2 multiple-vulnerabilities http://secunia.com/advisories/55946/
|
|
openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447
|
|
openjpeg<1.5.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045
|
|
openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052
|
|
openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053
|
|
openjpeg<1.5.2 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054
|
|
openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887
|
|
xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885
|
|
xenkernel41<4.1.6.1nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885
|
|
typo3<4.5.32 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
|
|
typo3>=4.7<4.7.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
|
|
typo3>=6.0<6.0.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
|
|
typo3>=6.1<6.1.7 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/
|
|
gimp<2.8.10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913
|
|
libwebp<0.2.1 remote-system-access http://secunia.com/advisories/55951/
|
|
xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6400
|
|
firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10
|
|
thunderbird17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
thunderbird17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2
|
|
thunderbird<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2
|
|
seamonkey<2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.23
|
|
xulrunner17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xulrunner17-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html
|
|
xulrunner24<24.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html
|
|
xulrunner<26 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html
|
|
modular-xorg-server<1.12.4nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424
|
|
adobe-flash-plugin<11.2.202.332 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-28.html
|
|
samba>=3.4.0<3.6.22 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408
|
|
samba>=4<4.1.3 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408
|
|
net-snmp<5.7.2nb5 denial-of-service http://secunia.com/advisories/55804/
|
|
ruby{193,200}-rails<3.2.16 multiple-vulnerabilities http://secunia.com/advisories/55864/
|
|
php>=5.3<5.3.28 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
|
|
php>=5.4<5.4.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
|
|
php>=5.5<5.5.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420
|
|
asterisk>=1.8<1.8.24.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html
|
|
asterisk>=10.0<10.12.4 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html
|
|
asterisk>=11.0<11.6.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html
|
|
asterisk>=1.8<1.8.24.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html
|
|
asterisk>=10.0<10.12.4 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html
|
|
asterisk>=11.0<11.6.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html
|
|
asterisk>=10<11 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php{53,54,55}-piwigo-[0-9]* cross-site-scripting http://secunia.com/advisories/56099/
|
|
wireshark<1.10.4 denial-of-service http://secunia.com/advisories/56097/
|
|
qt4-libs<4.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549
|
|
gnumeric<1.12.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6836
|
|
firefox<26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox26
|
|
firefox24<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.2
|
|
gnupg<1.4.16 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576
|
|
py{33,32,27,26}-denyhosts<2.6nb4 denial-of-service http://seclists.org/oss-sec/2013/q4/535
|
|
libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56245/
|
|
ruby{193,200}-will-paginate<3.0.5 cross-site-scripting http://secunia.com/advisories/56180/
|
|
ruby{193,200}-nokogiri<1.5.11 denial-of-service http://secunia.com/advisories/56179/
|
|
ruby{19,193,200}-puppet<3.4.1 insecure-temp-file http://secunia.com/advisories/56253/
|
|
icinga-base<1.8.5 multiple-vulnerabilities https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/
|
|
memcached<1.4.17 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239
|
|
poppler<0.24.5 denial-of-service http://secunia.com/advisories/56268/
|
|
openssl<1.0.1f denial-of-service http://secunia.com/advisories/56286/
|
|
graphviz<2.34.0nb4 buffer-overflow http://secunia.com/advisories/55666/
|
|
mapserver<6.4.1 arbitrary-sql-injection http://secunia.com/advisories/56155/
|
|
nagios-base-<3.5.0nb2 denial-of-service http://secunia.com/advisories/55976/
|
|
p5-Proc-Daemon<0.14nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7135
|
|
libXfont>=1.1<1.4.6nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462
|
|
kwallet<4.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252
|
|
freerdp-[0-9]* unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0791
|
|
ntp<4.2.7p26 traffic-amplification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211
|
|
flite<2.1 local-symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027
|
|
libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56186/
|
|
ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56352/
|
|
py{33,32,27,26}-jinja2<2.7.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1402
|
|
bind<9.6.3.1.ESV.10pl2 denial-of-service https://kb.isc.org/article/AA-01078
|
|
bind>=9.7<9.8.6pl2 denial-of-service https://kb.isc.org/article/AA-01078
|
|
bind>=9.9<9.9.4pl2 denial-of-service https://kb.isc.org/article/AA-01078
|
|
suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6449.html
|
|
suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6450.html
|
|
nss<3.15.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740
|
|
libxslt<1.1.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520
|
|
sun-{jdk,jre}7<7.0.51 multiple-vulnerabilities http://secunia.com/advisories/56485/
|
|
openjdk7{,-bin}<1.7.51 multiple-vulnerabilities http://secunia.com/advisories/56485/
|
|
libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56321/
|
|
suse{,32}_x11<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2013-6462.html
|
|
ejabberd<2.1.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6169
|
|
ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56414/
|
|
drupal<6.30 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001
|
|
drupal>=7.0<7.26 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001
|
|
ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56525/
|
|
moodle<2.5.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0009
|
|
moodle<2.5.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0010
|
|
mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6451
|
|
mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6452
|
|
mediawiki<1.21.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2013-6453
|
|
mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6454
|
|
mediawiki<1.21.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-6472
|
|
mysql-server>=5.1<5.1.73 multiple-vulnerabilities http://secunia.com/advisories/56491/
|
|
mysql-server>=5.5<5.5.35 multiple-vulnerabilities http://secunia.com/advisories/56491/
|
|
mysql-server>=5.6<5.6.15 multiple-vulnerabilities http://secunia.com/advisories/56491/
|
|
jenkins-[0-9]* script-insertion http://secunia.com/advisories/56152/
|
|
hplip<3.14.1 multiple-vulnerabilities http://secunia.com/advisories/53644/
|
|
mupdf<1.3nb2 buffer-overflow http://secunia.com/advisories/56538/
|
|
xenkernel42<4.2.4 memory-corruption http://lists.xen.org/archives/html/xen-announce/2014-01/msg00001.html
|
|
xenkernel41<4.1.6.1nb6 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html
|
|
xenkernel42<4.2.4 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html
|
|
contao211<2.11.14 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860
|
|
contao31-[0-9]* php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860
|
|
contao32<3.2.5 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860
|
|
libyaml<0.1.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393
|
|
p5-YAML-LibYAML<0.41nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393
|
|
firefox17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1
|
|
firefox17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox24<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.3
|
|
firefox<27 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox27
|
|
thunderbird<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.3
|
|
seamonkey<2.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.24
|
|
xulrunner24<24.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html
|
|
xulrunner<27 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html
|
|
libpurple<2.10.8 multiple-vulnerabilities http://secunia.com/advisories/56693/
|
|
VLC<2.1.2 remote-system-access http://secunia.com/advisories/56676/
|
|
adobe-flash-plugin<11.2.202.335 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-02.html
|
|
adobe-flash-plugin<11.2.202.336 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-04.html
|
|
curl>=7.10.6<7.35.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015
|
|
mpg123>1.14<1.18.0 remote-system-access http://secunia.com/advisories/56729/
|
|
apache-tomcat>=6<6.0.39 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571
|
|
mysql-client<5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
|
|
mysql-client>5.5<5.5.37 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
|
|
mysql-client>5.6<5.6.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001
|
|
mediawiki<1.21.5 multiple-vulnerabilities http://secunia.com/advisories/56695/
|
|
ruby{19,193,200}-puppet<3.1.2 denial-of-service http://secunia.com/advisories/56670/
|
|
py{33,32,27,26}-denyhosts<2.6nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890
|
|
python27<2.7.6nb1 remote-system-access http://secunia.com/advisories/56624/
|
|
python31-[0-9]* remote-system-access http://secunia.com/advisories/56624/
|
|
python32-[0-9]* remote-system-access http://secunia.com/advisories/56624/
|
|
python33<3.3.3nb1 remote-system-access http://secunia.com/advisories/56624/
|
|
python31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
horde-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1691
|
|
apache-tomcat>=7<7.0.51 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
|
|
ap{2,22,24}-subversion<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032
|
|
python32-[0-9]* denial-of-service http://secunia.com/advisories/56627/
|
|
python33<3.3.4 denial-of-service http://secunia.com/advisories/56627/
|
|
py{33,32,27,26}-logilab-common-[0-9]* insecure-temp-file http://secunia.com/advisories/56720/
|
|
xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html
|
|
xenkernel42<4.2.4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html
|
|
xenkernel42<4.2.4 multiple-vulnerabilities http://xenbits.xenproject.org/xsa/advisory-85.html
|
|
mantis<1.2.16 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-001.html
|
|
contao211<2.11.14 multiple-vulnerabilities http://secunia.com/advisories/56755/
|
|
contao32>=3<3.2.5 multiple-vulnerabilities http://secunia.com/advisories/56755/
|
|
contao210-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
contao29-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
contao30-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
contao31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958
|
|
ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2030
|
|
ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56838/
|
|
ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56847/
|
|
gnutls<3.2.11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959
|
|
php55-gd<5.5.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7226
|
|
ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56971/
|
|
icinga-base<1.9.5 buffer-overflow https://www.icinga.org/2014/02/11/bugfix-releases-1-10-3-1-9-5-1-8-6/
|
|
maradns<2.0.09 denial-of-service http://secunia.com/advisories/57033/
|
|
png<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954
|
|
flite<1.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027
|
|
socat<1.7.2.3 buffer-overflow http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt
|
|
file<5.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
|
|
file<5.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
|
|
ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56987/
|
|
ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/57066/
|
|
freeradius<2 denial-of-service http://secunia.com/advisories/56956/
|
|
freeradius>=2<2.2.0nb8 denial-of-service http://secunia.com/advisories/56956/
|
|
ruby{193,200}-actionpack<3.2.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081
|
|
ruby{193,200}-actionpack<3.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082
|
|
adobe-flash-plugin<11.2.202.341 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-07.html
|
|
phpmyadmin<4.0.10nb1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php
|
|
phpmyadmin>=4.1<4.1.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php
|
|
postgresql84-server<8.4.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/
|
|
postgresql90-server<9.0.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/
|
|
postgresql91-server<9.1.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/
|
|
postgresql92-server<9.2.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/
|
|
postgresql93-server<9.3.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/
|
|
libvirt>=1.0.1<1.2.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6456
|
|
apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
|
|
apache-tomcat>=6<6.0.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
|
|
apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
|
|
apache-tomcat>=6.0.33<6.0.39 session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033
|
|
apache-tomcat>=7<7.0.40 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071
|
|
apache-tomcat>=7<7.0.47 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286
|
|
apache-tomcat>=7<7.0.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322
|
|
apache-tomcat>=7<7.0.50 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590
|
|
gnutls<3.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092
|
|
php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
|
|
php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
|
|
php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
|
|
libssh<0.63 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017
|
|
typo3-[0-9]* cross-site-scripting http://secunia.com/advisories/57094/
|
|
sudo<1.7.10p8 local-security-bypass http://www.sudo.ws/sudo/alerts/env_add.html
|
|
stunnel<5 multiple-vulnerabilities http://secunia.com/advisories/57118/
|
|
net-snmp<5.7.2.1 denial-of-service http://secunia.com/advisories/57124/
|
|
icedtea-web<1.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6493
|
|
png<1.6.10rc01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0333
|
|
p5-Capture-Tiny<0.24 insecure-temp-file http://secunia.com/advisories/56823/
|
|
ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/57282/
|
|
ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/57298/
|
|
ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097
|
|
ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098
|
|
ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099
|
|
ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263
|
|
ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097
|
|
ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098
|
|
ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099
|
|
ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263
|
|
wireshark<1.10.6 multiple-vulnerabilities http://secunia.com/advisories/57265/
|
|
freetype2>=2.4.12<2.5.4 arbitrary-code-execution http://secunia.com/advisories/57291/
|
|
asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html
|
|
asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html
|
|
asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html
|
|
asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html
|
|
asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html
|
|
asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html
|
|
asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-003.html
|
|
asterisk>=12.0<12.1.0 denial-of-service http://downloads.digium.com/pub/security/AST-2014-004.html
|
|
php{53,54,55}-orangehrm<3.1.2 cross-site-scripting http://secunia.com/advisories/57206/
|
|
mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2242
|
|
mediawiki<1.22.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2243
|
|
mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2244
|
|
squid<3.4.4 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
|
|
adobe-flash-plugin<11.2.202.346 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-08.html
|
|
mutt>=1.5<1.5.23 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467
|
|
lighttpd<1.4.35 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323
|
|
lighttpd<1.4.35 path-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324
|
|
php{53,54,55}-owncloud<6.0.2 multiple-vulnerabilities http://secunia.com/advisories/57283/
|
|
php55-gd<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7327
|
|
php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
|
|
php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
|
|
php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
|
|
samba-3.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
samba>=3.4<3.6.23 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496
|
|
imapsync<=1.564 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4279
|
|
imapsync<1.584 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2014
|
|
gnutls<2.7.6 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138
|
|
oath-toolkit<2.4.1 unauthorized-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7322
|
|
suse{,32}_openssl<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-4353.html
|
|
suse{,32}_x11<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-6425.html
|
|
suse{,32}_libpng<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6954.html
|
|
suse{,32}_qt4<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-4549.html
|
|
suse{,32}_libpng>=13.1<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-0333.html
|
|
php53-gd<5.3.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
|
|
php54-gd<5.4.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
|
|
php55-gd<5.5.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
|
|
moodle<2.5.5 multiple-vulnerabilities http://secunia.com/advisories/57331/
|
|
mutt-kz<1.5.22.1rc1nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467
|
|
firefox<28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox28
|
|
firefox24<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.4
|
|
thunderbird<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.4
|
|
seamonkey<2.25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.25
|
|
apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
|
|
apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
|
|
apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
|
|
apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
|
|
xulrunner24<24.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html
|
|
xulrunner<28 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html
|
|
jansson<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6401
|
|
ruby{193,200,21}-rack-ssl<1.3.3nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2538
|
|
nss<3.16 multiple-vulnerabilities http://secunia.com/advisories/57465/
|
|
openssl>=1.0.1<1.0.1fnb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
|
|
openssh<6.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
|
|
cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
|
|
cacti<0.8.8c cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327
|
|
cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
|
|
icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7106
|
|
icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7108
|
|
php>=5.4<5.4.26nb2 denial-of-service http://secunia.com/advisories/57564/
|
|
php>=5.5<5.5.10nb2 denial-of-service http://secunia.com/advisories/57564/
|
|
claws-mail-vcalendar<3.10.0 remote-spoofing http://secunia.com/advisories/57336/
|
|
claws-mail-rssyl<3.10.0 remote-spoofing http://secunia.com/advisories/57336/
|
|
libyaml<0.1.5nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525
|
|
p5-YAML-LibYAML<0.41nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525
|
|
curl<7.36.0 multiple-vulnerabilities http://secunia.com/advisories/57434/
|
|
couchdb<1.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2668
|
|
ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7009
|
|
ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7010
|
|
ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7014
|
|
ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7015
|
|
ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7018
|
|
ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7023
|
|
ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098
|
|
ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099
|
|
ffmpeg010<20140310.0.10.12 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263
|
|
{ap22,ap24}-modsecurity<2.7.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705
|
|
a2ps<4.14nb6 multiple-vulnerabilities http://secunia.com/advisories/57663/
|
|
sylpheed<3.3.1 buffer-overflow http://secunia.com/advisories/57584/
|
|
suse{,32}_openssl<13.1nb3 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0076.html
|
|
PAM-[0-9]* security-bypass http://secunia.com/advisories/57317/
|
|
icinga-base<1.9.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386
|
|
prosody<0.9.4 denial-of-service http://blog.prosody.im/prosody-0-9-4-released/
|
|
lua-expat<1.3.0 denial-of-service http://matthewwild.co.uk/projects/luaexpat/index.html#history
|
|
openssl>=1.0.1<1.0.1g sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
|
|
suse{,32}_openssl>=12.3<13.1nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0160.html
|
|
cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
|
|
cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
|
|
adobe-flash-plugin<11.2.202.350 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-09.html
|
|
jbigkit<2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369
|
|
wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/
|
|
php{53,54,55}-ja-wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/
|
|
wireshark<1.10.4 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2014-05.html
|
|
py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932
|
|
py{27,26}-imaging<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932
|
|
py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933
|
|
py{27,26}-imaging-<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933
|
|
suse{,32}_libcurl<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2014-0138.html
|
|
suse{,32}_libcurl<13.1nb3 ssl-certificate-spoofing http://support.novell.com/security/cve/CVE-2014-0139.html
|
|
dillo<3.0.4 arbitrary-code-execution http://secunia.com/advisories/57797/
|
|
openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447
|
|
openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4289
|
|
openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4290
|
|
openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045
|
|
openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052
|
|
openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053
|
|
openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054
|
|
openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6087
|
|
cups<1.5.4nb11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856
|
|
openafs<1.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159
|
|
openafs>=1.7<1.7.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159
|
|
openssh<6.6.1nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
|
|
file<5.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
|
|
nagios-base<3.5.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386
|
|
qemu>=1.4.0<1.7.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377
|
|
libmms<0.6.4 buffer-overflow http://secunia.com/advisories/57875/
|
|
sun-{jdk,jre}7<7.0.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA
|
|
openjdk7{,-bin}<1.7.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA
|
|
mysql-server>5.5<5.5.37 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL
|
|
mysql-server>5.6<5.6.17 arbitrary-code-execution http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL
|
|
qemu<2.0 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894
|
|
qemu<2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544
|
|
json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370
|
|
json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371
|
|
rsync<3.1.0nb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855
|
|
suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6370.html
|
|
suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6371.html
|
|
wireshark<1.10.7 denial-of-service http://secunia.com/advisories/58217/
|
|
bugzilla>=4.5<4.5.3 spoofing-attack http://secunia.com/advisories/58059/
|
|
bugzilla>=4.4<4.4.3 spoofing-attack http://secunia.com/advisories/58059/
|
|
bugzilla>=4.2<4.2.8 spoofing-attack http://secunia.com/advisories/58059/
|
|
bugzilla>=4.0<4.0.12 spoofing-attack http://secunia.com/advisories/58059/
|
|
drupal>=6<6.31 sensitive-information-disclosure http://secunia.com/advisories/58132
|
|
drupal>=7<7.27 sensitive-information-disclosure http://secunia.com/advisories/58132
|
|
qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4151
|
|
qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4535
|
|
qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4536
|
|
qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6399
|
|
qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0182
|
|
gnustep-base<1.24.0nb11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2980
|
|
poco<1.4.6p4 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0350
|
|
mediawiki<1.22.6 script-insertion-vulnerability http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-April/000149.html
|
|
adobe-flash-plugin<11.2.202.356 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
|
|
firefox<29 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox29
|
|
firefox24<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.5
|
|
thunderbird<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.5
|
|
seamonkey<2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26
|
|
xulrunner24<24.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html
|
|
xulrunner<29 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html
|
|
synergy<1.4.14 sensitive-information-disclosure http://synergy-foss.org/blog/synergy-1-4-14/
|
|
py{33,32,27,26}-lxml<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146
|
|
knot<1.4.5 signature-spoofing https://www.knot-dns.cz/
|
|
suse{,32}_openssl<13.1nb6 denial-of-service http://support.novell.com/security/cve/CVE-2010-5298.html
|
|
suse{,32}_mozilla-nss<13.1nb2 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-1492.html
|
|
openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
|
|
openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
|
|
python32-[0-9]* insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667
|
|
python33<3.3.5nb2 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667
|
|
python34<3.4.0nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667
|
|
python32-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7354.html
|
|
suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7353.html
|
|
python33<3.3.4rc1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7338
|
|
python26-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
|
|
python27<2.7.6nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
|
|
python32-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
|
|
python33<3.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
|
|
python34<3.4rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
|
|
cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588
|
|
cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589
|
|
cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588
|
|
cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589
|
|
cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326
|
|
cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328
|
|
cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708
|
|
cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709
|
|
sks<1.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3207
|
|
openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
|
|
openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
|
|
libxml2<2.9.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191
|
|
suse{,32}_libxml2<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html
|
|
openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
|
|
sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
|
|
sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
|
|
openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
|
|
sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
|
|
sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
|
|
sun-{jre,jdk}15<5.0.51 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
|
|
sun-{jre,jdk}15>=5.0.55<5.0.56 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
|
|
sun-{jre,jdk}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
|
|
openssl>=1.0.0<1.0.0l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
|
|
openssl>=1.0.1<1.0.1f man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
|
|
p5-LWP-Protocol-https>=6.04<6.04nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230
|
|
p5-LWP-Protocol-https>=6.06<6.06nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230
|
|
jpeg>=6b<6c sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629
|
|
libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
|
|
sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428
|
|
openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428
|
|
sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428
|
|
sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428
|
|
fish>=1.16.0<2.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2905
|
|
fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2906
|
|
fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2914
|
|
fish<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-3856
|
|
tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
|
|
libvirt>=0.7.5<1.2.5 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179
|
|
rxvt-unicode<9.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3121
|
|
mediawiki<1.19.14 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665
|
|
mediawiki>=1.20<1.21 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665
|
|
mediawiki>=1.21<1.21.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665
|
|
mediawiki>=1.22<1.22.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665
|
|
ruby{193,200,21}-actionpack>=3.2<3.2.18 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
|
|
bind>=9.10<9.10.0pl1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
|
|
sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
|
|
openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
|
|
sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428
|
|
libvirt<1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7336
|
|
png<1.5.14beta08 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353
|
|
png<1.5.14rc03 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354
|
|
py{34,33,32,27,26}-jinja2<2.7.2nb1 temporary-files-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0012
|
|
emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
|
|
emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
|
|
emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
|
|
emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
|
|
emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
|
|
emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
|
|
emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
|
|
emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
|
|
emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424
|
|
emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424
|
|
emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424
|
|
emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424
|
|
adobe-flash-plugin<11.2.202.359 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-14.html
|
|
suse{,32}_openssl<13.1nb7 denial-of-service http://support.novell.com/security/cve/CVE-2014-0198.html
|
|
qt4-libs<4.8.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190
|
|
qt5-qtbase<5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190
|
|
libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209
|
|
libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210
|
|
libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211
|
|
ldns<1.6.16nb4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209
|
|
php53-fpm-[0-9]* local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
|
|
php54-fpm<5.4.28 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
|
|
php55-fpm<5.5.12 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
|
|
nagios-base-<3.5.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878
|
|
icinga-base<1.9.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878
|
|
dovecot<1.2.17nb15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430
|
|
dovecot>=2<2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430
|
|
py{34,33,32,27,26}-django>=1.5<1.6.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418
|
|
py{34,33,32,27,26}-django<1.4.13 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418
|
|
py{34,33,32,27,26}-django>=1.5<1.6.5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730
|
|
py{34,33,32,27,26}-django<1.4.13 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730
|
|
php{53,54,55}-owncloud<6.0.3 unknown-impact http://secunia.com/advisories/58586/
|
|
moodle<2.5.6 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.5.6_release_notes
|
|
suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0209.html
|
|
suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0210.html
|
|
suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0211.html
|
|
typo3<4.5.34 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/
|
|
typo3>=4.7<4.7.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/
|
|
typo3>=6.0<6.0.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/
|
|
typo3>=6.1<6.1.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/
|
|
chicken<4.8.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4385
|
|
chicken<4.8.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3776
|
|
apache-tomcat>=6.0<6.0.41 multiple-vulnerabilities http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.41
|
|
apache-tomcat>=7.0<7.0.53 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.53
|
|
apache-tomcat>=6.0<6.0.39 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.39
|
|
apache-tomcat>=7.0<7.0.53 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_7.0.53
|
|
apache-tomcat>=7.0<7.0.54 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.54
|
|
gnutls<3.2.15 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
|
|
webmin<1.690 cross-site-scripting http://freecode.com/projects/webmin/releases/363920
|
|
suse{,32}_openssl<13.1nb8 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0195.html
|
|
suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-0221.html
|
|
suse{,32}_openssl<13.1nb8 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-0224.html
|
|
suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-3470.html
|
|
openssl<0.9.8za man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
|
|
openssl>=1<1.0.0m man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
|
|
openssl>=1.0.1<1.0.1h man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
|
|
openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
|
|
openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
|
|
openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
|
|
openssl<0.9.8za arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
|
|
openssl>=1<1.0.0m arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
|
|
openssl>=1.0.1<1.0.1h arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
|
|
openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
|
|
openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
|
|
openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
|
|
openssl<0.9.8za sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
|
|
openssl>=1<1.0.0m sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
|
|
py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323
|
|
py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1927
|
|
py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1928
|
|
py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929
|
|
python27<2.7.7nb1 denial-of-service http://seclists.org/oss-sec/2013/q4/558
|
|
php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
|
|
php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
|
|
php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
|
|
php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
|
|
mediawiki<1.22.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966
|
|
libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
|
|
libtasn1<3.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
|
|
libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
|
|
openpam<20140912 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3879
|
|
chkrootkit<0.50 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476
|
|
bottle<0.12.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3137
|
|
mupdf<1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2013
|
|
sendmail<8.14.9 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
|
|
dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864
|
|
dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865
|
|
firefox<30 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox30
|
|
firefox24<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6
|
|
thunderbird<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.6
|
|
xulrunner24<24.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html
|
|
xulrunner<30 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html
|
|
file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
|
|
file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
|
|
nspr<4.10.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-55.html
|
|
emacs24{,-nox11}<24.5 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423
|
|
icinga-base<1.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107
|
|
icinga-base>1.9.5<1.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107
|
|
icinga-base>1.9.5<1.10.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878
|
|
icinga-base<1.10.3 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386
|
|
tor<0.2.4.20 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295
|
|
gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351
|
|
gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351
|
|
gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
|
|
gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
|
|
py{34,33,32,27,26}-django>=1.5<1.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472
|
|
py{33,32,27,26}-django<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472
|
|
py{34,33,32,27,26}-django>=1.5<1.6.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473
|
|
py{33,32,27,26}-django<1.4.11 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473
|
|
py{33,32,27,26}-django<1.4.11 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474
|
|
adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-16.html
|
|
php{53,54,55}-soycms<=1.4.0c cross-site-scripting http://jvn.jp/en/jp/JVN54650130/index.html
|
|
asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-005.html
|
|
asterisk>=11.0<11.10.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html
|
|
asterisk>=12.0<12.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html
|
|
asterisk>=1.8<1.8.28.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html
|
|
asterisk>=11.0<11.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html
|
|
asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html
|
|
asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-008.html
|
|
libarchive>=2.9<3.1.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1779
|
|
bind>=9.10<9.10.0pl2 denial-of-service https://kb.isc.org/article/AA-01166/0/CVE-2014-3859%3A-BIND-named-can-crash-due-to-a-defect-in-EDNS-printing-processing.html
|
|
ruby18-puppet<3.6.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248
|
|
ruby18-hiera<1.3.4 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248
|
|
ruby18-mcollective<2.5.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248
|
|
wireshark>=1.10.0<1.10.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2014-07.html
|
|
ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240
|
|
ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242
|
|
suse{,32}_base<13.1nb10 denial-of-service http://support.novell.com/security/cve/CVE-2014-4043.html
|
|
xalan-j>=2.7.0<2.7.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107
|
|
gnutls>=3.0<3.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
|
|
gnutls>=3.2<3.2.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
|
|
lighttpd<1.4.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560
|
|
lighttpd>=1.4.24<1.4.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508
|
|
suse{,32}_mozilla-nspr<13.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1545.html
|
|
mysql-client-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mysql-server-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel33-[0-9]* sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html
|
|
xenkernel41<4.1.6.1nb1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html
|
|
xenkernel42<4.2.5 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html
|
|
suse{,32}_libdbus<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-3477.html
|
|
memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179
|
|
memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290
|
|
memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291
|
|
kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527
|
|
kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528
|
|
seamonkey<2.26.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26.1
|
|
iodine<0.7.0 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4168
|
|
samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493
|
|
samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
|
|
p5-Email-Address<1.905 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477
|
|
php>=5.4<5.4.30 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
|
|
php>=5.5<5.5.14 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
|
|
nagios-plugins<2.0.2 sensitive-information-disclosure http://seclists.org/fulldisclosure/2014/May/74
|
|
openafs>=1.6.8<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044
|
|
gnupg2<2.0.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
|
|
gnupg<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
|
|
php-5.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php{53,54,55}-piwigo<2.6.3 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4649
|
|
kdelibs4<4.13.3 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3494
|
|
php>=5.4<5.4.30 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.4.30
|
|
php>=5.5<5.5.14 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.5.14
|
|
php{53,54,55}-owncloud<6.0.4 unknown-impact http://secunia.com/advisories/59543/
|
|
python27<2.7.7nb2 directory-traversal http://bugs.python.org/issue21766
|
|
python32-[0-9]* directory-traversal http://bugs.python.org/issue21766
|
|
python33<3.3.5nb4 directory-traversal http://bugs.python.org/issue21766
|
|
python34<3.4.1nb1 directory-traversal http://bugs.python.org/issue21766
|
|
lzo<2.0.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607
|
|
pulseaudio<5.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970
|
|
cacti<0.8.8c multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
|
|
dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532
|
|
dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3533
|
|
libreoffice4>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247
|
|
libreoffice4-bin>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247
|
|
adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-17.html
|
|
suse{,32}_base<13.1nb5 directory-traversal http://support.novell.com/security/cve/CVE-2014-0475.html
|
|
openttd>=0.3.6<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6411
|
|
vlc<2.0.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
|
|
vlc<2.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
|
|
dbus>1.6.20<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477
|
|
dbus<1.6.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477
|
|
php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
|
|
php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
|
|
php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
|
|
php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
|
|
file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
|
|
file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
|
|
file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
|
|
file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
|
|
ffmpeg<20140623.1.2.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263
|
|
ffmpeg2<2.2.4 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263
|
|
ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4609
|
|
ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
|
|
file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
|
|
php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
|
|
php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
|
|
phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php
|
|
phpmyadmin>=4.1<4.1.14.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php
|
|
phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php
|
|
samba>=3.6.6<3.6.24 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
|
|
samba>=4.1<4.1.8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
|
|
ruby{193,200,21}-activerecord>=3.2<3.2.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482
|
|
transmission<2.84 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4909
|
|
polarssl<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4911
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
|
|
sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263
|
|
openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208
|
|
ruby1{8,9,93}-rubygems<1.8.23 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2125
|
|
ruby1{8,9,93}-rubygems<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287
|
|
ruby200-base<2.0.0p247nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287
|
|
ruby193-base<1.9.3p448nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287
|
|
mit-krb5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341
|
|
mit-krb5>=1.7<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342
|
|
mit-krb5>=1.10<1.10.7nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343
|
|
mit-krb5>=1.5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344
|
|
ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657
|
|
ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4678
|
|
drupal>=6<6.32 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003
|
|
drupal>=7<7.29 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003
|
|
php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
|
|
php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
|
|
mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2484
|
|
mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494
|
|
mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207
|
|
mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4214
|
|
mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4233
|
|
mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4228
|
|
mysql-server>=5.6<5.6.19 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4240
|
|
mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243
|
|
mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243
|
|
mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258
|
|
mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258
|
|
mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
|
|
mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
|
|
phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php
|
|
phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php
|
|
phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php
|
|
phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php
|
|
phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php
|
|
phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php
|
|
php>=5.5<5.5.14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
|
|
php>=5.4<5.4.30 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
|
|
php<5.3.29 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
|
|
suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3532.html
|
|
suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3533.html
|
|
apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
|
|
apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
|
|
apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523
|
|
apache>=2.4.6<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117
|
|
apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
|
|
apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
|
|
apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
|
|
apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
|
|
softhsm<1.3.7nb2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209
|
|
xpdf<3.04 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES
|
|
ansible<1.6.9 input-validation http://www.ocert.org/advisories/ocert-2014-004.html
|
|
phpmyadmin<4.2.6 multiple-vulnerabilities http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
|
|
phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
|
|
firefox<31 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox31
|
|
firefox24<24.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.7
|
|
nss<3.16.2 memory-corruption https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
|
|
cups<1.7.4 symlink-attack http://www.cups.org/str.php?L4450
|
|
exim<4.83 input-validation https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html
|
|
tor<0.2.4.23 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117
|
|
tor>=0.2.5<0.2.5.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117
|
|
mysql-server>=5.6<5.6.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
|
|
mysql-server>=5.5<5.5.39 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
|
|
mediawiki<1.22.9 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.22#MediaWiki_1.22.9
|
|
suse{,32}_mozilla-nss<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1544.html
|
|
wireshark<1.10.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html#_bug_fixes
|
|
kdelibs4<4.14 privilege-escalation http://www.kde.org/info/security/advisory-20140730-1.txt
|
|
samba>=4<4.1.11 buffer-overflow http://www.samba.org/samba/security/CVE-2014-3560
|
|
gpgme<1.4.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564
|
|
file<5.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
|
|
nginx>=1.5.6<1.6 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
|
|
nginx>=1.6<1.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
|
|
nginx>=1.7<1.7.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556
|
|
php>=5.4<5.4.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
|
|
php>=5.5<5.5.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
|
|
php{53,54,55}-owncloud<5.0.17 unspecified http://owncloud.org/changelog/
|
|
phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php
|
|
phpmyadmin>=4.2<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php
|
|
phpmyadmin>=4.1<4.1.14.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php
|
|
phpmyadmin>=4.0<4.0.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php
|
|
liblive<20131129 buffer-overflow http://live555.com/liveMedia/public/changelog.txt
|
|
nss<3.15.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491
|
|
nss<3.16 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492
|
|
gcc{,34,44,45,46,47}-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601
|
|
gcc3-c++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601
|
|
gcc48-cc++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601
|
|
gcc{,34,44,45,46,47}-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582
|
|
gcc3-c++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582
|
|
gcc48-cc++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582
|
|
ruby{18,193,200,21}-puppet<3.3.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969
|
|
ruby{18,193,200,21}-puppet>=3.4<3.4.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969
|
|
ruby{18,193,200,21}-puppet>=2.8.4<3.1.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969
|
|
ruby18-base>=1.8.7<1.8.7.331 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4481
|
|
curl>=7.27.0<7.35.1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522
|
|
openssl>=0.9.8<0.9.8zb multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt
|
|
openssl>=1.0.0<1.0.0n multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt
|
|
openssl>=1.0.1<1.0.1i multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt
|
|
suse{,32}_openssl<13.1nb9 multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt
|
|
cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029
|
|
cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030
|
|
cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031
|
|
readline>=6.2<6.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524
|
|
openssl>=0.9.8<0.9.8y sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
|
|
openssl>=1.0.0<1.0.0k sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
|
|
openssl>=1.0.1<1.0.1d sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169
|
|
durupal>=6<6.33 denial-of-service https://www.drupal.org/SA-CORE-2014-004
|
|
durupal>=7<7.31 denial-of-service https://www.drupal.org/SA-CORE-2014-004
|
|
wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
|
|
wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
|
|
php{53,54,55}-ja-wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
|
|
php{53,54,55}-ja-wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053
|
|
py{34,33,27,26}-ipython<1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3429
|
|
serf<1.3.7 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504
|
|
subversion-base>=1.8<1.8.10 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522
|
|
adobe-flash-plugin<11.2.202.400 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-18.html
|
|
suse{,32}_libtiff<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-6369.html
|
|
suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4341.html
|
|
suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4342.html
|
|
suse{,32}_krb5<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-4343.html
|
|
suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4344.html
|
|
poppler<0.13.3 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110
|
|
php-5.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
subversion-base>=1.8<1.8.10 spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528
|
|
qemu>=1.6<2.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263
|
|
py{34,33,27,26}-Pillow<2.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589
|
|
cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5261
|
|
cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5262
|
|
py{26,27}-moin<1.9.7 script-insertion-vulnerability http://moinmo.in/SecurityFixes
|
|
mit-krb5>=1.6<1.10.7nb3 buffer-overflow http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2014-001.txt
|
|
py{27,26}-imaging<1.1.7nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589
|
|
py{33,32,27,26}-django<1.4.14 multiple-vulnerabilities https://docs.djangoproject.com/en/1.4/releases/1.4.14/
|
|
py{33,32,27,26}-django>=1.5<1.6.6 multiple-vulnerabilities https://docs.djangoproject.com/en/1.6/releases/1.6.6/
|
|
phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
|
|
phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
|
|
salt<2014.1.10 data-manipulation http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html
|
|
squid<3.4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609
|
|
bozohttpd<20140708 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5015
|
|
procmail<3.22nb4 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618
|
|
firefox<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox31.1
|
|
thunderbird<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird31.1
|
|
firefox>31.1<32 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox32
|
|
firefox24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.8
|
|
thunderbird24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.8
|
|
ImageMagick<6.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958
|
|
ImageMagick<6.9 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947
|
|
ImageMagick<6.8.8 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947
|
|
php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
|
|
php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
|
|
php>=5.4<5.4.32 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
|
|
php>=5.5<5.5.16 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
|
|
php54-gd>=5.4<5.4.32 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120
|
|
php55-gd>=5.5<5.5.16 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120
|
|
net-snmp>=5.7<5.7.2.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565
|
|
net-snmp>=5.6<=5.6.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565
|
|
net-snmp>=5.5<=5.5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565
|
|
net-snmp>=5.4<=5.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565
|
|
lua51<5.1.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461
|
|
lua52>=5.2<5.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461
|
|
nodejs<0.10.30 denial-of-service http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/
|
|
thunderbird24<24.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369
|
|
thunderbird<31.5.0nb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369
|
|
seamonkey<2.32.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369
|
|
libreoffice4<4.3.1 multiple-vulnerabilities http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/
|
|
dhcpcd<6.4.3 denial-of-service http://advisories.mageia.org/MGASA-2014-0334.html
|
|
bugzilla<4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1546
|
|
libvncserver<0.9.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607
|
|
file<=5.19 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
|
|
cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537
|
|
cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029
|
|
cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030
|
|
cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031
|
|
suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-3537.html
|
|
suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5029.html
|
|
suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5030.html
|
|
suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5031.html
|
|
ruby193-base<1.9.3p547nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
|
|
ruby200-base<2.0.0p481nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
|
|
ruby21-base<2.1.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975
|
|
libgcrypt<1.5.4 side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270
|
|
pppd<2.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158
|
|
adobe-flash-plugin<11.2.202.406 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-21.html
|
|
curl<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910A.html
|
|
curl>7.31.0<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910B.html
|
|
apache-tomcat>7<7.0.40 script-insertion-vulnerability http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40
|
|
suse{,32}_base<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-5119.html
|
|
suse{,32}_base<13.1nb5 denial-of-service http://support.novell.com/security/cve/CVE-2014-6040.html
|
|
haproxy<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6269
|
|
squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_3.txt
|
|
squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_4.txt
|
|
fengoffice<2.7.0 cross-site-scripting http://sourceforge.net/projects/opengoo/files/fengoffice/fengoffice_2.7.0/
|
|
wireshark<1.10 denial-of-service https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html
|
|
asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-009.html
|
|
asterisk>=11.0<11.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html
|
|
asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html
|
|
dbus<1.8.8 arbitrary-code-execution https://bugs.freedesktop.org/show_bug.cgi?id=83622
|
|
dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=82820
|
|
dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80559
|
|
dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=81053
|
|
dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80919
|
|
nodejs<0.10.31 unspecified http://blog.nodejs.org/2014/08/19/node-v0-10-31-stable/
|
|
nginx>=1.7<1.7.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616
|
|
nginx<1.6.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616
|
|
phpmyadmin<4.2.8.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
|
|
moodle<2.7.2 security-bypass https://moodle.org/mod/forum/discuss.php?d=269590
|
|
qemu<2.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3615
|
|
bash>=4.3<4.3.025 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
|
|
bash>=4.3<4.3.025nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
|
|
xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html
|
|
xenkernel41<4.1.6.1nb11 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html
|
|
xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html
|
|
xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html
|
|
xenkernel42<4.2.5 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html
|
|
xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html
|
|
xenkernel33-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html
|
|
xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html
|
|
xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html
|
|
xenkernel3-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html
|
|
xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html
|
|
xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html
|
|
nss>=3.16.2<3.16.2.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
|
|
nss>=3.16.3<3.16.5 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
|
|
nss>=3.17<3.17.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html
|
|
mediawiki<1.23.4 filtering-bypass https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.4
|
|
libvncserver-[0-9]* multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html
|
|
perl<5.20.0nb2 stack-overflow https://www.lsexperts.de/advisories/lse-2014-06-10.txt
|
|
wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242
|
|
php{53,54,55}-ja-wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242
|
|
c-icap<2.6 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-201409-07.xml
|
|
bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
|
|
bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
|
|
libvirt>=0.7.5<1.2.5 denial-of-service http://security.libvirt.org/2014/0003.html
|
|
libvirt<1.2.9 sensitive-information-disclosure http://security.libvirt.org/2014/0004.html
|
|
mediawiki<1.23.5 cross-site-scripting https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.5
|
|
phpmyadmin<4.2.9.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php
|
|
elasticsearch<1.4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6439
|
|
xenkernel41<4.1.6.1nb12 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html
|
|
xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html
|
|
xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html
|
|
xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html
|
|
xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html
|
|
xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html
|
|
xenkernel42<4.2.5nb1 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html
|
|
bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
|
|
bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187
|
|
qemu<2.1.2 denial-of-service https://lists.gnu.org/archive/html/qemu-stable/2014-09/msg00231.html
|
|
apache>=2.4<2.4.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3581
|
|
exctags<5.8nb1 denial-of-service http://seclists.org/oss-sec/2014/q3/842
|
|
php>=5.5<5.5.18 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669
|
|
php55-exif<5.5.18 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670
|
|
php55-xmlrpc<5.5.18 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668
|
|
php>=5.4<5.4.34 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669
|
|
php54-exif<5.4.34 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670
|
|
php54-xmlrpc<5.4.34 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668
|
|
php>=5.3<5.3.29nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669
|
|
php53-exif<5.3.29nb1 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670
|
|
php53-xmlrpc<5.3.29nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668
|
|
bugzilla<4.5.6 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.14/
|
|
bash>=4.3<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
|
|
bash>=3.0<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
|
|
bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
|
|
bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
|
|
libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633
|
|
libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657
|
|
kdelibs4<4.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033
|
|
jenkins<1.565.3 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
|
|
rsyslog<8.4.2 denial-of-service http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
|
|
python26-[0-9]* integer-overflow http://bugs.python.org/issue22518
|
|
python33<3.3.6 integer-overflow http://bugs.python.org/issue22518
|
|
python27<2.7.8nb1 integer-overflow http://bugs.python.org/issue22518
|
|
python34<3.4.3 integer-overflow http://bugs.python.org/issue22520
|
|
python33<3.3.6 integer-overflow http://bugs.python.org/issue22520
|
|
adobe-flash-plugin<11.2.202.411 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-22.html
|
|
mysql-server>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
|
|
sun-{jdk,jre}7<7.0.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA
|
|
sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA
|
|
openjdk7<1.7.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA
|
|
durupal>=7<7.32 sql-injection https://www.drupal.org/SA-CORE-2014-005
|
|
openssl>=0.9.8<0.9.8zc multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt
|
|
openssl>=1.0.0<1.0.0o multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt
|
|
openssl>=1.0.1<1.0.1j multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt
|
|
wpa_supplicant<2.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
|
|
getmail<4.46.0 spoofing http://pyropus.ca/software/getmail/CHANGELOG
|
|
libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
|
|
suse{,32}_libxml2-[0-9]* denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html
|
|
python27<2.7.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185
|
|
suse{,32}_base<13.1nb6 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html
|
|
file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
|
|
libpurple<2.10.10 ssl-certificate-spoofing http://pidgin.im/news/security/?id=86
|
|
libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=87
|
|
libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=88
|
|
libpurple<2.10.10 sensitive-information-disclosure http://pidgin.im/news/security/?id=90
|
|
phpmyadmin<4.2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php
|
|
claws-mail<3.10.0 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576
|
|
ejabberd<14.07nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8760
|
|
wget<1.16 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877
|
|
ruby193-base<1.9.3p550 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
|
|
ruby200-base<2.0.0p594 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
|
|
ruby21-base<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080
|
|
tnftp<20141031 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517
|
|
wireshark<1.10.11 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710
|
|
wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711
|
|
wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712
|
|
wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713
|
|
wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714
|
|
thunderbird<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird/#thunderbird31.2
|
|
firefox>31<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox-esr/#firefoxesr31.2
|
|
libreoffice4>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/
|
|
libreoffice4-bin>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/
|
|
libreoffice4>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/
|
|
libreoffice4-bin>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/
|
|
suse{,32}_openssl<13.1nb10 multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt
|
|
qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689
|
|
qemu<2.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815
|
|
konversation>=1.5<1.5.1 denial-of-service http://openwall.com/lists/oss-security/2014/10/26/1
|
|
ffmpeg1<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/60739/
|
|
ffmpeg2<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/60739/
|
|
curl>=7.17.1<7.39.0 sensitive-information-disclosure http://curl.haxx.se/docs/adv_20141105.html
|
|
ap{22,24}-auth-mellon<0.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566
|
|
ap{22,24}-auth-mellon<0.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567
|
|
libvirt<1.2.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823
|
|
libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131
|
|
adobe-flash-plugin<11.2.202.418 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-24.html
|
|
gnutls>=3.3<3.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564
|
|
gnutls>=3.2<3.2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564
|
|
gnutls>=3.1<3.1.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564
|
|
polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627
|
|
polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627
|
|
polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628
|
|
polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628
|
|
php{53,54,55}-owncloud<5.0.18 unspecified http://owncloud.org/releases/Changelog
|
|
php{53,54,55}-owncloud>=6.0<6.0.6 unspecified http://owncloud.org/releases/Changelog
|
|
krfb<4.14.3 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html
|
|
ImageMagick<6.8.9.9 multiple-vulnerabilities http://secunia.com/advisories/61943/
|
|
GraphicsMagick<1.3.21 heap-overflow http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/
|
|
zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7202
|
|
zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7203
|
|
tcpdump>=3.8<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8769
|
|
tcpdump>=3.5.0<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8768
|
|
tcpdump>=3.9.6<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8767
|
|
xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html
|
|
xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html
|
|
xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html
|
|
xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html
|
|
xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html
|
|
moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146
|
|
moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146
|
|
moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146
|
|
moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147
|
|
moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147
|
|
moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147
|
|
moodle-2.7 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153
|
|
moodle-2.7.2 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153
|
|
moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154
|
|
moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154
|
|
moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154
|
|
moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155
|
|
moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155
|
|
moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155
|
|
moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159
|
|
moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159
|
|
moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159
|
|
moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161
|
|
moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161
|
|
moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162
|
|
moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162
|
|
moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162
|
|
moodle>=2.5<2.5.9 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163
|
|
moodle>=2.6<2.6.6 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163
|
|
moodle>=2.7<2.7.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163
|
|
moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164
|
|
moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164
|
|
moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164
|
|
clamav<0.98.5 denial-of-service https://bugzilla.clamav.net/show_bug.cgi?id=11088
|
|
drupal>=6<6.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006
|
|
drupal>=7<7.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006
|
|
asterisk>=1.8<1.8.32.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html
|
|
asterisk>=11<11.14.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html
|
|
asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-017.html
|
|
asterisk>=1.8<1.8.32.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html
|
|
asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html
|
|
wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/
|
|
php{53,54,55}-ja-wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/
|
|
dbus<1.8.10 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105
|
|
suse{,32}_libdbus-[0-9]* denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105
|
|
mit-krb5<1.10.7nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351
|
|
ruby193-base<1.9.3p551 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
|
|
ruby200-base<2.0.0p598 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
|
|
ruby21-base<2.1.5 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/
|
|
phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
|
|
phpmyadmin<4.2.12 local-file-reading http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
|
|
phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
|
|
ImageMagick<6.8.9.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716
|
|
flac<1.3.1 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-008.html
|
|
qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840
|
|
adobe-flash-plugin<11.2.202.424 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-26.html
|
|
phpmyadmin<4.2.12 input-validation http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php
|
|
pcre<8.36nb1 denial-of-service http://bugs.exim.org/show_bug.cgi?id=1546
|
|
gcpio-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9112
|
|
libksba<1.3.2 heap-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html
|
|
clamav<0.98.5 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050
|
|
mediawiki<1.23.7 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7
|
|
icecast<2.4.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018
|
|
mantis<1.2.18 arbitrary-code-execution http://seclists.org/oss-sec/2014/q4/576
|
|
mantis<1.2.18 cross-site-scripting http://seclists.org/oss-sec/2014/q4/617
|
|
mantis<1.2.18 multiple-vulnerabilities http://seclists.org/oss-sec/2014/q4/577
|
|
mantis<1.2.18 sensitive-information-disclosure http://seclists.org/oss-sec/2014/q4/623
|
|
mantis<1.2.18 sql-injection http://seclists.org/oss-sec/2014/q4/795
|
|
p5-Plack<1.0031 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5269
|
|
python{26,33}-[0-9]* arbitrary-code-execution http://bugs.python.org/issue22885
|
|
python27<2.7.9nb1 arbitrary-code-execution http://bugs.python.org/issue22885
|
|
python34<3.4.3 arbitrary-code-execution http://bugs.python.org/issue22885
|
|
libyaml<0.1.6 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1
|
|
p5-YAML-LibYAML<0.54 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1
|
|
graphviz<2.38.0nb3 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9157
|
|
p5-Mojolicious<5.48 parameter-injection http://advisories.mageia.org/MGASA-2014-0488.html
|
|
libjpeg-turbo<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092
|
|
jasper<1.900.1nb8 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html
|
|
nss<3.17.3 security-bypass https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
|
|
phpmyadmin<4.2.13.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
|
|
phpmyadmin<4.2.13.1 denial-of-service http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php
|
|
wpa_supplicant<2.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
|
|
mutt<1.5.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116
|
|
gettext-tools<0.19.4 denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769901
|
|
opera<26 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unified/2600/
|
|
firefox>=33<34 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox34
|
|
seamonkey<2.31 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.31
|
|
thunderbird<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.3
|
|
firefox31>=31<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.3
|
|
openvpn<2.3.6 denial-of-service https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
|
|
mpfr<3.1.2pl11 buffer-overflow http://www.mpfr.org/mpfr-3.1.2/#p11
|
|
getmail>=4.0.0<4.43.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7273
|
|
getmail>=4.44.0<4.45.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7274
|
|
getmail>=4.0.0<4.44.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7275
|
|
qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106
|
|
bind>=9.0<9.9.6pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500
|
|
bind>=9.10<9.10.1pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500
|
|
ap{22,24}-py{34,33,27,26}-wsgi<4.2.4 security-bypass http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html
|
|
xenkernel42<4.2.5nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-114.html
|
|
adobe-flash-plugin<11.2.202.425 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-27.html
|
|
binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17510
|
|
binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17552
|
|
php{53,54,55,56}-concrete5<5.7.4.2 cross-site-scripting http://morxploit.com/morxploits/morxconxss.txt
|
|
ghostscript-gpl<9.06nb3 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html
|
|
asterisk>=11.0<11.14.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html
|
|
asterisk>=12.0<12.7.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html
|
|
asterisk>=13.0<13.0.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html
|
|
modular-xorg-server<1.12.4nb6 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/
|
|
pdns-recursor<3.6.2 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2014-02/
|
|
unbound<1.4.22nb1 denial-of-service http://www.unbound.net/downloads/CVE-2014-8602.txt
|
|
libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
|
|
suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
|
|
file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
|
|
file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
|
|
ffmpeg2<2.5 multiple-vulnerabilities http://ffmpeg.org/security.html
|
|
typo3>=4.5.0<4.5.37 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/
|
|
typo3>=4.7.0<4.7.20 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/
|
|
typo3>=6.1.0<6.1.11 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/
|
|
typo3>=4.5.0<4.5.39 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
|
|
typo3>=4.7.0<4.7.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
|
|
typo3>=6.1.0<6.1.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/
|
|
rpm<4.11.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6435
|
|
rpm<4.12.0.1nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8118
|
|
libyaml<0.1.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
|
|
p5-YAML-LibYAML<0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
|
|
python26-[0-9]* security-bypass http://bugs.python.org/issue22417
|
|
python27<2.7.9 security-bypass http://bugs.python.org/issue22417
|
|
python33-[0-9]* security-bypass http://bugs.python.org/issue22417
|
|
python34<3.4.3 security-bypass http://bugs.python.org/issue22417
|
|
suse{,32}_gtk2<13.1nb4 arbitrary-code-execution http://lists.opensuse.org/opensuse-updates/2014-12/msg00062.html
|
|
git-base<2.2.1 client-code-execution-from-hostile-server http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390
|
|
c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7401
|
|
c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7402
|
|
ruby{193,200,215}-mcollective<2.5.3 security-bypass http://puppetlabs.com/security/cve/cve-2014-3251
|
|
ettercap-[0-9]* multiple-vulnerabilities https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
|
|
heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
|
|
heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844
|
|
rrdtool<1.4.9 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2131
|
|
ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-3580-advisory.txt
|
|
ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
|
|
ruby{193,200,215}-puppet<3.7.1 sensitive-information-disclosure http://puppetlabs.com/security/cve/cve-2014-9355
|
|
php>=5.4<5.4.36 denial-of-service http://php.net/ChangeLog-5.php#5.4.36
|
|
mit-krb5>=1.5<1.10.7nb3 multiple-vulnerabilities http://web.mit.edu/kerberos/krb5-1.12/
|
|
libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135
|
|
libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136
|
|
varnish<3.0.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0345
|
|
varnish<3.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484
|
|
jasper<1.900.1nb9 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html
|
|
ghostscript-gpl<9.06nb4 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html
|
|
php>=5.5<5.5.20 denial-of-service http://php.net/ChangeLog-5.php#5.5.20
|
|
php>=5.6<5.6.4 denial-of-service http://php.net/ChangeLog-5.php#5.6.4
|
|
ntp<4.2.8 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879
|
|
unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
|
|
unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
|
|
unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
|
|
unzip<6.0nb2 denial-of-service http://seclists.org/oss-sec/2014/q4/1131
|
|
sox<1.14.2 heap-overflow http://www.ocert.org/advisories/ocert-2014-010.html
|
|
mediawiki<1.24.1 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.8
|
|
libssh<0.64 multiple-vulnerabilities http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
|
|
exiv2<0.25 heap-overflow http://dev.exiv2.org/issues/960
|
|
libsndfile<1.0.25nb2 multiple-vulnerabilities http://secunia.com/advisories/61132
|
|
wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-03.html
|
|
wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-04.html
|
|
wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-05.html
|
|
ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682
|
|
ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26699
|
|
libreoffice4>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093
|
|
libreoffice4-bin>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093
|
|
apache>=2.4<2.4.10nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109
|
|
gnupg2<2.0.26 arbitrary-code-execution http://secunia.com/advisories/61939/
|
|
png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495
|
|
png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495
|
|
png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973
|
|
png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973
|
|
libevent<2.0.22 integer-overflow https://raw.githubusercontent.com/libevent/libevent/release-2.0.22-stable/ChangeLog
|
|
arc-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-9275
|
|
privoxy<3.0.22 multiple-vulnerabilities http://secunia.com/advisories/62123
|
|
zoneminder<1.28.0 system-compromise https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.28.0
|
|
curl>=7.31.0<7.39.0nb1 security-bypass http://curl.haxx.se/docs/adv_20150108B.html
|
|
lftp<4.4.6nb4 ssl-certificate-spoofing https://github.com/lavv17/lftp/issues/116
|
|
webmin<1.730 sensitive-information-disclosure http://www.webmin.com/changes.html
|
|
pwgen<2.07 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4440
|
|
pwgen<2.07 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4442
|
|
mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353
|
|
file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
|
|
file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
|
|
openssl>=0.9.8<0.9.8zd multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt
|
|
openssl>=1.0.0<1.0.0p multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt
|
|
openssl>=1.0.1<1.0.1k multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt
|
|
mantis<1.2.19 multiple-vulnerabilities https://www.mantisbt.org/bugs/changelog_page.php?version_id=238
|
|
adobe-flash-plugin<11.2.202.429 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-01.html
|
|
chicken<4.9.0.2 multiple-vulnerabilities http://lists.gnu.org/archive/html/chicken-announce/2015-01/msg00001.html
|
|
firefox>=34<35 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox35
|
|
seamonkey<2.32 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.32
|
|
thunderbird<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.4
|
|
firefox31>=31<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.4
|
|
py{33,32,27}-django>=1.5<1.7.3 multiple-vulnerabilities https://docs.djangoproject.com/en/1.7/releases/1.7.3/
|
|
samba>=4<4.1.16 security-bypass https://www.samba.org/samba/security/CVE-2014-8143
|
|
asterisk>=12.0<12.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html
|
|
asterisk>=13.0<13.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html
|
|
asterisk>=1.8<1.8.32.2 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html
|
|
asterisk>=11.0<11.15.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html
|
|
asterisk>=12.0<12.8.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html
|
|
asterisk>=13.0<13.1.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html
|
|
djvulibre-tools-[0-9]* insecure-temp-file https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775193
|
|
xdg-utils>=1.1.0-rc2<1.1.0-rc4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9622
|
|
moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278612
|
|
moodle>=2.8<2.8.2 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=278613
|
|
moodle>=2.8<2.8.2 information-leak https://moodle.org/mod/forum/discuss.php?d=278614
|
|
moodle>=2.8<2.8.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=278615
|
|
moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278616
|
|
moodle>=2.8<2.8.2 denial-of-service https://moodle.org/mod/forum/discuss.php?d=278617
|
|
kde-workspace-[0-9]* sensitive-information-disclosure https://www.kde.org/info/security/advisory-20150122-2.txt
|
|
websvn-[0-9]* symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6892
|
|
py{34,33,27,26}-Pillow<2.7.0 denial-of-service http://pillow.readthedocs.org/releasenotes/2.7.0.html#png-text-chunk-size-limits
|
|
ffmpeg2<2.5.2 multiple-vulnerabilities http://ffmpeg.org/security.html
|
|
mysql-server>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
|
|
mysql-client>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
|
|
sympa<6.1.24 remote-file-access https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting_cve-2015-1306
|
|
jasper<1.900.1nb10 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html
|
|
adobe-flash-plugin<11.2.202.438 security-bypass http://helpx.adobe.com/security/products/flash-player/apsb15-02.html
|
|
adobe-flash-plugin<11.2.202.440 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-03.html
|
|
sun-{jdk,jre}7<7.0.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA
|
|
sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA
|
|
openjdk7<1.7.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA
|
|
rabbitmq<3.4.1 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.1.txt
|
|
polarssl-[0-9]* arbitrary-code-execution https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04
|
|
bugzilla<4.4.7 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.15/
|
|
libvirt<1.2.12 security-bypass http://security.libvirt.org/2015/0001.html
|
|
webkit-gtk<2.4.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0001.html
|
|
privoxy<3.0.23 multiple-vulnerabilities http://secunia.com/advisories/62147/
|
|
clamav<0.98.6 multiple-vulnerabilities http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html
|
|
adobe-flash-plugin<11.2.202.442 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-04.html
|
|
php{53,54,55}-piwigo<2.5.6 sql-injection http://piwigo.org/forum/viewtopic.php?id=25016
|
|
rabbitmq<3.4.3 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.3.txt
|
|
mit-krb5<1.10.7nb5 multiple-vulnerabilities http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt
|
|
icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923
|
|
icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926
|
|
ntp<4.2.8p1 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879
|
|
squid<3.4.12 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066
|
|
squid>=3.5.0<3.5.2 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066
|
|
py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830
|
|
py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829
|
|
openldap>=2.4.13<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545
|
|
openldap<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546
|
|
moodle<2.8.3 directory-traversal http://www.secunia.com/advisories/62769/
|
|
php>=5.4<5.4.36 http-response-splitting http://secunia.com/advisories/62831
|
|
php>=5.5<5.5.22 http-response-splitting http://secunia.com/advisories/62831
|
|
php>=5.6<5.6.6 http-response-splitting http://secunia.com/advisories/62831
|
|
postgresql90-server<9.0.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/
|
|
postgresql91-server<9.1.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/
|
|
postgresql92-server<9.2.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/
|
|
postgresql93-server<9.3.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/
|
|
postgresql94-server<9.4.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/
|
|
postgresql90-pgcrypto<9.0.19 buffer-overrun http://secunia.com/advisories/62806
|
|
postgresql91-pgcrypto<9.1.15 buffer-overrun http://secunia.com/advisories/62806
|
|
postgresql92-pgcrypto<9.2.10 buffer-overrun http://secunia.com/advisories/62806
|
|
postgresql93-pgcrypto<9.3.6 buffer-overrun http://secunia.com/advisories/62806
|
|
postgresql94-pgcrypto<9.4.1 buffer-overrun http://secunia.com/advisories/62806
|
|
ghostscript-gpl<9.06nb4 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html
|
|
e2fsprogs<1.42.12 heap-overflow http://www.ocert.org/advisories/ocert-2015-002.html
|
|
vorbis-tools<1.4.0nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640
|
|
apache-tomcat>=7.0<7.0.55 security-bypass http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55
|
|
apache-tomcat>=6.0<6.0.43 security-bypass http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.43
|
|
modular-xorg-server<1.12.4nb8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0255
|
|
cabextract<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556
|
|
ruby{18,193,200,215}-facter<2.4.1 information-leakage http://puppetlabs.com/security/cve/cve-2015-1426
|
|
elasticsearch<1.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1427
|
|
ruby18-base>=1.8.7<1.8.7.374nb2 denial-of-service http://secunia.com/advisories/62920
|
|
antiword<0.37nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8123
|
|
cups<2.0.2 buffer-overflow https://www.cups.org/str.php?L4551
|
|
contao33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
contao32<3.2.19 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269
|
|
contao33<3.3.7nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269
|
|
contao34<3.4.4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269
|
|
jabberd>=2<999 information-disclosure https://github.com/jabberd2/jabberd2/issues/85
|
|
py{25,26,27,33,34}-django<1.6.6 multiple-vulnerabilities http://secunia.com/advisories/60181/
|
|
ffmpeg1<1.2.11 multiple-vulnerabilities http://secunia.com/advisories/62968/
|
|
ffmpeg2<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/62968/
|
|
gnupg2<2.0.27 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/02/13/14
|
|
roundcube<1.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1433
|
|
gcpio<2.13 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1197
|
|
sun-j{re,dk}7<7.0.71 multiple-vulnerabilities http://secunia.com/advisories/62516
|
|
sudo<1.7.10p9 arbitrary-file-access http://www.sudo.ws/sudo/alerts/tz.html
|
|
patch>=2.7.1<2.7.3 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/189
|
|
zoneminder<1.28.1 security-bypass http://secunia.com/advisories/62918/
|
|
php>=5.4<5.4.37nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942
|
|
php>=5.5<5.5.21nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942
|
|
php>=5.6<5.6.5nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942
|
|
php{53,54,55,56}-piwigo<2.7.4 sql-injection http://seclists.org/fulldisclosure/2015/Feb/73
|
|
bind>=9.7.0<9.9.6pl2 denial-of-service https://kb.isc.org/article/AA-01235/0
|
|
bind>=9.10.1<9.10.1pl2 denial-of-service https://kb.isc.org/article/AA-01235/0
|
|
cabextract<1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-2060
|
|
suse{,32}_base<13.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
|
|
typo3>=4.5.0<4.5.39 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-001/
|
|
lame<3.99.5nb2 arbitrary-code-execution http://secunia.com/advisories/62995/
|
|
php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
|
|
php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
|
|
php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
|
|
php>=5.4<5.4.36 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
|
|
php>=5.5<5.5.20 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
|
|
php>=5.6<5.6.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
|
|
ffmpeg2<2.5.4 unknown http://secunia.com/advisories/62944
|
|
ffmpeg1<1.2.12 unknown http://secunia.com/advisories/63009
|
|
clamav<0.96.6 denial-of-service http://secunia.com/advisories/62443
|
|
sun-{jdk,jre}7>=6.0.85<6.0.86 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA
|
|
sun-{jdk,jre}7>=7.0.72<7.0.73 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA
|
|
mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355
|
|
php>=5.4<5.4.36 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
|
|
php>=5.5<5.5.20 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
|
|
php>=5.6<5.6.4 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
|
|
php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232
|
|
php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232
|
|
php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232
|
|
php>=5.4<5.4.37 out-of-bounds-read https://bugs.php.net/bug.php?id=68735
|
|
php>=5.5<5.5.21 out-of-bounds-read https://bugs.php.net/bug.php?id=68735
|
|
php>=5.6<5.6.5 out-of-bounds-read https://bugs.php.net/bug.php?id=68735
|
|
mysql-client>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
|
|
mysql-server>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL
|
|
suse{,32}_krb5-[0-9]* denial-of-service http://www.secunia.com/advisories/62976
|
|
openjdk7-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
samba>=3.6<3.6.25 unexpected-code-execution https://www.samba.org/samba/security/CVE-2015-0240
|
|
ruby{18,193,200,215}-redcloth-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6684
|
|
xdg-utils<1.1.1 command-injection https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777722
|
|
xentools45<4.5.0nb2 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119
|
|
xentools42<4.2.5nb3 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119
|
|
xentools41-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119
|
|
xentools33-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119
|
|
xentools3-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119
|
|
xentools3-hvm-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119
|
|
xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-121.html
|
|
xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-121.html
|
|
xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-121.html
|
|
xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html
|
|
xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html
|
|
xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-122.html
|
|
xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-122.html
|
|
xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-122.html
|
|
xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html
|
|
xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html
|
|
xenkernel45<4.5.0nb2 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html
|
|
xenkernel42<4.2.5nb5 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html
|
|
xenkernel41<4.1.6.1nb15 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html
|
|
xenkernel33-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html
|
|
xenkernel3-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html
|
|
ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929
|
|
ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
|
|
ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
|
|
ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
|
|
suse{,32}_base<13.1nb8 denial-of-service http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html
|
|
firefox31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5
|
|
xulrunner31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5
|
|
thunderbird<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.5
|
|
firefox>=35.0.1<36 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox36
|
|
dojo<1.10.3 multiple-vulnerabilities http://dojotoolkit.org/blog/dojo-security-advisory-2014-12-08
|
|
p5-gtk2-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3173
|
|
rt4<4.2.10 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/rt-4210-released.html
|
|
rt<3.8.17nb4 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html
|
|
tcllib<1.15nb1 cross-site-scripting http://core.tcl.tk/tcllib/tktview/09110adc430de8c91d26015f9697cdd099755e63
|
|
tcl-snack-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303
|
|
glusterfs<3.5.3 denial-of-service https://github.com/gluster/glusterfs/blob/v3.5.3/doc/release-notes/3.5.3.md
|
|
gnupg<1.4.19 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html
|
|
libgcrypt<1.6.3 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html
|
|
jenkins<1.596.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
|
|
qt4-libs<4.8.6nb4 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html
|
|
qt5-qtbase<5.4.0nb1 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html
|
|
unace-[0-9]* buffer-overflow https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003
|
|
gnats<4.2.0 local-privilege-escalation http://permalink.gmane.org/gmane.org.fsf.announce/2284
|
|
py{26,27}-rope-[0-9]* remote-code-execution https://github.com/python-rope/rope/issues/105
|
|
wireshark<1.10.13 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html
|
|
openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209
|
|
openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288
|
|
tcpdump<4.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140
|
|
tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261
|
|
tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2153
|
|
tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154
|
|
tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2155
|
|
librsvg<2.40.8 denial-of-service https://download.gnome.org/sources/librsvg/2.40/librsvg-2.40.8.news
|
|
libssh2<1.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782
|
|
cups-filters<1.0.66 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336
|
|
cups-filters<1.0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337
|
|
opera<28 unknown-impact http://www.opera.com/docs/changelogs/unified/2800/
|
|
suse{,32}_freetype2-<13.1nb2 multiple-vulnerabilities http://www.suse.com/support/update/announcement/2015/suse-su-20150463-1.html
|
|
adobe-flash-plugin<11.2.202.451 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-05.html
|
|
py{26,27,33,34}-django<1.7.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241
|
|
percona-toolkit<2.2.13 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1027
|
|
libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802
|
|
libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803
|
|
libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804
|
|
phpmyadmin<4.3.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php
|
|
openssl>0.9.8<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt
|
|
openssl>1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt
|
|
openssl>1.0.1<1.0.1m multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt
|
|
openssl>1.0.2<1.0.2a multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt
|
|
suse{,32}_openssl>=12.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt
|
|
suse{,32}_openssl>=13.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt
|
|
binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
avr-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
binutils-mips-current<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
freemint-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
h8300-elf-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
h8300-hms-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
mingw-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
nios2-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
cross-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/
|
|
cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/
|
|
cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/
|
|
xerces-c<3.1.2 multiple-vulnerabilities http://secunia.com/advisories/63516/
|
|
firefox<36.0.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
|
|
firefox<36.0.4 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
|
|
firefox31<31.5.2 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
|
|
firefox31<31.5.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
|
|
seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
|
|
seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
|
|
icu<55.1 integer-overflow http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654
|
|
nodejs<0.10.37 privilege-escalation http://blog.nodejs.org/2015/03/14/node-v0-10-37-stable
|
|
tiff<4.0.4beta multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html
|
|
suse{,32}_libtiff>=10.0 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html
|
|
suse{,32}_libtiff>=12.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html
|
|
suse{,32}_libtiff>=13.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html
|
|
putty<0.64 privacy-leak http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
|
|
ffmpeg2<2.5.1 use-after-free http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933
|
|
gnutls<3.1.0 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-0282
|
|
gnutls<3.3.13 ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2015-0294
|
|
moodle>=2.6<2.6.8 multiple-vulnerabilities http://secunia.com/advisories/62957/
|
|
moodle>=2.7<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/62957/
|
|
moodle>=3.8<3.8.3 multiple-vulnerabilities http://secunia.com/advisories/62957/
|
|
lasso<2.4.1 denial-of-service http://secunia.com/advisories/63310/
|
|
cups-filters<1.0.66 remote-code-execution http://secunia.com/advisories/63033/
|
|
file<5.21 multiple-vulnerabilities http://secunia.com/advisories/63423/
|
|
file<5.22 denial-of-service https://www.debian.org/security/2015/dsa-3196
|
|
php>=5.4<5.4.39 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html
|
|
php>=5.5<5.5.23 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html
|
|
php>=5.6<5.6.7 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html
|
|
py{26,27,33,34}-django>=1.4<1.4.20 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
|
|
py{26,27,33,34}-django>=1.6<1.6.11 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
|
|
py{26,27,33,34}-django>=1.7<1.7.7 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
|
|
python27<2.7.7 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7
|
|
python33<3.3.6 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7
|
|
python34<3.4.1 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7
|
|
python33<3.3.4 denial-of-service http://seclists.org/oss-sec/2013/q4/558
|
|
python34<3.4.0 denial-of-service http://seclists.org/oss-sec/2013/q4/558
|
|
drupal>=6<6.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001
|
|
drupal>=7<7.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001
|
|
suse{,32}_base>=10.0<13.1nb9 invalid-file-descriptor-reuse http://www.openwall.com/lists/oss-security/2015/01/28/20
|
|
suse{,32}_base>=10.0<13.1nb9 buffer-overrun http://www.openwall.com/lists/oss-security/2015/02/04/1
|
|
libzip<0.11.2nb1 integer-overflow http://www.openwall.com/lists/oss-security/2015/03/18/1
|
|
py{26,27,34,35,36}-mercurial<3.2.4 command-injection http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
|
|
php>5.5<5.5.22 use-after-free https://bugs.php.net/bug.php?id=68901
|
|
php>5.6<5.6.6 use-after-free https://bugs.php.net/bug.php?id=68901
|
|
tor>=0.2.4<0.2.4.26 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html
|
|
tor>=0.2.5<0.2.5.11 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html
|
|
gnupg<1.4.19 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html
|
|
gnupg2<2.0.27 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html
|
|
php>=5.4<5.4.39 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.39
|
|
php>=5.5<5.5.23 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.23
|
|
php>=5.6<5.6.7 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.7
|
|
mono>=3<3.12.1 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/869
|
|
jenkins<1.596.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
|
|
qemu<2.3.0 denial-of-service https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html
|
|
suse{,32}_qt4-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html
|
|
e2fsprogs<1.42.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572
|
|
py{26,27,33,34}-numpy<1.9.2 insecure-temp-file https://github.com/numpy/numpy/commit/0bb46c1448b0d3f5453d5182a17ea7ac5854ee15
|
|
libtasn1<4.4 stack-overflow http://lists.gnu.org/archive/html/help-libtasn1/2015-03/msg00002.html
|
|
nginx>=1.5<1.5.12 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
|
|
nginx>=1.3.15<1.4.7 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html
|
|
py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9706
|
|
py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838
|
|
shibboleth-sp<2.5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2684
|
|
mailman<2.1.20 input-validation https://mail.python.org/pipermail/mailman-announce/2015-March/000207.html
|
|
stunnel<5.14 security-bypass http://www.stunnel.org/pipermail/stunnel-announce/2015-March/000096.html
|
|
subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0202-advisory.txt
|
|
ap{22,24}-subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0248-advisory.txt
|
|
ap{22,24}-subversion<1.8.13 spoofing http://subversion.apache.org/security/CVE-2015-0251-advisory.txt
|
|
mediawiki<1.24.2 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.24#MediaWiki_1.24.2
|
|
xentools45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html
|
|
xentools42<4.2.5nb4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html
|
|
xentools41<4.1.6.1nb7 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html
|
|
xentools33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html
|
|
xentools3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html
|
|
xentools3-hvm-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html
|
|
xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html
|
|
xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html
|
|
xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html
|
|
xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html
|
|
xenkernel3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html
|
|
apache-cassandra<2.1.4 remote-code-execution http://www.openwall.com/lists/oss-security/2015/04/01/6
|
|
firefox<37 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37
|
|
firefox<37.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37.0.1
|
|
firefox31<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.6
|
|
thunderbird<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.6
|
|
tor<0.2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2928
|
|
ntp<4.2.8p2 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798
|
|
ntp<4.2.8p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799
|
|
pigz<2.3.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1191
|
|
chrony<1.31.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1853
|
|
asterisk>=1.8<1.8.32.3 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html
|
|
asterisk>=11.0<11.17.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html
|
|
asterisk>=12.0<12.8.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html
|
|
asterisk>=13.0<13.3.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html
|
|
dpkg<1.16.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840
|
|
icecast<2.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026
|
|
php55-gd<5.5.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709
|
|
php56-gd<5.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709
|
|
gd<2.1.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709
|
|
arj<3.10.22nb2 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0556
|
|
arj<3.10.22nb2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0557
|
|
arj<3.10.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2782
|
|
coreutils<8.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471
|
|
less<475 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9488
|
|
gtk3+<3.11.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949
|
|
erlang<17.0 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693
|
|
xlockmore{,-lite}<5.45 security-bypass http://calypso.tux.org/pipermail/xlock-announce/2014/000059.html
|
|
jetty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254
|
|
wesnoth<1.12.2 remote-file-read https://bugs.mageia.org/show_bug.cgi?id=15685
|
|
php{53,54,55,56}-orangehrm-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/535245
|
|
tor>=0.2.4.0<0.2.4.27 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released
|
|
tor>=0.2.5.0<0.2.5.12 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released
|
|
socat<1.7.3.0 denial-of-service http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
|
|
xenkernel45<4.5.0nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-127.html
|
|
xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-125.html
|
|
xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html
|
|
xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html
|
|
xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html
|
|
libX11<1.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7439
|
|
chrony<1.31.1 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3222
|
|
php>=5.4<5.4.40 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.40
|
|
php>=5.5<5.5.24 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.24
|
|
php>=5.6<5.6.8 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.8
|
|
qt4-libs<4.8.7 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
|
|
qt5-libs<5.4.2 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
|
|
suse{,32}_qt4-[0-9]* multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html
|
|
adobe-flash-plugin<11.2.202.457 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
|
|
ruby200-base<2.0.0p645 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/
|
|
ruby21-base<2.1.6 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/
|
|
ruby22-base<2.2.2 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/
|
|
libX11<1.5.1 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/
|
|
sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA
|
|
sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA
|
|
openjdk7<1.7.80 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA
|
|
openjdk8<1.8.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA
|
|
libxml2<2.9.2nb2 denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1211278
|
|
#not applicable: mod_copy not enabled and no option to enable it
|
|
#proftpd-[0-9]* security-bypass http://bugs.proftpd.org/show_bug.cgi?id=4169
|
|
sqlite3<3.8.9 multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html
|
|
suse{,32}_sqlite3-[0-9]* multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html
|
|
icecast<2.4.2 denial-of-service http://lists.xiph.org/pipermail/icecast-dev/2015-April/002460.html
|
|
ruby18-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349
|
|
ruby193-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349
|
|
ruby200-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349
|
|
ruby215-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349
|
|
gst-plugins0.10-bad-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3225
|
|
pppd<2.4.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310
|
|
gnutls<3.3.14 arbitrary-code-execution http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8077
|
|
libksba<1.3.3 multiple-vulnerabilities https://blog.fuzzing-project.org/7-Multiple-vulnerabilities-in-GnuPG,-libksba-and-GpgOL-TFPA-0032015.html
|
|
openssl>=1.0.2<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303
|
|
suse{,32}_openssl<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303
|
|
mysql-server>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL
|
|
libxml2<2.9.2nb3 arbitrary-memory-access https://bugzilla.gnome.org/show_bug.cgi?id=746048
|
|
firefox<37.0.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/
|
|
p5-Module-Signature<0.75 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q2/59
|
|
xenkernel42<4.2.5nb8 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html
|
|
xenkernel45<4.5.1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html
|
|
curl>=7.37.0<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422A.html
|
|
curl>=7.10.6<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422B.html
|
|
curl>=7.10.6<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422C.html
|
|
curl>=7.37.0<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422D.html
|
|
wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/
|
|
php{53,54,55}-ja-wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/
|
|
salt<2014.7.4 symlink-attack http://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html
|
|
net-snmp<5.7.3nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-5621
|
|
wpa_supplicant>=1.0<2.5 heap-overflow http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt
|
|
dnsmasq<2.73rc4 arbitrary-memory-access https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1502/
|
|
pdns-recursor<3.7.2 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
|
|
powerdns<3.4.4 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
|
|
file<5.22nb1 denial-of-service https://github.com/file/file/commit/3046c231e1a2fcdd5033bea0603c23f435a00bd7
|
|
t1utils<1.39 buffer-overflow https://github.com/kohler/t1utils/issues/4
|
|
magento-[0-9]* multiple-vulnerabilities http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/
|
|
libreoffice4<4.4.2.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/
|
|
libreoffice4-bin<4.4.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/
|
|
wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/
|
|
php{53,54,55}-ja-wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/
|
|
librsync<1.0.0 weak-hash https://github.com/librsync/librsync/issues/5
|
|
elasticsearch>1.4<=1.4.4 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released
|
|
elasticsearch>1.5<=1.5.2 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released
|
|
glusterfs<3.5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619
|
|
glusterfs-3.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619
|
|
ffmpeg<2.6.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395
|
|
horde<5.2.5 cross-site-scripting http://lists.horde.org/archives/announce/2015/001088.html
|
|
imp<6.2.8 cross-site-scripting http://lists.horde.org/archives/announce/2015/001089.html
|
|
mysql-client<5.7.3 ssl-downgrade http://www.ocert.org/advisories/ocert-2015-003.html
|
|
libarchive<3.1.2nb1 denial-of-service https://github.com/libarchive/libarchive/issues/502
|
|
clamav<0.98.7 multiple-vulnerabilities http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html
|
|
testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release
|
|
libtasn1<4.5 heap-overflow https://lists.gnu.org/archive/html/help-libtasn1/2015-04/msg00000.html
|
|
squid<3.5.4 ssl-cert-spoofing http://www.squid-cache.org/Advisories/SQUID-2015_1.txt
|
|
curl>=7.1<7.42.1 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150429.html
|
|
libssh<0.65 double-free https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
|
|
p5-XML-LibXML<2.0119 remote-file-read http://seclists.org/oss-sec/2015/q2/313
|
|
mariadb-server<5.5.43 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/
|
|
pound<2.7 man-in-the-middle-attack https://www.debian.org/security/2015/dsa-3253
|
|
apache-tomcat>=6.0<6.0.44 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
|
|
apache-tomcat>=7.0<7.0.55 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
|
|
apache-tomcat>=8.0<8.0.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
|
|
salt<2015.5.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/05/02/1
|
|
wpa_supplicant<2.5 multiple-vulnerabilities http://seclists.org/bugtraq/2015/May/77
|
|
icu<55.1 multiple-vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt
|
|
postgresql9{0,1,2,3,4}-postgis2<2.1.3 security-bypass http://postgis.net/2014/05/19/postgis-2.0.6_and_2.1.3
|
|
libraw<0.16.1 denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html
|
|
ruby{193,200,215}-redcarpet<3.2.3 cross-site-scripting http://openwall.com/lists/oss-security/2015/04/07/11
|
|
dcraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html
|
|
gimp-ufraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html
|
|
adobe-flash-plugin<11.2.202.460 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-09.html
|
|
wireshark<1.10.14 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.14.html
|
|
firefox<38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38
|
|
firefox31<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.7
|
|
firefox36-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
|
|
thunderbird<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
|
|
firefox24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
thunderbird24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
openssh<6.6.1nb6 heap-overflow http://www.openwall.com/lists/oss-security/2015/05/16/3
|
|
php{54,55,56}-concrete5<5.7.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2250
|
|
testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release
|
|
p5-Module-Signature<0.75 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/04/07/1
|
|
phpmyadmin<4.3.13.1 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php
|
|
qemu<2.2.1nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456
|
|
qemu>=2.3.0<2.3.0nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456
|
|
xentools42<4.2.5nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html
|
|
xentools45<4.5.0nb4 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html
|
|
apache-tomcat>=6.0<6.0.44 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E
|
|
apache-tomcat>=7.0<7.0.59 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E
|
|
apache-tomcat>=8.0<8.0.18 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@apache.org%3E
|
|
php>=5.4<5.4.41 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.41
|
|
php>=5.5<5.5.25 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.25
|
|
php>=5.6<5.6.9 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.9
|
|
qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9718
|
|
qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2756
|
|
fcgi<2.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6687
|
|
ipsec-tools<0.7.3nb3 null-dereference https://www.altsci.com/ipsec/ipsec-tools-sa.html
|
|
zeromq<4.0.6 protocol-downgrade https://www.debian.org/security/2015/dsa-3255
|
|
zeromq>=4.1.0<4.1.1 protocol-downgrade https://www.debian.org/security/2015/dsa-3255
|
|
moodle>=2.8<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/64167/
|
|
moodle>=2.7<2.7.8 multiple-vulnerabilities http://secunia.com/advisories/64167/
|
|
moodle>=2.6<2.6.11 multiple-vulnerabilities http://secunia.com/advisories/64167/
|
|
avidemux-[0-9]* multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0233.html
|
|
libntfs-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268
|
|
fuse-ntfs-3g-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268
|
|
postgresql90-server<9.0.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/
|
|
postgresql91-server<9.1.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/
|
|
postgresql92-server<9.2.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/
|
|
postgresql93-server<9.3.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/
|
|
postgresql94-server<9.4.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/
|
|
pgbouncer<1.5.5 denial-of-service http://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/
|
|
cups<2.0.3 privilege-escalation http://www.cups.org/str.php?L4609
|
|
php>=5.4<5.4.42nb1 use-after-free https://bugs.php.net/bug.php?id=69737
|
|
php>=5.5<5.5.26nb1 use-after-free https://bugs.php.net/bug.php?id=69737
|
|
php>=5.6<5.6.10nb1 use-after-free https://bugs.php.net/bug.php?id=69737
|
|
elasticsearch<1.6.0 unknown-impact https://www.elastic.co/blog/elasticsearch-1-6-0-released
|
|
concrete5<5.7.4.1 sql-injection http://karmainsecurity.com/KIS-2015-03
|
|
concrete5<5.7.4 cross-site-scripting http://karmainsecurity.com/KIS-2015-02
|
|
concrete5<5.7.4 remote-code-execution http://karmainsecurity.com/KIS-2015-01
|
|
openssl>1.0.1<1.0.1n multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt
|
|
openssl>1.0.2<1.0.2b multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt
|
|
suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt
|
|
jdbc-mysql<5.1.35 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575
|
|
xentools42<4.2.5nb12 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html
|
|
xentools45<4.5.3 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html
|
|
qemu<2.4.0 heap-overflow https://lists.gnu.org/archive/html/qemu-devel/2015-06/msg02847.html
|
|
qemu<2.4.0 denial-of-service http://www.openwall.com/lists/oss-security/2015/05/23/4
|
|
xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html
|
|
xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html
|
|
xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html
|
|
xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html
|
|
xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html
|
|
xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html
|
|
xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html
|
|
xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html
|
|
xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html
|
|
xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html
|
|
xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html
|
|
xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html
|
|
xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html
|
|
xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html
|
|
xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html
|
|
xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html
|
|
xentools3-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
xentools33-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
xentools41-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html
|
|
ffmpeg2<2.6.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395
|
|
ffmpeg2<2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3417
|
|
sqlite3<3.8.9 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416
|
|
p7zip-9.20.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038
|
|
suse{,32}_base>=13.1<13.1nb9 privilege-escalation http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html
|
|
drupal>=6<6.36 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002
|
|
drupal>=7<7.38 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002
|
|
cacti<0.8.8d sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665
|
|
libmimedir-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3205
|
|
wpa_supplicant<2.5 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141
|
|
wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146
|
|
wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145
|
|
xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-134.html
|
|
xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-134.html
|
|
xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html
|
|
xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html
|
|
wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142
|
|
wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143
|
|
adobe-flash-plugin<11.2.202.466 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-11.html
|
|
libxml2<2.9.2 denial-of-service https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df
|
|
nginx>=1.6<1.6.2 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
|
|
nginx>=1.7<1.7.5 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html
|
|
mantis<1.2.16 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=275
|
|
freeradius<2.2.8 invalid-crl-checks http://www.ocert.org/advisories/ocert-2015-008.html
|
|
adobe-flash-plugin<11.2.202.468 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
|
|
curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617A.html
|
|
curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617B.html
|
|
wireshark<1.12.6 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.6.html
|
|
ruby{18,193,200,215}-rubygems<2.4.8 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4020
|
|
cryptopp-[0-9]* sensitive-information-exposure http://www.mail-archive.com/cryptopp-users@googlegroups.com/msg07835.html
|
|
haproxy<1.5.14 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3281
|
|
openssl<1.0.1o signature-forgery https://www.openssl.org/news/secadv_20150709.txt
|
|
openssl>1.0.2<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt
|
|
suse{,32}_openssl<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt
|
|
geeklog>=2.1.0<2.1.0nb1 cross-site-scripting https://www.geeklog.net/article.php/file-manager-vulnerability
|
|
contao34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
libwmf<0.2.8.4nb16 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0848
|
|
libwmf<0.2.8.4nb16 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4696
|
|
fuse>=2.0<2.9.4 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3202
|
|
libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4695
|
|
libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4588
|
|
firefox<39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39
|
|
firefox31<31.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8
|
|
firefox38<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.1
|
|
thunderbird<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1
|
|
thunderbird31-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8
|
|
nss<3.19.1 ssl-downgrade https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
|
|
bind>=9.7.1<9.9.7pl1 denial-of-service https://kb.isc.org/article/AA-01267
|
|
bind>=9.10.1<9.10.2pl2 denial-of-service https://kb.isc.org/article/AA-01267
|
|
adobe-flash-plugin<11.2.202.481 use-after-free https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
|
|
cups-filters<1.0.71 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3279
|
|
cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258
|
|
ntp<4.2.8p3 multiple-vulnerabilities http://bugs.ntp.org/show_bug.cgi?id=2853
|
|
nodejs<0.12.6 memory-corruption http://blog.nodejs.org/2015/07/03/node-v0-12-6-stable/
|
|
adobe-flash-plugin<11.2.202.491 remote-hijacking https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
|
|
py{26,27,33,34}-django>=1.4<1.4.21 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
|
|
py{26,27,33,34}-django>=1.7<1.7.9 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
|
|
py{26,27,33,34}-django>=1.8<1.8.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
|
|
cacti<0.8.8d cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967
|
|
ruby{18,193,200,21,22}-redcarpat<3.3.2 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5147
|
|
elasticsearch<1.6.1 remote-code-execution https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736
|
|
elasticsearch>=1.0.0<1.6.1 directory-traversal https://discuss.elastic.co/t/elasticsearch-directory-traversal-vulnerability-cve-2015-5531/25737
|
|
mysql-server>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
|
|
mysql-client>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
|
|
db5-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixBDB
|
|
sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
|
|
oracle-{jdk,jre}8<8.0.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
|
|
openjdk7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
|
|
openjdk8<1.8.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
|
|
xentools41-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html
|
|
xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html
|
|
xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html
|
|
tidy>=20000804<20091027nb6 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/07/15/3
|
|
apache>=2.2<2.2.31 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183
|
|
apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183
|
|
apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3185
|
|
cacti<0.8.8e sql-injection http://www.openwall.com/lists/oss-security/2015/07/18/4
|
|
openssh<6.9.1nb1 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600
|
|
expat<2.1.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
|
|
bind>=9.7.1<9.9.7pl2 denial-of-service https://kb.isc.org/article/AA-01272
|
|
bind>=9.10.1<9.10.2pl3 denial-of-service https://kb.isc.org/article/AA-01272
|
|
dhcpcd<6.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7912
|
|
dhcpcd<6.10.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7913
|
|
xmltooling<1.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt
|
|
opensaml<2.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt
|
|
wordpress<4.2.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3440
|
|
php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622
|
|
php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623
|
|
wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622
|
|
wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623
|
|
squid<3.5.6 security-bypass http://www.squid-cache.org/Advisories/SQUID-2015_2.txt
|
|
ruby{18,193,200,21,22}-redmine<3.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227
|
|
ruby{18,193,200,21,22}-redmine<3.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226
|
|
ruby{18,193,200,21,22}-activesupport-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226
|
|
ruby{18,193,200,21,22}-rack<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225
|
|
ruby{18,193,200,21,22}-rack>=1.6<1.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225
|
|
nbpatch<20151107 arbitrary-code-execution https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc
|
|
openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt
|
|
openafs<1.6.13 remote-code-execution http://www.openafs.org/pages/security/OPENAFS-SA-2015-002.txt
|
|
openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt
|
|
openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt
|
|
openafs<1.6.13 authentication-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt
|
|
openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt
|
|
ghostscript-gpl<9.06nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228
|
|
ghostscript-agpl<9.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228
|
|
wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429
|
|
php{54,55,56}-ja-wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429
|
|
openssh<6.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352
|
|
wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438
|
|
php{54,55,56}-ja-wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438
|
|
suse_openldap<13.1nb1 denial-of-service https://www.suse.com/security/cve/CVE-2015-1546.html
|
|
firefox<40.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40
|
|
firefox38<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2
|
|
adobe-flash-plugin<11.2.202.508 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
|
|
libxml2<2.9.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
|
|
gnutls<2.9.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8155
|
|
vlc<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9743
|
|
openssh<7.0 privilege-escalation http://seclists.org/fulldisclosure/2015/Aug/54
|
|
ap24-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3184-advisory.txt
|
|
ap{22,24}-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
|
|
gdk-pixbuf2<2.30.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
|
|
rt4<4.2.12 multiple-vulnerabilities https://bestpractical.com/release-notes/rt/4.2.12
|
|
xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html
|
|
xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html
|
|
xentools42<4.2.5nb12 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html
|
|
xentools45<4.5.1nb5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html
|
|
xentools42<4.2.5nb12 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html
|
|
xentools45<4.5.1nb5 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html
|
|
ansible<1.9.2 ssl-cert-spoofing http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3908
|
|
jabberd>=2<999 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2058
|
|
clutter<1.16.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3213
|
|
libidn<1.31 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2059
|
|
firefox<38.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/
|
|
firefox38<38.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2
|
|
py{27,33,34}-django>=1.8<1.8.4 denial-of-service https://www.djangoproject.com/weblog/2015/aug/18/security-releases/
|
|
vlc<2.2.2 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2015-009.html
|
|
gnutls<3.3.17 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251
|
|
thunderbird<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.2
|
|
xfsprogs<3.2.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2150
|
|
mantis<1.2.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8987
|
|
drupal>=6<6.37 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003
|
|
drupal>=7<7.39 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003
|
|
wireshark<1.12.7 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
|
|
qemu<2.4.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037
|
|
firefox<40.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3
|
|
firefox38<38.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2.1
|
|
bind>=9.0.0<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01287/0
|
|
bind>=9.9.7<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01291/0
|
|
bind>=9.10.0<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01287/0
|
|
bind>=9.10.2<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01291/0
|
|
qemu<2.3.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214
|
|
screen<4.3.1 stack-overflow https://savannah.gnu.org/bugs/?45713
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6818
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6826
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6819
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6825
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6824
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6823
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6821
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6822
|
|
ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6820
|
|
xentools44-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-141.html
|
|
xentools45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-141.html
|
|
openslp<1.2.1nb8 denial-of-service https://security-tracker.debian.org/tracker/CVE-2015-5177
|
|
rt4<4.2.12 code-injection http://blog.bestpractical.com/2015/08/rt-4212-released.html
|
|
libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198
|
|
libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199
|
|
libvdpau<1.1.1 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200
|
|
openldap-server<2.4.43 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6908
|
|
magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1570
|
|
magento<1.9.2.1 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2015-6497
|
|
powerdns>=3.4.0<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5230
|
|
mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444
|
|
mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444
|
|
mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444
|
|
mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727
|
|
mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727
|
|
mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727
|
|
mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729
|
|
mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729
|
|
mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729
|
|
mediawiki>=1.23.0<1.23.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735
|
|
mediawiki>=1.24.0<1.24.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735
|
|
mediawiki>=1.25.0<1.25.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735
|
|
gnutls<3.3.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3308
|
|
mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730
|
|
mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730
|
|
mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730
|
|
mediawiki>=1.23.0<1.23.10 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728
|
|
mediawiki>=1.24.0<1.24.3 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728
|
|
mediawiki>=1.25.0<1.25.2 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728
|
|
mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734
|
|
mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734
|
|
mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734
|
|
mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737
|
|
mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737
|
|
mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737
|
|
rt4<4.2.12 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6506
|
|
jenkins-[0-9]* cross-site-request-forgeries http://seclists.org/bugtraq/2015/Aug/161
|
|
qemu<2.4.0 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html
|
|
qemu<2.4.0 buffer-overflow http://seclists.org/oss-sec/2015/q3/302
|
|
qemu<2.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154
|
|
firefox31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
thunderbird31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xulrunner31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
squid<3.5.9 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2015_3.txt
|
|
qemu<2.4.0.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-5225
|
|
qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278
|
|
qemu<2.4.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5279
|
|
qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-6815
|
|
go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739
|
|
go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740
|
|
go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741
|
|
go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739
|
|
go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740
|
|
go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741
|
|
bugzilla<5.0.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4499
|
|
phpmyadmin<4.3.13.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830
|
|
icu<55.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270
|
|
adobe-flash-plugin<11.2.202.521 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575
|
|
vorbis-tools<1.4.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6749
|
|
firefox<41 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41
|
|
firefox38<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.3
|
|
h2o<1.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5638
|
|
owncloudclient<1.8.2 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-009
|
|
freetype2<2.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9745
|
|
typo3<6.2.15 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5956
|
|
suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1781
|
|
remind<3.1.15 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5957
|
|
freeimage<3.17.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0852
|
|
ipython>=3.0<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7337
|
|
php>=5.4<5.4.45 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.45
|
|
php>=5.5<5.5.29 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.29
|
|
php>=5.6<5.6.13 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.13
|
|
dojo<1.2 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000153.html
|
|
icu<53.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5922
|
|
icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234
|
|
icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234
|
|
icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235
|
|
icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235
|
|
php{54,55,56}-matcha-sns<1.3.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5644
|
|
php{54,55,56}-matcha-sns<1.3.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5645
|
|
p5-Email-Address<1.912 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7686
|
|
freetype2<2.5.3 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1
|
|
php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5640
|
|
php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5641
|
|
opensmtpd<5.7.3 multiple-vulnerabilities https://www.opensmtpd.org/announces/release-5.7.3.txt
|
|
adobe-flash-plugin<11.2.202.535 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-25.html
|
|
adobe-flash-plugin<11.2.202.540 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsa15-05.html
|
|
firefox<41.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/
|
|
postgresql90-server<9.0.23 denial-of-service http://www.postgresql.org/about/news/1615/
|
|
postgresql91-server<9.1.19 denial-of-service http://www.postgresql.org/about/news/1615/
|
|
postgresql92-server<9.2.14 denial-of-service http://www.postgresql.org/about/news/1615/
|
|
postgresql93-server<9.3.10 denial-of-service http://www.postgresql.org/about/news/1615/
|
|
postgresql94-server<9.4.5 denial-of-service http://www.postgresql.org/about/news/1615/
|
|
postgresql90-pgcrypto<9.0.23 information-leak http://www.postgresql.org/about/news/1615/
|
|
postgresql91-pgcrypto<9.1.19 information-leak http://www.postgresql.org/about/news/1615/
|
|
postgresql92-pgcrypto<9.2.14 information-leak http://www.postgresql.org/about/news/1615/
|
|
postgresql93-pgcrypto<9.3.10 information-leak http://www.postgresql.org/about/news/1615/
|
|
postgresql94-pgcrypto<9.4.5 information-leak http://www.postgresql.org/about/news/1615/
|
|
postgresql84-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
postgresql90-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-017
|
|
php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-018
|
|
mysql-client>=5.5<5.5.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.26 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL
|
|
openjdk8<1.8.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA
|
|
oracle-{jdk,jre}8<8.0.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA
|
|
openjdk7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
sun-{jdk7,jre7}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ntp<4.2.8p4 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
|
|
wordpress<4.3.1 security-bypass https://wordpress.org/news/2015/09/wordpress-4-3-1/
|
|
openafs<1.6.15 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt
|
|
openafs>=1.7<1.7.33 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt
|
|
asterisk>=1.8<10 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
policykit<0.113 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4625
|
|
policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3218
|
|
policykit<0.113 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3255
|
|
policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3256
|
|
php>=5.5<5.5.30 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.30
|
|
gdk-pixbuf2<2.32.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7674
|
|
phpmyadmin>=4.3<4.3.13.2 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4
|
|
phpmyadmin>=4.4<4.4.14.1 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4
|
|
phpmyadmin>=4.4<4.4.15.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5
|
|
phpmyadmin>=4.5<4.5.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5
|
|
xenkernel41<4.1.6.1nb17 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html
|
|
xenkernel42<4.2.5nb9 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html
|
|
xenkernel45<4.5.1nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html
|
|
owncloudclient<2.0.1 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-016
|
|
gdk-pixbuf2<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673
|
|
gdk-pixbuf2-jasper<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673
|
|
gdk-pixbuf2-xlib<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673
|
|
wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4
|
|
php{54,55,56}-ja-wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4
|
|
wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
|
|
php{54,55,56}-ja-wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
|
|
jasper<1.900.1nb12 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
|
|
jasper<1.900.1nb12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
|
|
jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516
|
|
jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517
|
|
jasper<1.900.1nb9 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137
|
|
jasper<1.900.1nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029
|
|
xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-152.html
|
|
xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html
|
|
xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html
|
|
xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html
|
|
xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html
|
|
xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html
|
|
xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html
|
|
xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html
|
|
xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html
|
|
xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html
|
|
mariadb55-server<5.5.46 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/
|
|
mariadb55-server<5.5.45 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5545-release-notes/
|
|
unzip<6.0nb5 remote-code-execution http://www.cvedetails.com/cve/CVE-2015-7696/
|
|
unzip<6.0nb5 denial-of-service http://www.cvedetails.com/cve/CVE-2015-7697/
|
|
postgresql90-server<9.0.23 buffer-overflow http://www.postgresql.org/about/news/1615/
|
|
postgresql91-server<9.1.19 buffer-overflow http://www.postgresql.org/about/news/1615/
|
|
postgresql92-server<9.2.14 buffer-overflow http://www.postgresql.org/about/news/1615/
|
|
postgresql93-server<9.3.10 buffer-overflow http://www.postgresql.org/about/news/1615/
|
|
postgresql94-server<9.4.5 buffer-overflow http://www.postgresql.org/about/news/1615/
|
|
xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html
|
|
xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html
|
|
xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-150.html
|
|
xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html
|
|
xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html
|
|
xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-153.html
|
|
p5-HTML-Scrubber<0.15 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000171.html
|
|
mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695
|
|
mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696
|
|
mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697
|
|
firefox38<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.4
|
|
firefox<42.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox42
|
|
nss<3.20.1 multiple-vulnerabilities https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes
|
|
mediawiki>=1.25.0<1.25.3 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html
|
|
mediawiki>=1.24.0<1.24.4 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html
|
|
mediawiki>=1.23.0<1.23.11 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html
|
|
adobe-flash-plugin<11.2.202.548 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-28.html
|
|
roundcube<1.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8105
|
|
libreoffice>=5.0<5.0.1 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
|
|
libreoffice4>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
|
|
libreoffice4-bin>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
|
|
libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/
|
|
libreoffice>=5.0<5.0.0 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
|
|
libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
|
|
libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
|
|
libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/
|
|
libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
|
|
libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
|
|
libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/
|
|
libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
|
|
libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
|
|
libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/
|
|
mbedtls<1.3.14 heap-overflow https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01
|
|
libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198
|
|
libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199
|
|
libvdpau<1.1.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200
|
|
p5-HTML-Scrubber<0.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5667
|
|
elasticsearch<1.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4165
|
|
elasticsearch<1.6.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5377
|
|
qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6855
|
|
qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7295
|
|
squid<3.5.2 unauthorized-access http://bugs.squid-cache.org/show_bug.cgi?id=4066
|
|
xscreensaver<5.34 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8025
|
|
png>=1.0<1.0.64 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126
|
|
png>=1.1<1.2.54 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126
|
|
png>=1.3<1.4.17 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126
|
|
png>=1.5<1.5.24 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126
|
|
png>=1.6<1.6.19 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126
|
|
mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698
|
|
wireshark<1.12.8 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-30.html
|
|
openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt
|
|
openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt
|
|
openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt
|
|
openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt
|
|
openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt
|
|
openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt
|
|
pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327
|
|
pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328
|
|
pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380
|
|
pcre<8.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382
|
|
pcre<8.38 uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390
|
|
pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383
|
|
pcre<8.38 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394
|
|
pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381
|
|
pcre2<10.20 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381
|
|
pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392
|
|
pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386
|
|
pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385
|
|
pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388
|
|
pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384
|
|
pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389
|
|
pcre<8.38 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393
|
|
pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391
|
|
pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395
|
|
ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8218
|
|
ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8216
|
|
ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8217
|
|
ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8219
|
|
ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363
|
|
ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365
|
|
ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364
|
|
magento-[0-9]* cross-site-request-forgeries http://www.vulnerability-lab.com/get_content.php?id=1643
|
|
magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1636
|
|
proftpd<1.3.5b heap-overflow http://seclists.org/bugtraq/2015/Nov/109
|
|
libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
|
|
libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
|
|
libxml2<2.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
|
|
suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
|
|
suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
|
|
suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
|
|
suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327
|
|
suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328
|
|
suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380
|
|
suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382
|
|
suse{,32}_base-[0-9]* uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390
|
|
suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383
|
|
suse{,32}_base-[0-9]* integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394
|
|
suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381
|
|
suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392
|
|
suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386
|
|
suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385
|
|
suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388
|
|
suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384
|
|
suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389
|
|
suse{,32}_base-[0-9]* sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393
|
|
suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391
|
|
suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395
|
|
libsndfile<1.0.25 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
|
|
libsndfile<1.0.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
|
|
suse{,32}_libsndfile<13.1nb2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
|
|
suse{,32}_libsndfile<13.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
|
|
libxslt<1.1.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
|
|
openssl>=1.0.2<1.0.2e multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt
|
|
suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt
|
|
cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8077
|
|
cyrus-imapd>=2.3<2.3.19 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076
|
|
cyrus-imapd>=2.4<2.4.18 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076
|
|
cyrus-imapd>=2.5<2.5.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076
|
|
cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8078
|
|
gcc48{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276
|
|
gcc49{,-libs}<4.9.4 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276
|
|
gcc50{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276
|
|
redis<3.0.6 integer-overflow https://security-tracker.debian.org/tracker/CVE-2015-8080
|
|
cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258
|
|
jenkins<1.625.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
|
|
putty>=0.54<0.66 integer-overflow http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html
|
|
nautilus-[0-9]* denial-of-service http://seclists.org/bugtraq/2015/Dec/11
|
|
gdm<3.18.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7496
|
|
nss<3.20.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
|
|
suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
|
|
xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-145.html
|
|
powerdns>=3.4.4<3.4.7 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/
|
|
sudo<1.8.15 symlink-attack http://www.sudo.ws/stable.html#1.8.15
|
|
salt<2015.8.3 multiple-vulnerabilities https://docs.saltstack.com/en/develop/topics/releases/2015.8.3.html
|
|
thunderbird<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.3
|
|
thunderbird<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.4
|
|
seamonkey<2.39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.39
|
|
openldap<2.4.44nb2 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3276
|
|
py{27,33,34}-django>=1.8<1.8.7 information-leak https://www.djangoproject.com/weblog/2015/nov/24/security-releases/
|
|
adobe-flash-plugin<11.2.202.554 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-32.html
|
|
cups-filters<1.2.0 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327
|
|
cups-filters<1.4.0 input-validation https://www.debian.org/security/2015/dsa-3419
|
|
png>=1.6<1.6.20 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472
|
|
ap{22,24}-subversion<1.9.3 information-disclosure http://subversion.apache.org/security/CVE-2015-5343-advisory.txt
|
|
cacti<0.8.8g sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377
|
|
cups-filters<1.5.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560
|
|
go<1.5.2nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618
|
|
grub2<2.0.3 authentication-bypass http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
|
|
xenkernel3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-162.html
|
|
xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-164.html
|
|
xenkernel45<4.5.1nb2 information-disclosure http://xenbits.xen.org/xsa/advisory-165.html
|
|
xenkernel45<4.5.1nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-166.html
|
|
firefox<43.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43
|
|
firefox38<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.5
|
|
bind>=9.9.0<9.9.8pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/
|
|
bind>=9.10.0<9.10.3pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/
|
|
giflib-util<5.1.2 heap-overflow https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7555
|
|
tiff<4.0.8nb1 arbitrary-memory-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7554
|
|
suse{,32}_libtiff-[0-9]* arbitrary-memory-access http://www.securityfocus.com/archive/1/537205
|
|
tiff<4.0.7 heap-overflow http://www.securityfocus.com/archive/1/537208
|
|
suse{,32}_libtiff-[0-9]* heap-overflow http://www.securityfocus.com/archive/1/537208
|
|
phpmyadmin>=4.0.0.0<4.0.10.12 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/
|
|
phpmyadmin>=4.4.0.0<4.4.15.2 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/
|
|
phpmyadmin>=4.5.0.0<4.5.3.1 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/
|
|
bugzilla>=2.6<4.2.16 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518
|
|
bugzilla>=4.3.1<4.4.11 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518
|
|
bugzilla>=4.5.1<5.0.2 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518
|
|
bugzilla>=2.17.1<4.216 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785
|
|
bugzilla>=4.3.1<4.4.11 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785
|
|
bugzilla>=4.5.1<5.0.2 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785
|
|
ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8662
|
|
ffmpeg2<2.8.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8661
|
|
ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8663
|
|
libxml2<2.9.3 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430
|
|
suse{,32}_libxml2-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430
|
|
thunderbird<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5
|
|
py{27,33,34,35}-trytond>=3.2<3.8.1 unauthorized-access https://security-tracker.debian.org/tracker/CVE-2015-0861
|
|
adobe-flash-plugin<11.2.202.559 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html
|
|
webkit-gtk{,3}<2.10.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html
|
|
netsurf<3.4 multiple-vulnerabilities https://marc.info/?l=oss-security&m=145028560403474&w=2
|
|
dpkg<1.16.17 off-by-one http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860
|
|
samba>=4.0.0<4.1.22 memory-corruption https://www.samba.org/samba/security/CVE-2015-7540.html
|
|
samba>=4.0.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-8467.html
|
|
samba>=4.0.0<4.3.2 out-of-bounds-write https://www.samba.org/samba/security/CVE-2015-5330.html
|
|
samba>=3.2.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-5299.html
|
|
samba>=3.2.0<4.3.2 man-in-the-middle https://www.samba.org/samba/security/CVE-2015-5296.html
|
|
samba>=3.0.0<4.3.2 symlink-attack https://www.samba.org/samba/security/CVE-2015-5252.html
|
|
samba>=4.0.0<4.3.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-3223.html
|
|
nodejs>=0.12<0.12.9 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/
|
|
nodejs>=4<4.2.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/
|
|
nodejs>=5<5.1.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/
|
|
pcre<8.38nb1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283
|
|
bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508
|
|
bugzilla>=4.3<4.4.11 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508
|
|
bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508
|
|
bugzilla>=4.3<4.4.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509
|
|
bugzilla>=5.0<5.0.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509
|
|
wireshark<1.12.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.9.html
|
|
git-base<2.6.1 arbitrary-code-execution http://www.openwall.com/lists/oss-security/2015/10/06/1
|
|
php{54,55,56}-owncloud>8.2.0<8.2.2 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001
|
|
php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002
|
|
php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003
|
|
subversion>1.9<1.9.3 heap-overflow http://subversion.apache.org/security/CVE-2015-5259-advisory.txt
|
|
qemu<2.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7512
|
|
nss<3.20.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/
|
|
suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/
|
|
gummi<0.6.6 symlink-attack http://www.openwall.com/lists/oss-security/2015/10/08/5
|
|
typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/
|
|
typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/
|
|
typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/
|
|
typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/
|
|
typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/
|
|
typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-015/
|
|
py{35,34,33,27}-pygments<2.0.2nb1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8557
|
|
foomatic-filters>4 input-validation https://www.debian.org/security/2015/dsa-3419
|
|
foomatic-filters>4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560
|
|
ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1897
|
|
ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1898
|
|
gnutls<3.3.15 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
|
|
gnutls>=3.4<3.4.1 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
|
|
prosody<0.9.9 multiple-vulnerabilities http://blog.prosody.im/prosody-0-9-9-security-release/
|
|
p5-PathTools<3.62 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607
|
|
php{54,55,56}-owncloud<8.0.9 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004
|
|
php{54,55,56}-owncloud>8.1.0<8.1.4 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004
|
|
php{54,55,56}-owncloud<7.0.12 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001
|
|
php{54,55,56}-owncloud>8.0.0<8.0.10 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001
|
|
php{54,55,56}-owncloud>8.1.0<8.1.5 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001
|
|
php{54,55,56}-owncloud<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002
|
|
php{54,55,56}-owncloud<8.1.0 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002
|
|
php{54,55,56}-owncloud<7.0.12 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003
|
|
php{54,55,56}-owncloud>8.0.0<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003
|
|
qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1779
|
|
nghttp2<1.6.0 unknown-impact https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8659
|
|
py{27,33,34,35}-rsa<3.3 signature-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1494
|
|
openssh<7.1.1nb2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
|
|
openssh<7.1.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
|
|
openssh<7.1.1nb3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907
|
|
isc-dhclient<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334
|
|
isc-dhcp<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334
|
|
isc-dhcpd<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334
|
|
isc-dhcrelay<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334
|
|
roundcube<1.1.4 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8770
|
|
roundcube<1.1.2 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8793
|
|
roundcube<1.1.2 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8794
|
|
gajim<0.16.5 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688
|
|
h2o<1.6.2 http-response-splitting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1133
|
|
bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01335
|
|
bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01335
|
|
bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01336
|
|
bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01336
|
|
php>=5.5<5.5.28 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.28
|
|
php>=5.6<5.6.12 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.12
|
|
php>=5.5<5.5.27 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.27
|
|
php>=5.6<5.6.11 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.11
|
|
php>=7.0<7.0.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.1
|
|
php>=5.5<5.5.31 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.31
|
|
php>=5.6<5.6.17 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.17
|
|
php>=7.0<7.0.2 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.2
|
|
oracle-{jdk,jre}8<8.0.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA
|
|
openjdk8<1.8.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA
|
|
mysql-server>=5.5<5.5.47 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.28 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.10 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
|
|
cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1899
|
|
cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1900
|
|
cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1901
|
|
jasper<1.900.2 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867
|
|
suse{,32}_base<13.1nb11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
|
|
suse{,32}_base-[0-9]* stack-overflow https://sourceware.org/bugzilla/show_bug.cgi?id=17905
|
|
prosody<0.9.10 spoofing-attack https://prosody.im/security/advisory_20160127/
|
|
xenkernel45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-167.html
|
|
xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-168.html
|
|
claws-mail<3.13.1 arbitrary-code-execution https://security-tracker.debian.org/tracker/CVE-2015-8614
|
|
php55-fpm<5.5.31 buffer-overflow https://bugs.php.net/bug.php?id=70755
|
|
php55-fpm<5.6.17 buffer-overflow https://bugs.php.net/bug.php?id=70755
|
|
php70-fpm<7.0.2 buffer-overflow https://bugs.php.net/bug.php?id=70755
|
|
ruby{18,193,200,21,22}-activesupport>=3.0<4.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226
|
|
ruby{18,193,200,21,22}-activesupport<4.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227
|
|
ruby{18,193,200,21,22}-actionpack<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2
|
|
ruby{18,193,200,21,22}-activesupport<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2
|
|
ruby{18,193,200,21,22}-actionpack<3.2.22.1 denial-of-service https://marc.info/?l=oss-security&m=145375035828624&w=2
|
|
ruby{18,193,200,21,22}-actionpack<3.2.22.1 directory-traversal https://marc.info/?l=oss-security&m=145375068928706&w=2
|
|
privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1982
|
|
privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1983
|
|
mariadb-client<5.5.47 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047
|
|
magento-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1203
|
|
magento<2.0.1 man-in-the-middle https://cxsecurity.com/issue/WLB-2016010129
|
|
ntp<4.2.8p6 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
|
|
chrony<1.31.2 validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1567
|
|
openssl>=1.0.1<1.0.1r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt
|
|
openssl>=1.0.2<1.0.2f multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt
|
|
suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt
|
|
go<1.5.3 weak-cryptography https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618
|
|
libebml<1.3.3 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8789
|
|
libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8790
|
|
libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8791
|
|
curl<7.47.0 ntlm-authentication-hijack http://curl.haxx.se/docs/adv_20160127A.html
|
|
curl<7.47.0 directory-traversal http://curl.haxx.se/docs/adv_20160127B.html
|
|
firefox<44.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox44
|
|
firefox38<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.6
|
|
Radicale<1.1 multiple-vulnerabilities http://radicale.org/news/#2015-12-31@11:54:03
|
|
asterisk>=11.0<11.21.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html
|
|
asterisk>=13.0<13.7.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html
|
|
asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html
|
|
asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html
|
|
asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html
|
|
asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html
|
|
webkit-gtk{,3}<2.10.7 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html
|
|
tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781
|
|
suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781
|
|
tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782
|
|
suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782
|
|
tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783
|
|
suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783
|
|
openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1923
|
|
openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1924
|
|
ffmpeg2<2.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213
|
|
mit-krb5<1.14.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629
|
|
mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630
|
|
mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631
|
|
salt<2015.8.4 remote-code-execution https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html
|
|
firefox<44.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/
|
|
firefox38<38.6.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/
|
|
xymon<4.3.25 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2054
|
|
xymon<4.3.25 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2055
|
|
xymon<4.3.25 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2056
|
|
xymon<4.3.25 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2057
|
|
xymon<4.3.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2058
|
|
ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213
|
|
ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2328
|
|
ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2329
|
|
ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2330
|
|
adobe-flash-plugin<11.2.202.569 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
|
|
nodejs>=0.12<0.12.10 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
|
|
nodejs>=4<4.3.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
|
|
nodejs>=5<5.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
|
|
wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221
|
|
wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222
|
|
php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221
|
|
php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222
|
|
postgresql91-server<9.1.20 buffer-overflow http://www.postgresql.org/about/news/1644/
|
|
postgresql92-server<9.2.15 buffer-overflow http://www.postgresql.org/about/news/1644/
|
|
postgresql93-server<9.3.11 buffer-overflow http://www.postgresql.org/about/news/1644/
|
|
postgresql94-server<9.4.6 buffer-overflow http://www.postgresql.org/about/news/1644/
|
|
nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742
|
|
nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746
|
|
nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747
|
|
nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742
|
|
nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746
|
|
nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747
|
|
libgcrypt<1.6.5 side-channel https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html
|
|
ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7576
|
|
ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7578
|
|
ruby{18,193,200,21,22}-activerecord32<3.2.22.1 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577
|
|
ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577
|
|
libssh2<1.7.0 weak-cryptography https://www.libssh2.org/adv_20160223.html
|
|
suse{,32}_base<13.1nb11 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3481
|
|
gtk2+<2.24.29nb1 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447
|
|
gtk3+<3.9.8 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447
|
|
apache-tomcat>=6.0<6.0.45 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
|
|
apache-tomcat>=7.0<7.0.65 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
|
|
apache-tomcat>=8.0<8.0.27 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174
|
|
apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
|
|
apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763
|
|
apache-tomcat>=7.0<7.0.66 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346
|
|
apache-tomcat>=8.0<8.0.30 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346
|
|
apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714
|
|
apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714
|
|
apache-tomcat>=6.0<6.0.45 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
|
|
apache-tomcat>=7.0<7.0.67 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
|
|
apache-tomcat>=8.0<8.0.30 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345
|
|
apache-tomcat>=7.0<7.0.68 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
|
|
apache-tomcat>=8.0<8.0.31 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
|
|
apache-tomcat>=6.0<6.0.45 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
|
|
apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
|
|
apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706
|
|
xerces-c<3.1.3 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0729
|
|
gajim<0.16.5 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688
|
|
thunderbird<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6
|
|
websvn-[0-9]* cross-site-scripting https://marc.info/?l=full-disclosure&m=145614987429774&w=2
|
|
magento<1.9.2.3 weak-authentication https://magento.com/security/patches/supee-7405
|
|
phpmyadmin>=4.0.0.0<4.0.10.13 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/
|
|
phpmyadmin>=4.4.0.0<4.4.15.3 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/
|
|
phpmyadmin>=4.5.0.0<4.5.4 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/
|
|
nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8805
|
|
nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8804
|
|
nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8803
|
|
moodle>=3.0<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0725
|
|
moodle>=3.0<3.0.2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0724
|
|
gcpio<2.13 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2037
|
|
phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-9/
|
|
phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-2/
|
|
phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-1/
|
|
phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-3/
|
|
phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-6/
|
|
phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-7/
|
|
phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-8/
|
|
phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-5/
|
|
php{55,56,70}-basercms<3.0.9 code-injection http://basercms.net/security/JVN69854312
|
|
php{55,56,70}-owncloud>8.2<8.2.2 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt
|
|
libreoffice<5.0.4 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794
|
|
libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794
|
|
libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794
|
|
libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794
|
|
libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794
|
|
libreoffice<5.0.5 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795
|
|
libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795
|
|
libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795
|
|
libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795
|
|
libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795
|
|
squid>=3.5<3.5.15 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_2.txt
|
|
wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-09.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-07.html
|
|
wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-06.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-05.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-03.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-02.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-08.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-04.html
|
|
firefox<43.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/
|
|
graphite2<1.3.5 arbitrary-code-execution http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
|
|
ruby{18,193,200,21,22}-actionpack-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7581
|
|
ruby{18,193,200,21,22}-actionpack-[0-9]* code-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7579
|
|
ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7580
|
|
drupal-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby192-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby193-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby200-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
postfix<3.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
horde<5.2.9 cross-site-scripting http://lists.horde.org/archives/announce/2016/001140.html
|
|
py{34,33,27,26}-Pillow<3.1.1 multiple-vulnerabilities https://pillow.readthedocs.org/en/3.1.x/releasenotes/3.1.1.html
|
|
drupal<7.43 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-001
|
|
openssl>=1.0.2<1.0.2g multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt
|
|
phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-10/
|
|
phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-11/
|
|
phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-12/
|
|
phpmyadmin>=4.5.0.0<4.5.5.1 man-in-the-middle https://www.phpmyadmin.net/security/PMASA-2016-13/
|
|
roundup<1.5.1 sensitive-information-disclosure https://pypi.python.org/pypi/roundup/1.5.1
|
|
libotr<4.1.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2851
|
|
firefox<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45
|
|
firefox38<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.7
|
|
xfce4-thunar<1.6.10nb2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447
|
|
jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577
|
|
jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116
|
|
jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089
|
|
php>=5.5<5.5.33 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.33
|
|
php>=5.6<5.6.19 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.19
|
|
php>=7.0<7.0.4 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.4
|
|
bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01351/0
|
|
bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01352/0
|
|
bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01352/0
|
|
bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01353/0
|
|
bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01353/0
|
|
isc-dhcpd<4.3.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774
|
|
nss<3.21.1 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1950
|
|
adobe-flash-plugin<11.2.202.577 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
|
|
samba>=3<3.9999 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560
|
|
samba>=4<4.3.6 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560
|
|
samba>=4<4.3.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0771
|
|
openssh<7.2.2 command-injection http://www.openssh.com/txt/x11fwd.adv
|
|
ruby{18,193,200,21,22}-actionpack<3.2.22.2 information-leak https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ
|
|
ruby{18,193,200,21,22}-actionpack<3.2.22.2 remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ
|
|
ruby{18,193,200,21,22}-redmine-[0-9]* remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ
|
|
apollo-[0-9]* clickjacking http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
|
|
apollo-[0-9]* cross-site-scripting http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
|
|
thunderbird<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7
|
|
quagga<1.0.20160309 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2342
|
|
graphite2<1.3.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
|
|
git-base<2.7.3nb1 multiple-vulnerabilities http://seclists.org/oss-sec/2016/q1/645
|
|
pcre<8.38nb2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191
|
|
pcre2<10.22 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html
|
|
webkit-gtk{,3}<2.10.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html
|
|
apollo-[0-9]* arbitrary-code-execution http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
|
|
xenkernel45<4.5.1nb2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-159.html
|
|
xenkernel45<4.5.1nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-160.html
|
|
xenkernel45<4.5.1nb2 remote-code-execution http://xenbits.xen.org/xsa/advisory-155.html
|
|
xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-154.html
|
|
xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-170.html
|
|
oracle-{jdk,jre}8<8.0.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
|
|
openjdk8<1.8.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
|
|
pixman<0.32.6 integer-overflow https://www.debian.org/security/2016/dsa-3525
|
|
dropbear<2016.72 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116
|
|
libmatroska<1.4.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8792
|
|
pidgin-otr<4.0.2 denial-of-service https://www.debian.org/security/2016/dsa-3528
|
|
ruby{18,193,200,21,22}-redmine<3.2.0 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3529
|
|
inspircd<2.0.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8702
|
|
mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html
|
|
webkit-gtk{,3}<2.10.5 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html
|
|
imlib2<1.4.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3537
|
|
imebml<1.3.3 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3538
|
|
go>=1.6<1.6nb1 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1
|
|
putty<0.67 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2563
|
|
adobe-flash-plugin<11.2.202.616 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
|
|
websvn<2.3.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2511
|
|
erlang<18.0 man-in-the-middle http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2774
|
|
optipng<0.7.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191
|
|
squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947
|
|
squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948
|
|
lhasa<0.3.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2347
|
|
py{27,34,35,36}-mercurial<3.7.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3630
|
|
py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3068
|
|
py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3069
|
|
srtp<1.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6360
|
|
exim<4.86.2 privilege-escalation http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1531
|
|
py{27,33,34}-django>=1.9<1.9.3 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513
|
|
go>=1.5<1.5.4 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1
|
|
proftpd<1.3.5b unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3125
|
|
jenkins<1.642.2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788
|
|
jenkins<1.650 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788
|
|
jenkins<1.642.2 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789
|
|
jenkins<1.650 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789
|
|
jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790
|
|
jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790
|
|
jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791
|
|
jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791
|
|
jenkins<1.642.2 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792
|
|
jenkins<1.650 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792
|
|
perl<5.22.1nb1 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381
|
|
bozohttpd<20160415 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8212
|
|
cacti<0.8.8g sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8604
|
|
nodejs>=0.10.0<0.10.42 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/
|
|
postgresql95-server<9.5.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1656/
|
|
py{27,33,34,35}-django<1.8.10 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512
|
|
py{27,33,34,35}-django>=1.9<1.9.3 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512
|
|
cacti-[0-9]* remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3659
|
|
squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947
|
|
squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948
|
|
libvirt-[0-9]* arbitrary-file-access http://security.libvirt.org/2015/0004.html
|
|
claws-mail<3.13.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8708
|
|
samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118
|
|
samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118
|
|
samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118
|
|
samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110
|
|
samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110
|
|
samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110
|
|
samba<4.2.11 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370
|
|
samba>=4.3<4.3.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370
|
|
samba>=4.4<4.4.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370
|
|
samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113
|
|
samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113
|
|
samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113
|
|
samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114
|
|
samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114
|
|
samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114
|
|
samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115
|
|
samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115
|
|
samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115
|
|
samba<4.2.11 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111
|
|
samba>=4.3<4.3.8 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111
|
|
samba>=4.4<4.4.2 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111
|
|
samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112
|
|
samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112
|
|
samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112
|
|
qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857
|
|
qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858
|
|
qemu<2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1714
|
|
qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5158
|
|
qemu<2.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1568
|
|
cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659
|
|
cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172
|
|
cacti-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313
|
|
tiff<4.0.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467
|
|
suse{,32}_libtiff-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467
|
|
tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547
|
|
suse{,32}_libtiff-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547
|
|
tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186
|
|
suse{,32}_libtiff-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186
|
|
xenkernel45<4.5.3 information-leak http://xenbits.xen.org/xsa/advisory-172.html
|
|
xenkernel45<4.5.3 address-width-overflow http://xenbits.xen.org/xsa/advisory-173.html
|
|
libssh<0.73 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739
|
|
libssh2<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787
|
|
py{35,34,33,27}-Pillow<3.1.1 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3499
|
|
optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3981
|
|
optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3982
|
|
optipng<0.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7801
|
|
optipng<0.7.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802
|
|
libxml2<2.9.4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
|
|
suse{,32}_libxml2-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
|
|
py{35,34,33,27}-django-cms-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1821
|
|
asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-004.html
|
|
asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-005.html
|
|
libvirt>=1.2.14<1.2.20 denial-of-service http://security.libvirt.org/2015/0004.html
|
|
openssh<7.2.2nb1 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8325
|
|
thunderbird>=39<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45
|
|
dhcpcd<6.10.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1503
|
|
dhcpcd<6.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1504
|
|
latex2rtf<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8106
|
|
gdk-pixbuf2<2.33 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7552
|
|
vlc<2.2.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941
|
|
xdelta3<3.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9765
|
|
suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
|
|
ffmpeg1-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479
|
|
ffmepg010-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479
|
|
squid>=3.5<3.5.14 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2016_1.txt
|
|
squid>=3.5<3.5.17 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2016_5.txt
|
|
squid>=3.5<3.5.17 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_6.txt
|
|
gd<2.1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074
|
|
hexchat<2.10.2 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7449
|
|
mysql-client>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL
|
|
mysql-server>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL
|
|
mysql-client>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA
|
|
openjdk8<1.8.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA
|
|
cairo<1.14.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3190
|
|
giflib-util<5.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3977
|
|
varnish<3.0.7 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852
|
|
imlib2<1.4.9 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3555
|
|
firefox<46.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46
|
|
firefox38<38.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.8
|
|
qemu<2.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4002
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-19.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-20.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-21.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html
|
|
wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html
|
|
samba>=4.4<4.4.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-5370.html
|
|
php>=5.6<5.6.20 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.20
|
|
php>=7.0<7.0.6 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.6
|
|
ImageMagick<6.9.3.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/02/22/4
|
|
poppler<0.40.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8868
|
|
subversion>1.9<1.9.4 authentication-bypass http://subversion.apache.org/security/CVE-2016-2167-advisory.txt
|
|
subversion>1.9<1.9.4 denial-of-service http://subversion.apache.org/security/CVE-2016-2168-advisory.txt
|
|
php>=5.6<5.6.21 denial-of-service https://secure.php.net/ChangeLog-5.php#5.6.21
|
|
ntp<4.2.8p7 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-12.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-13.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-14.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-15.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-16.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-17.html
|
|
wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-18.html
|
|
jq<1.5nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8863
|
|
jq<1.5nb4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4074
|
|
ImageMagick<6.9.3.10 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3714
|
|
ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3715
|
|
ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3716
|
|
ImageMagick<6.9.3.10 information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3717
|
|
ImageMagick<6.9.3.10 request-forgery http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3718
|
|
libtasn1<4.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4008
|
|
openssl>=1.0.2<1.0.2h multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt
|
|
libarchive<3.2.0 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1541
|
|
lcms2<2.6 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7455
|
|
py{27,34,35,36}-mercurial<3.8.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3105
|
|
openafs<1.6.17 remote-security-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt
|
|
openafs<1.6.17 remote-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
|
|
openafs<1.6.16 denial-of-service https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16
|
|
qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710
|
|
qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712
|
|
xentools45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-179.html
|
|
wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4476
|
|
wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4477
|
|
adobe-flash-plugin<11.2.202.621 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-02.html
|
|
squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_7.txt
|
|
squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_8.txt
|
|
squid<3.5.18 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_9.txt
|
|
ikiwiki<3.20160506 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4561
|
|
botan<1.10.13 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565
|
|
botan>=1.11.0<1.11.27 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565
|
|
botan>=1.8.3<1.10.8 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742
|
|
botan>=1.11.0<1.11.9 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742
|
|
botan>=1.11.0<1.11.27 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2196
|
|
botan>=1.11.0<1.11.29 ssl-downgrade http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2850
|
|
botan>=1.7.15<1.10.13 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849
|
|
botan>=1.11.0<1.11.29 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849
|
|
jenkins<1.651.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2016-05-11/
|
|
jansson<2.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-4425
|
|
libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
|
|
libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
|
|
libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627
|
|
suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html
|
|
libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3705
|
|
suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html
|
|
expat<2.1.1nb1 arbitrary-code-execution https://www.debian.org/security/2016/dsa-3582
|
|
bugzilla>=4.4<4.4.12 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263
|
|
bugzilla>=5.0<5.0.3 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263
|
|
xerces-c<3.1.4 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099
|
|
nss<3.21.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
|
|
php>=5.5<5.5.34 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.34
|
|
qemu<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4439
|
|
qemu<2.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4441
|
|
librsvg<2.40.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7558
|
|
librsvg<2.40.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7557
|
|
librsvg<2.40.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4348
|
|
moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330173
|
|
moodle>=3.0<3.0.3 referer-leak https://moodle.org/mod/forum/discuss.php?d=330181
|
|
moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330182
|
|
moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330180
|
|
moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330178
|
|
moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330176
|
|
moodle>=3.0<3.0.3 cross-site-request-forgeries https://moodle.org/mod/forum/discuss.php?d=330179
|
|
moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330174
|
|
moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330175
|
|
wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html
|
|
wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html
|
|
wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html
|
|
wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html
|
|
wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html
|
|
wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html
|
|
wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html
|
|
wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html
|
|
wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html
|
|
wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html
|
|
wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html
|
|
wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html
|
|
php>=5.5<5.5.35 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.35
|
|
wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564
|
|
php{55,56,70}-ja-wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564
|
|
wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834
|
|
php{55,56,70}-ja-wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834
|
|
xenkernel45<4.5.3nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-176.html
|
|
wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567
|
|
php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567
|
|
wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566
|
|
php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1762
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1833
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1834
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1835
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1836
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1837
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1838
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1839
|
|
libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1840
|
|
libxml2<2.9.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4483
|
|
websvn-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1236
|
|
qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8558
|
|
qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4037
|
|
qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4001
|
|
qemu<2.6.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4020
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html
|
|
webkit-gtk<2.12.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html
|
|
quagga-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4049
|
|
libvirt<1.3.3 denial-of-service http://www.openwall.com/lists/oss-security/2016/05/24/5
|
|
xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html
|
|
jetty>=9.3.0<9.3.9 information-disclosure http://www.ocert.org/advisories/ocert-2016-001.html
|
|
pgpdump<0.30 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4021
|
|
typo<6.2.20 security-bypass http://seclists.org/bugtraq/2016/May/94
|
|
perl<5.22.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8853
|
|
gd<2.1.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2013-7456
|
|
libxml2<2.9.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
|
|
libxml2<2.9.4 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
|
|
libxml2<2.9.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
|
|
ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4562
|
|
ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4563
|
|
ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4564
|
|
ImageMagick<7.0.1.8 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118
|
|
GraphicsMagick<1.3.24 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118
|
|
gdk-pixbuf2<2.33.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8875
|
|
ansible<1.9.6 insecure-temp-files http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3096
|
|
nginx<1.8.1nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450
|
|
nginx>=1.9<1.9.10nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450
|
|
xentools45<4.5.3nb3 privilege-escalation http://xenbits.xen.org/xsa/advisory-178.html
|
|
xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-179.html
|
|
xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html
|
|
xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-181.html
|
|
firefox<47.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47
|
|
firefox45<45.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.2
|
|
libksba<1.3.4 multiple-vulnerabilities http://www.ubuntu.com/usn/USN-2982-1/
|
|
ruby{18,21,22,23}-puppet>4.0<4.4.2 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2785
|
|
qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4453
|
|
qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4454
|
|
qemu<2.6.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5126
|
|
qemu<2.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5337
|
|
qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5238
|
|
ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563
|
|
ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564
|
|
ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562
|
|
ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563
|
|
ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564
|
|
ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562
|
|
atheme<7.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4478
|
|
atheme<7.2.7 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9773
|
|
ntp<4.2.8p8 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi
|
|
freetype2<2.5.4 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1
|
|
ansible>=1.9<1.9.6.1 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096
|
|
ansible>=2.0<2.0.2.0 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096
|
|
vlc<2.2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108
|
|
clamav<0.99.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405
|
|
suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html
|
|
libxslt<1.1.29 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
|
|
libxslt<1.1.29 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
|
|
ocaml<4.03.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869
|
|
thunderbird>=45<45.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.1
|
|
thunderbird38<38.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.8
|
|
adobe-flash-plugin<11.2.202.621 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
|
|
adobe-flash-plugin<11.2.202.621 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-03.html
|
|
drupal>=7<7.44 privilege-escalation https://www.drupal.org/SA-CORE-2016-002
|
|
php>=5.6<5.6.22 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.22
|
|
php>=5.5<5.5.36 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.36
|
|
php>=5.6<5.6.23 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.23
|
|
php>=5.5<5.5.37 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.37
|
|
qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2392
|
|
qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2538
|
|
qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2841
|
|
h2o<1.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4817
|
|
expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6702
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177
|
|
openssl>=1.0.2<1.0.2i side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2178
|
|
qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2391
|
|
expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5300
|
|
mDNSResponder<625.41.2 denial-of-service https://www.kb.cert.org/vuls/id/143335
|
|
openssl>=1.0.1<1.0.1s multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt
|
|
openssl>=1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt
|
|
openssl<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt
|
|
openssl>=1.0.1<1.0.1t multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt
|
|
openssl>=1.0.1<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303
|
|
openssl<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303
|
|
php{55,56,70}-contao41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php-5.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838
|
|
wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832
|
|
wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833
|
|
wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834
|
|
wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835
|
|
wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836
|
|
wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837
|
|
wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839
|
|
php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838
|
|
php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832
|
|
php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833
|
|
php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834
|
|
php{55,56,70}-ja-wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835
|
|
php{55,56,70}-ja-wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836
|
|
php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837
|
|
php{55,56,70}-ja-wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839
|
|
xerces-c<3.1.4 denial-of-service http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
|
|
apache-tomcat>=7.0<7.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
|
|
apache-tomcat>=8.0<8.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092
|
|
libreoffice<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
|
|
libreoffice-bin<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
|
|
libreoffice>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
|
|
libreoffice-bin>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/
|
|
dnsmasq<2.76 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899
|
|
haproxy<1.6.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5360
|
|
bzip2<1.0.7 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189
|
|
wget<1.18 arbitrary-file-overwrite http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4971
|
|
expat<2.2.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472
|
|
suse{,32}_expat-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472
|
|
sqlite3<3.13.0 data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
|
|
suse{,32}_sqlite3-[0-9]* data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
|
|
nodejs>=0.10<0.10.44 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956
|
|
nodejs>=0.12<0.12.13 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956
|
|
nodejs>=4<4.4.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956
|
|
nodejs>=5<5.10.0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956
|
|
phpmyadmin>=4.6<4.6.3 parameter-injection https://www.phpmyadmin.net/security/PMASA-2016-18/
|
|
phpmyadmin>=4.0<4.0.10.16 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/
|
|
phpmyadmin>=4.4<4.4.15.7 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/
|
|
phpmyadmin>=4.6<4.6.3 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/
|
|
phpmyadmin>=4.0<4.0.10.16 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/
|
|
phpmyadmin>=4.4<4.4.15.7 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/
|
|
phpmyadmin>=4.6<4.6.3 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/
|
|
phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-20/
|
|
phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/
|
|
phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/
|
|
phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/
|
|
phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-25/
|
|
phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/
|
|
phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/
|
|
phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/
|
|
phpmyadmin>=4.0<4.0.10.16 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/
|
|
phpmyadmin>=4.4<4.4.15.7 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/
|
|
phpmyadmin>=4.6<4.6.3 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/
|
|
phpmyadmin>=4.0<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/
|
|
phpmyadmin>=4.4<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/
|
|
phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/
|
|
phpmyadmin>=4.4<4.4.15.7 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/
|
|
phpmyadmin>=4.6<4.6.3 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/
|
|
phpmyadmin>=5.0.10<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/
|
|
phpmyadmin>=4.4.15<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/
|
|
phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/
|
|
phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/
|
|
phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/
|
|
phpmyadmin>=4.4<4.4.15.6 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/
|
|
phpmyadmin>=4.6<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/
|
|
phpmyadmin<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-14/
|
|
contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
|
|
php{55,56,70}-contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
|
|
php{55,56,70}-contao41-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
|
|
php{55,56,70}-contao42<4.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
|
|
libbpg>=0.9.5 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5637
|
|
adobe-flash-plugin<11.2.202.632 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-25.html
|
|
go>=1.6<1.6.3 input-validation https://golang.org/issue/16405
|
|
thunderbird>=45<45.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2
|
|
bind>=9.0.0<9.9.9pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170
|
|
bind>=9.10.0<9.10.4pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170
|
|
bind>=9.0.0<9.9.9pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
|
|
bind>=9.10.0<9.10.4pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
|
|
apache-tomcat-5.5.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388
|
|
apache-tomcat-6.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388
|
|
apache-tomcat-7.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388
|
|
apache-tomcat<8.0.37 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388
|
|
gimp<2.8.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994
|
|
apache<2.2.31nb4 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
|
|
apache>=2.4<2.4.23nb2 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387
|
|
apache>=2.4.18<2.4.23 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979
|
|
libvirt<2.0.0 authentication-bypass http://security.libvirt.org/2016/0001.html
|
|
apache>=2.4.17<2.4.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546
|
|
samba>=4.0<4.2.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119
|
|
samba>=4.3<4.3.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119
|
|
samba>=4.4<4.4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119
|
|
kinit<5.23 information-disclosure https://www.kde.org/info/security/advisory-20160621-1.txt
|
|
GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8808
|
|
GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4589
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-31.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html
|
|
wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-37.html
|
|
wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-38.html
|
|
py{27,33,34,35}-django>=1.9<1.9.8 cross-site-scripting https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
|
|
harfbuzz<1.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8947
|
|
php>=5.5<5.6 out-of-bounds-write https://bugs.php.net/bug.php?id=72613
|
|
php>=5.6<5.6.24 out-of-bounds-write https://bugs.php.net/bug.php?id=72613
|
|
php>=7<7.0.9 out-of-bounds-write https://bugs.php.net/bug.php?id=72613
|
|
mysql>=5.5<5.5.50 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
|
|
mysql>=5.6<5.6.31 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL
|
|
bsdiff<4.3nb1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9862
|
|
php>=5.5<5.5.38 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385
|
|
php>=5.6<5.6.24 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385
|
|
php>=7<7.0.9 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385
|
|
oracle-{jdk,jre}8<8.0.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA
|
|
openjdk8<1.8.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA
|
|
openssh<7.3 valid-account-enumeration http://seclists.org/fulldisclosure/2016/Jul/51
|
|
wireshark<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mariadb-server<5.5.50 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/
|
|
icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6293
|
|
p5-DBD-mysql<4.031 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9906
|
|
gd<2.2.3 multiple-vulnerabilities https://github.com/libgd/libgd/releases/tag/gd-2.2.3
|
|
collectd<5.4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6254
|
|
mit-krb5<1.14.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120
|
|
perl<5.22.3 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238
|
|
perl>5.24.0<5.24.1 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238
|
|
perl<5.22.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185
|
|
perl>5.24.0<5.24.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185
|
|
p5-XSLoader-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2180
|
|
karchive<5.24 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6232
|
|
xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html
|
|
xentools46<4.6.3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html
|
|
xenkernel45<4.5.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html
|
|
xenkernel46<4.6.4 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html
|
|
redis<3.2.3 insecure-file-permissions https://www.suse.com/security/cve/CVE-2013-7458.html
|
|
qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403
|
|
qemu0-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403
|
|
xentools45<4.5.3nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html
|
|
xentools46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html
|
|
xenkernel45<4.5.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html
|
|
xenkernel46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html
|
|
curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html
|
|
suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html
|
|
curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html
|
|
suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html
|
|
curl>=7.32.0<7.50.1 use-after-free https://curl.haxx.se/docs/adv_20160803C.html
|
|
suse{,32}_libcurl-[0-9]* use-after-free https://curl.haxx.se/docs/adv_20160803C.html
|
|
php{55,56,70,71}-ja-wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635
|
|
wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635
|
|
php70-gd>=7.0<7.0.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128
|
|
php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
|
|
php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
|
|
php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766
|
|
php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767
|
|
php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767
|
|
php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767
|
|
php70-mbstring>=7.0<7.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768
|
|
php56-mbstring>=5.6<5.6.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768
|
|
php55-mbstring>=5.5<5.5.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768
|
|
php55-intl>=5.5<5.5.36 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093
|
|
php56-intl>=5.6<5.6.22 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093
|
|
php70-intl>=7.0<7.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093
|
|
php{55,56,70,71}-ja-wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634
|
|
wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634
|
|
php{55,56,70,71}-ja-wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
|
|
wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
|
|
openssh<7.3.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515
|
|
openssh<7.3.1 multiple-vulnerabilities http://www.openssh.com/txt/release-7.3
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-45.html
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-44.html
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-48.html
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-49.html
|
|
wireshark>=2.0<2.0.5 stack-overflow https://www.wireshark.org/security/wnpa-sec-2016-46.html
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-47.html
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-42.html
|
|
wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-41.html
|
|
nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951
|
|
suse{,32}_mozilla-nspr-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951
|
|
firefox<48.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48
|
|
firefox45<45.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.3
|
|
openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2016-1513.html
|
|
stunnel<5.34 unspecified https://www.stunnel.org/sdf_ChangeLog.html
|
|
stunnel<5.35 unspecified https://www.stunnel.org/sdf_ChangeLog.html
|
|
fontconfig<2.12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384
|
|
suse{,32}_fontconfig-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384
|
|
postgresql91-server<9.1.23 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423
|
|
postgresql92-server<9.2.18 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423
|
|
postgresql93-server<9.3.14 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423
|
|
postgresql94-server<9.4.9 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423
|
|
postgresql95-server<9.5.4 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423
|
|
postgresql91-client<9.1.23 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424
|
|
postgresql92-client<9.2.18 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424
|
|
postgresql93-client<9.3.14 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424
|
|
postgresql94-client<9.4.9 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424
|
|
postgresql95-client<9.5.4 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424
|
|
gd<2.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6161
|
|
libgcrypt<1.7.3 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
|
|
gnupg<1.4.21 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
|
|
p5-DBD-mysql<4.033 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8949
|
|
lighttpd<1.4.41 access-bypass http://www.lighttpd.net/2016/7/31/1.4.41/
|
|
php{55,56,70,71}-roundcube<1.1.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4069
|
|
binutils<2.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3509
|
|
ruby{18,193,200}-bundler<1.7.3 restriction-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0334
|
|
lighttpd<1.4.36 inject-log-entries https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200
|
|
libarchive<3.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211
|
|
libarchive<3.2.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304
|
|
eog>=3<3.20.4 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6855
|
|
ruby{18,21,22,23}-jquery-rails<3.0.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6662
|
|
python27<2.7.12 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772
|
|
python34<3.4.5 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772
|
|
python35<3.5.2 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772
|
|
python27<2.7.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636
|
|
python34<3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636
|
|
python35<3.5.2 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636
|
|
python27<2.7.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699
|
|
python34<3.4.4 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699
|
|
mailman<2.1.23 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6893
|
|
mailman<2.1.15 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7123
|
|
openoffice3{,-bin}-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3575
|
|
subversion-base<1.7.17 spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528
|
|
subversion-base>=1.4.0<1.7.18 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522
|
|
libvncserver-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6054
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html
|
|
webkit-gtk<2.12.4 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html
|
|
qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4952
|
|
qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5106
|
|
qemu<2.6.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5105
|
|
qemu<2.6.1 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5107
|
|
libVNCServer<0.9.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055
|
|
xenkernel45<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html
|
|
xenkernel45>=4.5.3<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html
|
|
xenkernel45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html
|
|
xenkernel46<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html
|
|
xenkernel46>=4.6.3<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html
|
|
xenkernel46<4.6.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html
|
|
libidn<1.33 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948
|
|
libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261
|
|
libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262
|
|
libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263
|
|
py{27,34,35}-trytond>=3.8<3.8.8 multiple-vulnerabilities http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html
|
|
libcrack<2.7nb2 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318
|
|
qemu<2.7.0 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6351
|
|
asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-006.html
|
|
asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html
|
|
asterisk>=11.0<11.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html
|
|
wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-50.html
|
|
wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-51.html
|
|
wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-52.html
|
|
wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-53.html
|
|
wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-54.html
|
|
wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-55.html
|
|
php70-curl<7.0.10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134
|
|
php>=7.0<7.0.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133
|
|
php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132
|
|
php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132
|
|
php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130
|
|
php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130
|
|
php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131
|
|
php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131
|
|
php70-exif<7.0.10 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128
|
|
php56-exif<5.6.25 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128
|
|
php70-wddx<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129
|
|
php56-wddx<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129
|
|
php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127
|
|
php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127
|
|
php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126
|
|
php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126
|
|
php>=7.0<7.0.10 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125
|
|
php<5.6.25 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125
|
|
php>=7.0<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124
|
|
php<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124
|
|
adobe-flash-plugin<11.2.202.635 restriction-bypass https://helpx.adobe.com/security/products/flash-player/apsb16-29.html
|
|
mysql-server>5.5<5.5.52 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html
|
|
mysql-server>5.6<5.6.33 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html
|
|
mysql-server>5.7<5.7.15 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
|
|
mariadb-server<5.5.51 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6662
|
|
curl<7.50.3 heap-overflow https://curl.haxx.se/docs/adv_20160914.html
|
|
cryptopp-[0-9]* sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7420
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2179
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2181
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2182
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6302
|
|
openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6303
|
|
php{54,55,56}-owncloud>9.0.0<9.0.4 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-011
|
|
php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411
|
|
php56-mysql<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
|
|
php56-mysqli<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
|
|
php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
|
|
php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
|
|
php56-intl<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
|
|
php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
|
|
php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
|
|
php70-mysql<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
|
|
php70-mysqli<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
|
|
php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
|
|
php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
|
|
php70-intl<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
|
|
php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
|
|
php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
|
|
irssi>=0.8.17<0.8.20 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2016.txt
|
|
openjpeg<2.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7163
|
|
flex<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6354
|
|
zookeeper<3.4.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5017
|
|
mupdf<1.9anb2 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6265
|
|
mupdf<1.9anb3 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6525
|
|
tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3990
|
|
php{55,56,70,71}-owncloud<9.0.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7419
|
|
icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415
|
|
firefox<49.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox49
|
|
firefox45<45.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.4
|
|
powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5426
|
|
powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5427
|
|
powerdns<4.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6172
|
|
openssl>=1.0.1<1.0.1u multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt
|
|
openssl>=1.1.0<1.1.0a multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt
|
|
openssl>=1.1.0<1.1.0b use-after-free https://www.openssl.org/news/secadv/20160926.txt
|
|
openssl>=1.0.2i<1.0.2j null-pointer-dereference https://www.openssl.org/news/secadv/20160926.txt
|
|
bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01419/0
|
|
bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01433/74/CVE-2016-2848
|
|
bind<9.10.4pl3 denial-of-service https://kb.isc.org/article/AA-01419/0
|
|
py{27,34,35}-django<1.8.15 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
|
|
py{27,34,35}-django>=1.9<1.9.10 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
|
|
file-roller>=3.5.4<3.20.2 local-file-delete https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7162
|
|
gd<2.2.3nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
|
|
php55-gd<5.5.38nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
|
|
php56-gd<5.6.24nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
|
|
php70-gd<7.0.9nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
|
|
php71-gd<7.1.0beta1nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568
|
|
p5-DBD-mysql<4.037 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246
|
|
wget<1.18nb3 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7098
|
|
qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907
|
|
qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908
|
|
qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909
|
|
qemu<2.7.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7161
|
|
inspircd<2.0.23 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7142
|
|
irssi<0.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044
|
|
drupal>=8<8.1.10 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-004
|
|
clamav<0.99.2 multiple-vulnerabilities http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html
|
|
libcares<1.12.0 arbitrary-code-execution https://c-ares.haxx.se/adv_20160929.html
|
|
mongodb<3.4.0 sensitive-information-disclosure https://jira.mongodb.org/browse/SERVER-25335
|
|
gdk-pixbuf2<2.35.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352
|
|
adodb<5.20.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405
|
|
openjpeg<2.1.2 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7445
|
|
freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4118
|
|
freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4119
|
|
p5-DBD-mysql<4.037 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246
|
|
tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619
|
|
tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620
|
|
tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621
|
|
tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622
|
|
tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
|
|
tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658
|
|
gd<2.2.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905
|
|
nss<3.23.0 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/
|
|
nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951
|
|
nodejs>=6<6.7.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/
|
|
nodejs>=4<4.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/
|
|
adobe-flash-plugin<11.2.202.637 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-32.html
|
|
qemu<2.7.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7423
|
|
xenkernel-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-190.html
|
|
pidgin<2.11.0 multiple-vulnerabilities https://www.pidgin.im/news/security/
|
|
ap22-modsecurity<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
shotwell-[0-9]* man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1000033
|
|
oracle-{jdk,jre}-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA
|
|
py{27,34,35}-mysql-connector>2.1<2.1.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598
|
|
py{27,34,35}-mysql-connector>2.0<2.0.5 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598
|
|
mysql-client>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
|
|
mysql-server>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
|
|
mysql-client>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
|
|
mysql-server>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
|
|
mysql-client>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
|
|
mysql-server>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
|
|
openjpeg<2.1.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8332
|
|
openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9114
|
|
openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9117
|
|
openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9115
|
|
openjpeg<2.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9118
|
|
openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9113
|
|
openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9116
|
|
openjpeg<2.2.0 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9112
|
|
tiff<4.0.8 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8331
|
|
moodle-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7919
|
|
botan>1.11.29<1.11.32 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8871
|
|
tor<0.2.8.9 denial-of-service https://blog.torproject.org/blog/tor-0289-released-important-fixes
|
|
quagga<1.0.20161017 buffer-overflow https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html
|
|
argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8333
|
|
argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8335
|
|
mupdf<1.10 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7506
|
|
mupdf<1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7505
|
|
mupdf<1.10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7504
|
|
php>=5.6<5.6.27 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.27
|
|
php>=7.0<7.0.12 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.12
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8577
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8667
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578
|
|
qemu<2.8.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8668
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669
|
|
qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910
|
|
adobe-flash-plugin<11.2.202.643 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-37.html
|
|
mupdf<1.10 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9136
|
|
moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9186
|
|
moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9187
|
|
moodle-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9188
|
|
py{27,34,35}-Pillow<3.3.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189
|
|
py{27,34,35}-Pillow<3.3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190
|
|
bind<9.9.9pl4 denial-of-service https://kb.isc.org/article/AA-01434
|
|
bind<9.10.4pl4 denial-of-service https://kb.isc.org/article/AA-01434
|
|
libxslt<1.1.29 out-of-bounds-read https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880
|
|
py{26,27}-moin<1.9.9 multiple-vulnerabilities https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html
|
|
libX11<1.6.3 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXfixes<5.0.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXi<1.7.7 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXrandr<1.5.1 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXrender<0.9.10 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXtst<1.2.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXv<1.0.11 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
libXvmc<1.0.10 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html
|
|
subversion-base>1.9<1.9.5 denial-of-service https://subversion.apache.org/security/CVE-2016-8734-advisory.txt
|
|
p5-SOAP-Lite<1.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8978
|
|
hdf5<1.8.18 multiple-vulnerabilities http://blog.talosintel.com/2016/11/hdf5-vulns.html
|
|
p7zip<16.02nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9296
|
|
tiff<4.0.7 multiple-vulnerabilities http://www.securityfocus.com/bid/94484
|
|
drupal>=7<7.5.2 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005
|
|
drupal>=8<8.2.3 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005
|
|
libxml2<2.9.4nb1 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9318
|
|
asterisk>=13.0<13.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-008.html
|
|
asterisk>=14.0<14.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-009.html
|
|
asterisk>=11.0<11.25.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html
|
|
asterisk>=13.0<13.13.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html
|
|
asterisk>=14.0<14.2.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html
|
|
criticalmass<1.0.2nb8 ancient-curl-included http://mail-index.netbsd.org/pkgsrc-changes/2016/12/10/msg149940.html
|
|
firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50
|
|
firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.1
|
|
firefox<50.0.2 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.2
|
|
firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5
|
|
firefox45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5.1
|
|
thunderbird>=45<45.5 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5
|
|
thunderbird>=45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5.1
|
|
wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-56.html
|
|
wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-57.html
|
|
wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-58.html
|
|
wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-59.html
|
|
wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-60.html
|
|
wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-61.html
|
|
wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-62.html
|
|
gst-plugins1-good<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
|
|
gst-plugins0.10-good-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3724
|
|
p5-DBD-mysql<4.041 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1251
|
|
libdwarf-[0-9]* heap-buffer-overflow https://www.prevanders.net/dwarfbug.html#DW201611-006
|
|
php56-piwigo-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9751
|
|
libgsf<1.14.41 null-dereference https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5
|
|
apache>2.4.17<2.4.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8740
|
|
php{56,70,71}-roundcube<1.1.5 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920
|
|
py{27,34,35}-django<1.8.16 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
|
|
py{27,34,35}-django>=1.9<1.9.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
|
|
py{27,34,35}-django>=1.10<1.10.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9106
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9105
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9104
|
|
qemu<2.8.0rc0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9103
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9102
|
|
qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9101
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7995
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7994
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7466
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7422
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7421
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7170
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7157
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7156
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7155
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7116
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6888
|
|
qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6836
|
|
qemu<2.6.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6835
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6834
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6833
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6490
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4964
|
|
gtar-base<1.29 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6321
|
|
phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-29/
|
|
phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-30/
|
|
phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-31/
|
|
phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-32/
|
|
phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-33/
|
|
phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-34/
|
|
phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-35/
|
|
phpmyadmin<4.6.4 symlink-attack https://www.phpmyadmin.net/security/PMASA-2016-36/
|
|
phpmyadmin<4.6.4 path-traversal https://www.phpmyadmin.net/security/PMASA-2016-37/
|
|
phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-37/
|
|
phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-39/
|
|
phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-40/
|
|
phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-41/
|
|
phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-42/
|
|
phpmyadmin<4.6.4 validation-bypass https://www.phpmyadmin.net/security/PMASA-2016-43/
|
|
phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-45/
|
|
phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-46/
|
|
phpmyadmin<4.6.4 authentication-bypass https://www.phpmyadmin.net/security/PMASA-2016-47/
|
|
phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-48/
|
|
phpmyadmin<4.6.4 bypass-protection https://www.phpmyadmin.net/security/PMASA-2016-49/
|
|
phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-50/
|
|
phpmyadmin<4.6.4 reflected-file-download https://www.phpmyadmin.net/security/PMASA-2016-51/
|
|
phpmyadmin<4.6.4 security-bypass https://www.phpmyadmin.net/security/PMASA-2016-52/
|
|
phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-53/
|
|
phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-54/
|
|
phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-55/
|
|
phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-56/
|
|
phpmyadmin<4.6.5 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-59/
|
|
phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-60/
|
|
phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-63/
|
|
phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-64/
|
|
phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-65/
|
|
phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-66/
|
|
phpmyadmin<4.6.5 code-injection https://www.phpmyadmin.net/security/PMASA-2016-67/
|
|
phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-68/
|
|
phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-69/
|
|
phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-70/
|
|
phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-71/
|
|
seamonkey<2.40nb7 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
|
|
jasper<1.900.29nb1 buffer-overflow https://github.com/mdadams/jasper/issues/93
|
|
modular-xorg-server<1.16.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3418
|
|
libXv<1.0.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5407
|
|
libXtst<1.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7952
|
|
libXtst<1.2.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7951
|
|
libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7950
|
|
libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7949
|
|
libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7948
|
|
libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7947
|
|
libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7946
|
|
libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7945
|
|
libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7943
|
|
libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7942
|
|
libXvMC<1.0.10 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7953
|
|
libXfixes<5.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7944
|
|
ImageMagick<7.0.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6491
|
|
p7zip<16.0 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2334
|
|
adobe-flash-plugin<24.0.0.186 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
|
|
pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073
|
|
pcre<8.38 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210
|
|
pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3217
|
|
pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073
|
|
pcre2<10.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210
|
|
py{27,34,35}-bottle<0.12.11 crlf-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9964
|
|
libupnp<1.6.21 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6255
|
|
libupnp<1.6.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
|
|
tigervnc-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8241
|
|
w3m<0.5.3.0.20161218 multiple-vulnerabilities https://github.com/tats/w3m/commit/b3805049f2add9226f6eac1b534626c4e5d9da52
|
|
rabbitmq<3.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8786
|
|
nagios-base<4.2.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9565
|
|
nagios-base<4.2.4 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9566
|
|
firefox<50.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/
|
|
firefox45<45.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
|
|
php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
|
|
php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
|
|
php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933
|
|
php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
|
|
php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
|
|
php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934
|
|
php>=5.6<5.6.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935
|
|
php>=7.0<7.0.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935
|
|
php>=7.0<7.0.14 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936
|
|
php>=7.1<7.1.0 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936
|
|
lynx<2.8.8.2nb5 information-leak http://seclists.org/oss-sec/2016/q4/322
|
|
php{56,70,71}-roundcube<1.2.0 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4552
|
|
py{27,34,35}-docx<0.8.6 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5851
|
|
ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671
|
|
ffmpeg3<3.1.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671
|
|
ffmpeg1-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881
|
|
ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881
|
|
ffmpeg3<3.1.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881
|
|
ffmpeg1-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1
|
|
ffmpeg2-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1
|
|
ffmpeg3<3.1.4 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1
|
|
ffmpeg3<3.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9561
|
|
ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595
|
|
ffmpeg3<3.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595
|
|
openjpeg<1.5.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9675
|
|
libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131
|
|
libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4658
|
|
kdesu<5.7.5 dialog-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7787
|
|
qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9907
|
|
qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9923
|
|
qemu<2.8.1 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9908
|
|
qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9911
|
|
qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9921
|
|
qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9912
|
|
p5-XML-Twig-[0-9]* xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9180
|
|
p5-Image-Info<1.39 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9181
|
|
exim<4.88 information-leak https://exim.org/static/doc/CVE-2016-9963.txt
|
|
mantis<1.3.5 arbitrary-code-execution https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html
|
|
ImageMagick<7.0.3.9 arbitrary-code-execution http://www.talosintelligence.com/reports/TALOS-2016-0216/
|
|
ImageMagick6<6.9.6.7 arbitrary-code-execution http://www.talosintelligence.com/reports/TALOS-2016-0216/
|
|
openssh<7.4 multiple-vulnerabilities http://www.openssh.com/txt/release-7.4
|
|
qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9776
|
|
qemu<2.8.0 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9845
|
|
qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9913
|
|
qemu<2.8.0 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9846
|
|
qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9915
|
|
qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9916
|
|
qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9914
|
|
rabbitmq<3.6.6 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9877
|
|
contao35<3.5.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074
|
|
php{55,56,70,71}-contao35<3.5.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074
|
|
php{55,56,70,71}-contao42<4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074
|
|
php{55,56,70,71}-contao43<4.3.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074
|
|
php{55,56,70,71}-contao42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php{56,70,71}-roundcube<1.2.3 remote-code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920
|
|
irssi>=0.8.17<0.8.21 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_01.txt
|
|
php{56,70,71}-piwigo<2.8.5 multiple-vulnerabilities http://piwigo.org/releases/2.8.5
|
|
libvncserver<0.9.11 multiple-vulnerabilities https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11
|
|
thunderbird>=45<45.6.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/
|
|
py{27,34,35,36}-borgbackup<1.0.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10100
|
|
py{27,34,35,36}-borgbackup<1.0.9 local-filename-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10099
|
|
php{56,70,71}-ja-wordpress<4.6.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169
|
|
php{56,70,71}-ja-wordpress<4.6.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
|
|
wordpress<4.6.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169
|
|
wordpress<4.6.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
|
|
pidgin<2.11.0 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2375
|
|
pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2373
|
|
pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2371
|
|
pidgin<2.11.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2369
|
|
pidgin<2.11.0 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2367
|
|
pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2366
|
|
pidgin<2.11.0 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2365
|
|
pidgin<2.11.0 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4323
|
|
pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2380
|
|
pidgin<2.11.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2378
|
|
pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2370
|
|
pidgin<2.11.0 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2374
|
|
pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2372
|
|
pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2368
|
|
pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2376
|
|
ruby{18,21,22,23}-fiddle-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2339
|
|
ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2337
|
|
ruby{18,21,22,23}-bundler-[0-9]* code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7954
|
|
php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670
|
|
php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670
|
|
memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8704
|
|
memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8706
|
|
memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8705
|
|
freeimage<3.17.0nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5684
|
|
tiff<4.0.7 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5652
|
|
bind>=9.9.3<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131
|
|
bind<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131
|
|
bind>=9.9.9pl4<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147
|
|
bind>=9.10.4pl4<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147
|
|
bind>=9.9.3<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444
|
|
bind<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444
|
|
screen>=4.5.0<4.5.0nb1 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5618
|
|
apache>=2.4.1<2.4.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161
|
|
apache>=2.4.1<2.4.25 padding-oracle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736
|
|
apache>=2.2.0<2.2.32 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
|
|
apache>=2.4.1<2.4.25 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743
|
|
png<1.0.67 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
|
|
png>1.2<1.2.57 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
|
|
png>1.4<1.4.20 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
|
|
png>1.5<1.5.28 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
|
|
png>1.6<1.6.27 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087
|
|
apache-tomcat>=6.0.16<6.0.49 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
|
|
apache-tomcat>=7.0.0<7.0.74 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
|
|
apache-tomcat>=8.0.0<8.0.40 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
|
|
apache-tomcat>=8.5.0<8.5.9 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
|
|
apache-tomcat>=9.0.0.M1<9.0.0.M15 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
|
|
pidgin<2.11.0 information-leak https://www.pidgin.im/news/security/?id=96
|
|
pidgin<2.11.0 buffer-overflow https://www.pidgin.im/news/security/?id=93
|
|
py{27,34,35,36}-hpack<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6581
|
|
chicken<4.12 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6830
|
|
chicken<4.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6831
|
|
mantis<1.2.19 remote-script-inject https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6837
|
|
adobe-flash-plugin<24.0.0.194 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
|
|
ntp<4.2.8p9 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se
|
|
py{27,34,35,36}-urllib3<1.18.1 validation-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9015
|
|
guile-[0-9]* insecure-file-permissions https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8605
|
|
openssl<1.0.2k denial-of-service https://www.openssl.org/news/secadv/20170126.txt
|
|
bind>=9.9.9pl1<9.9.9pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9778
|
|
php>=5.0<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478
|
|
php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478
|
|
php>=7.0<7.0.12 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7480
|
|
php>=7.0<7.0.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5340
|
|
php>=7.1<7.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5340
|
|
php>=7.0<7.0.15 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7479
|
|
ikiwiki<3.20161229 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9645
|
|
ikiwiki<3.20161229 commit-metadata-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-9646
|
|
ikiwiki<3.20170111 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-0356
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5225
|
|
guile20<2.0.13 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8606
|
|
jenkins<2.32 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9299
|
|
jenkins-lts<2.19.3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9299
|
|
zoneminder-[0-9]* authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10140
|
|
jasper<1.900.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8882
|
|
jasper<1.900.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8883
|
|
gstreamer1<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5209
|
|
wordpress<4.7.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.1
|
|
wordpress<4.7.2 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.2
|
|
ntopng-[0-9]* cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5473
|
|
gnutls<3.3.26 memory-corruption https://gnutls.org/security.html#GNUTLS-SA-2017-1
|
|
gnutls>=3.4<3.5.8 memory-corruption https://gnutls.org/security.html#GNUTLS-SA-2017-2
|
|
GraphicsMagick<1.3.26 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7996
|
|
tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9297
|
|
mupdf<1.10anb2 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5627
|
|
mupdf<1.10anb2 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5628
|
|
php{56,70,71}-ja-wordpress<4.7.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.1
|
|
php{56,70,71}-ja-wordpress<4.7.2 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.2
|
|
unrealircd<3.2.10.7 ssl-certificate-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7144
|
|
unrealircd>=4.0<4.0.6 ssl-certificate-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7144
|
|
GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7997
|
|
php{56,70,71}-piwigo<2.8.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5608
|
|
tcpdump<4.9.0 multiple-vulnerabilities https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html
|
|
tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9273
|
|
mysql-server>5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
|
|
mysql-server>5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
|
|
mysql-server>5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
|
|
libical<2.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2016-5823
|
|
libical<3.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2016-5824
|
|
libical-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5825
|
|
libical-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5826
|
|
libical<3.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-5827
|
|
libical<3.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9584
|
|
mysql-cluster<7.2.27 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
|
|
mysql-cluster<7.3.15 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
|
|
mysql-cluster<7.4.13 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
|
|
ffmpeg3>3.0<3.0.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5200
|
|
ffmpeg3>3.1<3.1.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5200
|
|
ffmpeg3>3.0<3.0.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5199
|
|
ffmpeg3>3.1<3.1.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5199
|
|
openjdk8<1.8.121 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA
|
|
oracle-{jdk,jre}<8.0.121 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA
|
|
ImageMagick<7.0.3.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6823
|
|
bash<4.4 privilege-elevation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7543
|
|
tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453
|
|
tiff<4.0.7 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448
|
|
tiff<4.0.7 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563
|
|
tiff<4.0.7 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
|
|
tiff<4.0.7 heap-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5319
|
|
tiff<4.0.7 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318
|
|
tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317
|
|
tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316
|
|
tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
|
|
moodle>=2.7<2.7.15 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859
|
|
moodle>=2.8<2.9.7 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859
|
|
moodle>=3.0<3.0.5 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859
|
|
moodle>=3.1<3.1.1 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859
|
|
owncloudclient<2.2.3 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7102
|
|
wireshark>=2.2<2.2.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-01.html
|
|
wireshark>=2.2<2.2.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-02.html
|
|
magento<2.0.6 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4010
|
|
gnuchess<6.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8972
|
|
bash<4.4.006 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401
|
|
w3m<0.5.3.0.20161009 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9435
|
|
xenkernel42-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-200.html
|
|
xenkernel45<4.5.5nb2 information-leak http://xenbits.xen.org/xsa/advisory-200.html
|
|
xenkernel46<4.6.5 information-leak http://xenbits.xen.org/xsa/advisory-200.html
|
|
xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-203.html
|
|
xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-202.html
|
|
xenkernel45<4.5.5nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-202.html
|
|
xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-202.html
|
|
xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html
|
|
xenkernel45<4.5.5nb2 privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html
|
|
xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html
|
|
xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html
|
|
xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html
|
|
xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html
|
|
xentools42-[0-9]* arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html
|
|
xentools45<4.5.5nb1 arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html
|
|
xentools46<4.6.5 arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html
|
|
xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-193.html
|
|
xenkernel45<4.5.5nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-193.html
|
|
xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-193.html
|
|
xenkernel42-[0-9]* arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html
|
|
xenkernel45<4.5.5nb1 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html
|
|
xenkernel46<4.6.5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html
|
|
xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html
|
|
xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html
|
|
xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html
|
|
xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html
|
|
xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html
|
|
xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html
|
|
ffmpeg3>3.1<3.1.3 heap-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6920
|
|
ffmpeg3>3.1<3.1.1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164
|
|
ffmpeg2>2.0<2.8.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164
|
|
w3m<0.5.3.0.20161009 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9436
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5545
|
|
libdwarf<20160614 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7410
|
|
gd<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
|
|
gd<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311
|
|
gd<2.2.4 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312
|
|
typo3>=6.2<6.2.24 access-bypass https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/
|
|
typo3>=6.2<6.2.19 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006/
|
|
ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2337
|
|
squid<3.5.23 information-leak http://www.squid-cache.org/Advisories/SQUID-2016_10.txt
|
|
squid<3.5.23 information-leak http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
|
|
libbpg-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8710
|
|
php>=5.0<5.6.30 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.30
|
|
php>=7.0<7.0.15 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.15
|
|
php>=7.1<7.1.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.1.1
|
|
tcpreplay<4.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160
|
|
php{56,70,71}-http<3.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5873
|
|
moodle<2.9.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699
|
|
moodle>=3.0<3.0.5 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699
|
|
moodle>3.1<3.1.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699
|
|
moodle>=2.7<2.7.16 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631
|
|
moodle>=2.8<2.9.8 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631
|
|
moodle>=3.0<3.0.6 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631
|
|
moodle>=3.1<3.1.2 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631
|
|
moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275
|
|
moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275
|
|
moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275
|
|
moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275
|
|
moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276
|
|
moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276
|
|
moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276
|
|
moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276
|
|
moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277
|
|
moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277
|
|
moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277
|
|
moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277
|
|
moodle>=2.7<2.7.18 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912
|
|
moodle>=3.0<3.0.8 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912
|
|
moodle>=3.1<3.1.4 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912
|
|
moodle>=3.2<3.2.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912
|
|
moodle>=2.7<2.7.18 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915
|
|
moodle>=3.0<3.0.8 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915
|
|
moodle>=3.1<3.1.4 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915
|
|
moodle>=3.2<3.2.1 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915
|
|
moodle>=3.1<3.1.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336697
|
|
quagga<1.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5495
|
|
firefox<51.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/
|
|
firefox45<45.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
|
|
thunderbird<45.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/
|
|
gd<2.2.4 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
|
|
unzip<6.0nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913
|
|
unzip<6.0nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844
|
|
botan<1.10.15 integer-overflow https://github.com/randombit/botan/commit/8fce1edc0214b1149cbf4723322714f2e22032eb
|
|
libarchive<3.3.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601
|
|
hexchat<2.14.0 stack-overflow https://github.com/hexchat/hexchat/issues/1934
|
|
socat<1.7.3.1 openssl-implementation http://www.dest-unreach.org/socat/contrib/socat-secadv7.html
|
|
libXpm-3.5.12 denial-of-service https://www.debian.org/security/2017/dsa-3772
|
|
libquicktime-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2399
|
|
cryptopp-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9939
|
|
potrace<1.13 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8695
|
|
phpmyadmin<4.6.6 server-side-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-44/
|
|
ruby200-archive-tar-minitar-[0-9]* directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10173
|
|
librsvg<2.40.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6163
|
|
openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4797
|
|
openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3183
|
|
zoneminder-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/540089
|
|
lcms2<2.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10165
|
|
pear-[0-9]* arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5630
|
|
bind>=9.9.3<9.9.9pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3135
|
|
bind>=9.10.0<9.10.4pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3135
|
|
ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10190
|
|
ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10191
|
|
ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10192
|
|
ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10190
|
|
ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10191
|
|
ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10192
|
|
mxml<2.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4570
|
|
mxml<2.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4571
|
|
psi-[0-9]* weak-authentication https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5593
|
|
mcabber<1.0.5 weak-authentication https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5604
|
|
squidGuard-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8936
|
|
nsd<4.1.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6173
|
|
knot<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6171
|
|
potrace<1.13 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8699
|
|
GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5241
|
|
GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7446
|
|
GraphicsMagick<1.3.25 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7447
|
|
GraphicsMagick<1.3.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7449
|
|
GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7800
|
|
vim<8.0.0322 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5953
|
|
gstreamer1<1.10.3 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.3
|
|
mysql-client>=5.5.0<5.6.21 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302
|
|
openafs<1.6.19 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9772
|
|
libwebp<0.6.0 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9085
|
|
zoneminder-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/540093
|
|
cairo<1.14.10nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9082
|
|
SOGo<3.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6188
|
|
perl<5.24.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8608
|
|
mupdf<1.10anb4 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5896
|
|
php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158
|
|
php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158
|
|
php>=7.1<7.1.1 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158
|
|
php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10159
|
|
php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10159
|
|
php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10160
|
|
php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10160
|
|
php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161
|
|
php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161
|
|
php>=7.1<7.1.1 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161
|
|
viewvc<1.1.26 cross-site-scripting http://www.openwall.com/lists/oss-security/2017/02/08/7
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html
|
|
webkit-gtk<2.14.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html
|
|
jpeg<9c multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3616
|
|
crypto++<5.6.4 timing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3995
|
|
libtomcrypt<1.17nb3 signature-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6129
|
|
guile20<2.0.13 insecure-file-permissions https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8605
|
|
tre-[0-9]* out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8859
|
|
gst-plugins1-ugly<1.10.3nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5847
|
|
gstreamer1-plugins-bad-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5848
|
|
apache-tomcat-6.[0-9]* denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304
|
|
apache-tomcat-7.[0-9]* denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304
|
|
libytnef<1.9.1 null-dereference http://www.securityfocus.com/archive/1/540133
|
|
py{27,34,35,36}-crypto<2.6.1nb3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7459
|
|
slock<1.4 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6866
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7392
|
|
mupdf<1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8674
|
|
ImageMagick<7.0.3.1 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8677
|
|
ImageMagick<7.0.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8678
|
|
libdwarf<20161124 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8679
|
|
GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8682
|
|
GraphicsMagick<1.3.26 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8683
|
|
libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8689
|
|
libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8687
|
|
libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8688
|
|
jasper<1.900.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8691
|
|
jasper<1.900.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8692
|
|
jasper<1.900.5 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8690
|
|
ImageMagick<7.0.3.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8862
|
|
ImageMagick<7.0.3.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8866
|
|
jasper<1.900.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8693
|
|
jasper<1.900.30 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9560
|
|
ImageMagick<7.0.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9773
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html
|
|
webkit-gtk<2.14.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html
|
|
GraphicsMagick<1.3.26 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8684
|
|
py{27,34,35,36}-openpyxl<2.4.2 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5992
|
|
mysql-client>=5.7.0<5.7.5 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302
|
|
mariadb-client<=5.5.54 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302
|
|
pcre<8.40nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6004
|
|
p5-DBD-mysql<4.039 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1249
|
|
suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5417
|
|
dovecot>=2<2.2.27 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8652
|
|
ed<1.14.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5357
|
|
SOGo<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9905
|
|
mantis<1.2.20 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5364
|
|
SOGo<2.3.12 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6189
|
|
SOGo>=3.0<3.1.1 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6189
|
|
SOGo<2.3.12 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6190
|
|
SOGo>=3.0<3.1.1 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6190
|
|
mantis<1.3.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7111
|
|
wireshark<2.2.5 infinite-loop https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6014
|
|
tnef<1.4.13 multiple-vulnerabilities https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/
|
|
munin-server<2.999.6 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6188
|
|
SOGo<3.1.3 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6191
|
|
ruby{18,21,22,23}-mcollective<2.8.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2788
|
|
pcsc-lite<1.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10109
|
|
xenkernel45<4.5.5nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-196.html
|
|
xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-196.html
|
|
py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9909
|
|
py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9910
|
|
flightgear<2016.4.4 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9956
|
|
ghostscript-agpl<9.23 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196
|
|
ghostscript-gpl<9.06nb10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196
|
|
radare2<1.4.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6197
|
|
radare2<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6319
|
|
radare2<1.4.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6387
|
|
radare2<1.4.0 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6415
|
|
libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4487
|
|
libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4488
|
|
libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4489
|
|
libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4490
|
|
libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4491
|
|
libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4492
|
|
libiberty-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4493
|
|
libiberty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2226
|
|
ruby{18,21,22,23}-zip<1.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5946
|
|
libdwarf<20160115 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5027
|
|
libdwarf<20161124 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9558
|
|
vim<8.0.0377 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6349
|
|
vim<8.0.0378 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6350
|
|
tigervnc<1.7.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5581
|
|
tigervnc<1.7.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10207
|
|
ImageMagick<7.0.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8900
|
|
ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8900
|
|
ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8901
|
|
ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8902
|
|
ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8903
|
|
qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10028
|
|
qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10029
|
|
GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5240
|
|
libreoffice5-bin>5.1<5.1.6 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
|
|
libreoffice5-bin>5.2<5.2.2 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
|
|
libreoffice>5.3<5.3.0 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5498
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5499
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5500
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5501
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5502
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5503
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5504
|
|
ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10060
|
|
ImageMagick<7.0.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10062
|
|
ImageMagick<6.9.7.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10062
|
|
ImageMagick<6.9.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10063
|
|
ImageMagick<6.9.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10064
|
|
ImageMagick<6.9.6.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10068
|
|
ImageMagick<7.0.3.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9559
|
|
tiff<4.0.7nb3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10092
|
|
tiff<4.0.7nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10093
|
|
tiff<4.0.7nb6 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10094
|
|
tiff<4.0.8nb1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10095
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5974
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5975
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5976
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5977
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5978
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5979
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5980
|
|
zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5981
|
|
mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5665
|
|
mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5666
|
|
mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5851
|
|
GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9830
|
|
hesiod-[0-9]* weak-suid-check https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10151
|
|
php70-opcache<7.0.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8994
|
|
php56-opcache<5.6.29 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8994
|
|
kio<5.32 sensitive-information-disclosure https://www.kde.org/info/security/advisory-20170228-1.txt
|
|
kdelibs<4.14.30 sensitive-information-disclosure https://www.kde.org/info/security/advisory-20170228-1.txt
|
|
wordpress<4.7.3 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.3
|
|
php{56,70,71}-ja-wordpress<4.7.3 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.3
|
|
ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6497
|
|
ImageMagick6<6.9.7.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6498
|
|
ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6499
|
|
ImageMagick<7.0.4.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6500
|
|
ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6500
|
|
ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6501
|
|
ImageMagick6<6.9.7.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6502
|
|
ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10061
|
|
ImageMagick<7.0.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10065
|
|
ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10066
|
|
ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10067
|
|
ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10069
|
|
ImageMagick<6.9.4.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10070
|
|
ImageMagick<6.9.4.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10071
|
|
wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6467
|
|
wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6468
|
|
wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6469
|
|
wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6470
|
|
wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6471
|
|
wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6472
|
|
wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6473
|
|
wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6474
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5834
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5835
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5836
|
|
libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7969
|
|
libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7970
|
|
libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7972
|
|
dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7406
|
|
dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7407
|
|
dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7408
|
|
dropbear<2016.74 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7409
|
|
php{56,70,71}-owncloud<9.1.3 username-enumeration https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5865
|
|
php{56,70,71}-owncloud<9.1.3 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5866
|
|
php{56,70,71}-owncloud<9.1.3 excessive-logging https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5867
|
|
freetype<2.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10244
|
|
ghoscript<9.20 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5653
|
|
ap{22,24}-auth-mellon<0.13.1 cross-site-session-transfer https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6807
|
|
ytnef<1.9.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6801
|
|
php{56,70,71}-roundcube<1.2.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6820
|
|
mantis<1.3.7 javascript-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6797
|
|
libupnp<1.6.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8863
|
|
tiff<4.0.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5315
|
|
firefox45<45.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/
|
|
webkit24-gtk{,3}-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9643
|
|
R<3.3.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8714
|
|
wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10169
|
|
wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10170
|
|
wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10171
|
|
wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10172
|
|
bitlbee<3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10189
|
|
libpurple<2.12.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2640
|
|
adobe-flash-player<24.0.0.211 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
|
|
binutils<2.26 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9939
|
|
binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6965
|
|
binutils<2.29 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6966
|
|
binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6969
|
|
binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7209
|
|
binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7210
|
|
binutils<2.29 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7223
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7224
|
|
binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7225
|
|
binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7226
|
|
binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7227
|
|
ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9832
|
|
ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9833
|
|
ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9834
|
|
ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9835
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9836
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9838
|
|
ImageMagick{6,}<6.8.9.10 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9839
|
|
ImageMagick{6,}<6.8.9.10 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9840
|
|
ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9841
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9842
|
|
ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9843
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9844
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9845
|
|
ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9846
|
|
ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9847
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9848
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9849
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9850
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9851
|
|
ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9852
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9853
|
|
ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9854
|
|
ImageMagick{6,}<6.6.0.5 off-by-one https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9915
|
|
ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8894
|
|
ImageMagick{6,}<6.9.3.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895
|
|
ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895
|
|
ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8896
|
|
ImageMagick{6,}<6.9.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8897
|
|
ImageMagick{6,}<6.9.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8898
|
|
ImageMagick{6,}<6.9.4.0 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5239
|
|
ImageMagick<7.0.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9556
|
|
ImageMagick{6,}<6.9.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10046
|
|
ImageMagick{6,}<6.9.4.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10047
|
|
ImageMagick{6,}<6.9.4.7 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10048
|
|
ImageMagick{6,}<6.9.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10049
|
|
ImageMagick{6,}<6.9.4.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10050
|
|
ImageMagick{6,}-6.9.5.5 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10051
|
|
ImageMagick{6,}<6.9.5.6 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10052
|
|
ImageMagick{6,}<6.9.5.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10053
|
|
ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10054
|
|
ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10055
|
|
ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10056
|
|
ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10057
|
|
ImageMagick{6,}<6.9.6.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10058
|
|
ImageMagick{6,}<6.9.4.1 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10059
|
|
ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10060
|
|
ImageMagick{6,}<6.9.2.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10252
|
|
gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6311
|
|
gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6312
|
|
gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6313
|
|
gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6314
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6827
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6828
|
|
libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6829
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6830
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6831
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6832
|
|
libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6833
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6834
|
|
libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6835
|
|
libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6836
|
|
libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6837
|
|
libaudiofile-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6838
|
|
libaudiofile-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6839
|
|
jasper<1.900.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8885
|
|
jasper<1.900.9 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10248
|
|
jasper<1.900.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10249
|
|
jasper<1.900.13 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10250
|
|
jasper<1.900.20 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10251
|
|
jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5505
|
|
jasper<2.0.13 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6850
|
|
jasper<2.0.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6851
|
|
jasper<2.0.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6852
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6435
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6436
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6437
|
|
libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6438
|
|
libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6439
|
|
libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6440
|
|
podofo<0.9.4 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8981
|
|
podofo<0.9.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6840
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6841
|
|
podofo-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6842
|
|
podofo-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6843
|
|
podofo<0.9.6 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6844
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6845
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6846
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6847
|
|
podofo-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6848
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6849
|
|
gd<2.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6906
|
|
gd<2.2.4 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10166
|
|
gd<2.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10167
|
|
gd<2.2.4 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10168
|
|
mupdf<1.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10246
|
|
mupdf<1.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10247
|
|
mupdf<1.11 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6060
|
|
moodle<3.2.2 sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2641
|
|
moodle>3.2<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2643
|
|
moodle<3.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2644
|
|
moodle<3.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2645
|
|
potrace<1.15 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7263
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10155
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5525
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5526
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5578
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5579
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5667
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5856
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5987
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6058
|
|
qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6505
|
|
ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7207
|
|
ghostscript-gpl<9.06nb11 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7207
|
|
mantis<2.1.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7222
|
|
sane-backends<1.0.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6318
|
|
git-base<1.9.3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9938
|
|
GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6335
|
|
sysinfo-[0-9]* local-privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6516
|
|
php{55,56,70}-concrete5<5.6.3.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6905
|
|
php{55,56,70}-concrete5<5.6.3.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6908
|
|
libevent<2.1.6 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10195
|
|
ImageMagick<7.0.4.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7275
|
|
ImageMagick<7.0.5.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5510
|
|
ImageMagick<7.0.5.4 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5511
|
|
ImageMagick<7.0.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507
|
|
ImageMagick6<6.9.7.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507
|
|
ImageMagick<7.0.5.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5509
|
|
ImageMagick6<6.9.8.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5509
|
|
ImageMagick<7.0.4.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508
|
|
ImageMagick6<6.9.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508
|
|
ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5506
|
|
ImageMagick6<6.9.6.8 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10146
|
|
ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10144
|
|
ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10145
|
|
proftpd<1.3.5d symlink-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7418
|
|
tigervnc<1.7.90 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7392
|
|
tigervnc<1.7.90 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7393
|
|
tigervnc<1.7.90 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7394
|
|
tigervnc<1.7.90 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7395
|
|
tigervnc<1.7.90 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7396
|
|
pitivi<0.95 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0855
|
|
py{27,34,35,36}-cryptography<1.5.2 weak-cryptography https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9243
|
|
mantis<1.3.8 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973
|
|
mantis>=2.1<2.1.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973
|
|
mantis>=2.2<2.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973
|
|
mantis<1.3.9 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241
|
|
mantis>=2.1<2.1.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241
|
|
mantis>=2.2<2.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241
|
|
mantis<1.3.9 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309
|
|
mantis>=2.1<2.1.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309
|
|
mantis>=2.2<2.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309
|
|
ghostscript-agpl<9.23 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10217
|
|
ghostscript-gpl<9.06nb12 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10217
|
|
ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10218
|
|
ghostscript-agpl<9.21 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219
|
|
ghostscript-gpl<9.06nb12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219
|
|
ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220
|
|
ghostscript-gpl<9.06nb12 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220
|
|
ghostscript-agpl<9.22 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951
|
|
ghostscript-gpl<9.06nb12 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951
|
|
ghostscript-agpl<9.23 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10317
|
|
ghostscript-gpl-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10317
|
|
podofo<0.9.6 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7378
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7379
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7380
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7381
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7382
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7383
|
|
yara<3.6.0 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10210
|
|
yara<3.6.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10211
|
|
yara<3.6.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5923
|
|
yara<3.6.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5924
|
|
collectd<5.7.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7401
|
|
jasper<1.900.9 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8884
|
|
jasper<1.900.11 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8886
|
|
jasper<1.900.10 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8887
|
|
jasper<1.900.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9262
|
|
jasper<1.900.13 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9387
|
|
jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9388
|
|
jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9389
|
|
jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9390
|
|
jasper<2.0.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9391
|
|
jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9392
|
|
jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9393
|
|
jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9394
|
|
jasper<1.900.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9395
|
|
jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9396
|
|
jasper<1.900.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9397
|
|
jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9398
|
|
jasper<1.900.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9399
|
|
jasper<1.900.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9557
|
|
php{56,70,71}-owncloud>=9.0<9.0.6 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9467
|
|
php{56,70,71}-owncloud>=9.1<9.1.2 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9467
|
|
php{56,70,71}-owncloud>=9.0<9.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9468
|
|
php{56,70,71}-owncloud>=9.1<9.1.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9468
|
|
php{56,70,71}-owncloud>=9.0<9.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9463
|
|
php{56,70,71}-owncloud>=9.1<9.1.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9463
|
|
php{56,70,71}-owncloud>=9.0<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9466
|
|
php{56,70,71}-owncloud>=9.1<9.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9466
|
|
php{56,70,71}-owncloud>=9.0<9.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2016-9461
|
|
php{56,70,71}-owncloud>=9.0<9.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2016-9462
|
|
php{56,70,71}-owncloud>=9.0<9.0.4 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9460
|
|
php{56,70,71}-owncloud>=9.0<9.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9459
|
|
php{56,70,71}-owncloud>=9.0<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9465
|
|
php{56,70,71}-owncloud>=9.1<9.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9465
|
|
libxslt<1.1.29 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2015-9019
|
|
py{27,34,35,36}-django>=1.10<1.10.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
|
|
xenkernel45<4.5.5nb5 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html
|
|
xenkernel46<4.6.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html
|
|
xenkernel48<4.8.0nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html
|
|
py{27,34,35,36}-trytond<4.2.2 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2017-0360
|
|
apache-tomcat>=7.0<7.0.72 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6816
|
|
apache-tomcat>=8.0<8.0.38 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6816
|
|
asterisk>=13.0<13.14.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-001.html
|
|
asterisk>=14.0<14.3.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-001.html
|
|
curl<7.53.1nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7407
|
|
dovecot<2.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
radare2<1.4.0 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6448
|
|
radare2<1.3.0 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6194
|
|
radare2<1.4.0 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7274
|
|
yaml-cpp-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-5950
|
|
mupdf<1.11 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2016-10221
|
|
mupdf<1.10nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7264
|
|
libarchive<3.3.1 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10209
|
|
putty<0.68 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-6542
|
|
hesiod-[0-9]* privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2016-10152
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
cross-arm-none-eabi-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
cross-freemint-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
cross-h8300-elf-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
mingw-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
nios2-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
avr-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299
|
|
cross-h8300-hms-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304
|
|
qemu<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9922
|
|
qemu<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5931
|
|
qemu<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5973
|
|
ntp<4.2.8p10 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
|
|
bash<4.4.007 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2017-5932
|
|
chicken<4.13.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-6949
|
|
chicken<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-4556
|
|
irssi<1.0.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7191
|
|
ark<16.12.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5330
|
|
nagios-base-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6209
|
|
openslp-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-4912
|
|
moodle<3.2.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=349420
|
|
moodle<3.2.2 sql-injection https://moodle.org/mod/forum/discuss.php?d=349419
|
|
moodle<3.2.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=349421
|
|
moodle<3.2.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=349422
|
|
moodle-[0-9]* cross-site-scripting http://www.daimacn.com/post/12.html
|
|
potrace-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7263
|
|
pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7246
|
|
pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7245
|
|
pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7244
|
|
pcre<8.40nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7186
|
|
pcre2<10.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7186
|
|
libgit2<0.25.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10129
|
|
libgit2<0.25.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-10130
|
|
libgit2<0.25.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10128
|
|
libdwarf<20161124 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9275
|
|
libdwarf<20161124 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9276
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9266
|
|
ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-9265
|
|
ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9264
|
|
libwmf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9011
|
|
tiff<4.0.7nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10272
|
|
tiff<4.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10269
|
|
tiff<4.0.7nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10271
|
|
tiff<4.0.7nb8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10270
|
|
tiff<4.0.7nb9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10268
|
|
tiff<4.0.7nb10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10266
|
|
tiff<4.0.7nb11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10267
|
|
mupdf<1.11 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10132
|
|
mupdf<1.11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10133
|
|
ettercap<0.8.3 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6430
|
|
ettercap-NG<0.8.3 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6430
|
|
tcpreplay<4.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6429
|
|
ffmpeg010-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5361
|
|
libevent<2.1.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10196
|
|
libevent<2.1.6 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10197
|
|
slurm>2.4.0pre4<15.08.13 remote-information-modification https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10030
|
|
calibre<2.75 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10187
|
|
zoneminder<1.30.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7203
|
|
mapserver<6.2.4 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5522
|
|
viewvc<1.1.26 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5938
|
|
capstone<3.0.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6952
|
|
ioquake3<1.36.20200125 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6903
|
|
wordpress<4.7.2 remote-information-modification https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1001000
|
|
php>=7.1<7.1.3 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6441
|
|
ming<0.4.8 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7578
|
|
apache-tomcat>=6.0<6.0.48 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735
|
|
apache-tomcat>=7.0<7.0.73 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735
|
|
apache-tomcat>=8.0<8.0.39 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735
|
|
libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7585
|
|
libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7586
|
|
suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7585
|
|
suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7586
|
|
gst-plugins1-ugly<1.10.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5846
|
|
jbig2dec<0.14 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9601
|
|
samba<4.4.12 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2619
|
|
wireshark<2.2.4 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5596
|
|
wireshark<2.2.4 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5597
|
|
ruby21-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
erlang<18.3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10253
|
|
mysql-server>=5.5.0<5.5.54 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313
|
|
mysql-server>=5.6.0<5.6.35 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313
|
|
mysql-server>=5.7.0<5.7.17 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313
|
|
mariadb-server<5.5.55 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313
|
|
libsamplerate<0.1.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7697
|
|
mantis<1.3.1nb2 remote-server-admin https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7615
|
|
jasper<2.0.12 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9591
|
|
apache-tomcat>=7.0<7.0.76 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5648
|
|
apache-tomcat>=8.0<8.0.42 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5648
|
|
tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8127
|
|
tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8665
|
|
tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8683
|
|
tiff<4.0.7 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5875
|
|
tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9273
|
|
ImageMagick<7.0.4.8 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9829
|
|
ImageMagick6<6.9.7.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9829
|
|
ImageMagick<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7606
|
|
ImageMagick<7.0.5.2 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7619
|
|
libdwarf<20160923 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5041
|
|
libxml2<2.9.4nb3 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5969
|
|
ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8354
|
|
ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8355
|
|
ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8562
|
|
ImageMagick{6,}<6.9.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9837
|
|
qemu<2.5.1 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8504
|
|
qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8568
|
|
qemu<2.5.1 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8613
|
|
qemu<2.5.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8666
|
|
qemu<2.9.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7377
|
|
tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5322
|
|
libblkid<2.28.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5011
|
|
minicom<2.7.1 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7467
|
|
adobe-flash-player<25.0.0.148 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-10.html
|
|
radare2<1.4.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7716
|
|
radare2<1.4.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7854
|
|
radare2<1.4.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7946
|
|
bugzilla<5.0.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2803
|
|
wireshark<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7957
|
|
wireshark<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7958
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7700
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7702
|
|
wireshark<2.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7703
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7704
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7705
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7745
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7746
|
|
wireshark<2.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7747
|
|
wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7748
|
|
libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7741
|
|
suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7741
|
|
libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7742
|
|
suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7742
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7592
|
|
tiff<4.0.7nb2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7593
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7594
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7595
|
|
tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7596
|
|
tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7597
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7598
|
|
tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7599
|
|
tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7600
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7601
|
|
tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7602
|
|
botan>=1.11.0<1.11.22 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7824
|
|
botan>=1.11.6<1.11.22 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7825
|
|
botan>=1.11.0<1.11.22 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7826
|
|
botan>=1.11.12<1.11.31 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6878
|
|
botan>=1.11.0<1.11.31 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6879
|
|
squirrelmail<1.4.23pre14605nb1 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7692
|
|
inspircd<2.0.7 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6674
|
|
inspircd<2.0.7 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6697
|
|
squashfs-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4646
|
|
a2ps<4.14nb10 format-string https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8107
|
|
rtmpdump-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8270
|
|
rtmpdump-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8271
|
|
rtmpdump-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8272
|
|
qemu<2.5.0 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8345
|
|
qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8567
|
|
qemu<2.5.1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8619
|
|
php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8864
|
|
php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4068
|
|
libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10324
|
|
libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10325
|
|
libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10326
|
|
libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7853
|
|
binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7614
|
|
freetype2<2.7.1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10328
|
|
freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7857
|
|
freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7858
|
|
freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7864
|
|
ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7859
|
|
ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7862
|
|
ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7863
|
|
ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7865
|
|
ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7866
|
|
ImageMagick{6,}<6.9.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9907
|
|
ImageMagick{6,}<6.9.3.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7515
|
|
ImageMagick{6,}<6.9.3.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7519
|
|
ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7522
|
|
ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7528
|
|
ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7529
|
|
ImageMagick{6,}<6.9.3.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7531
|
|
ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7533
|
|
ImageMagick{6,}<6.9.3.8 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7537
|
|
ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7941
|
|
ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7941
|
|
ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7942
|
|
ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7942
|
|
ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7943
|
|
ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7943
|
|
apache-tomcat>=6.0<6.0.53 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647
|
|
apache-tomcat>=7.0<7.0.77 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647
|
|
apache-tomcat>=8.0<8.0.43 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647
|
|
apache-tomcat>=8.5<8.5.13 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647
|
|
apache-tomcat>=7.0<7.0.76 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648
|
|
apache-tomcat>=8.0<8.0.42 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648
|
|
apache-tomcat>=8.5<8.5.12 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648
|
|
apache-tomcat>=8.5<8.5.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5650
|
|
apache-tomcat>=8.5<8.5.13 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5651
|
|
feh<2.18.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7875
|
|
gnutls<3.5.10 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7869
|
|
ghostscript-agpl<9.22 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7948
|
|
ghostscript-gpl-[0-9]* out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7948
|
|
ghostscript-agpl<9.21 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8602
|
|
ghostscript-gpl-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8602
|
|
icu<58.2nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7867
|
|
icu<58.2nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7868
|
|
jbig2dec<0.13nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7885
|
|
jbig2dec<0.13nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7975
|
|
jbig2dec<0.13nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7976
|
|
keepassx<0.4.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8378
|
|
libcroco>=0.6.11<0.6.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7960
|
|
libcroco>=0.6.11<0.6.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7961
|
|
nettle<3.3 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6489
|
|
opencv<3.3.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1516
|
|
opencv<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1517
|
|
sudo<1.8.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7032
|
|
bind>=9.9.0<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3136
|
|
bind>=9.10.0<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3136
|
|
bind>=9.9.0<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3137
|
|
bind>=9.10.0<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3137
|
|
bind>=9.9.0<9.9.9pl8 denial-of-service https://kb.isc.org/article/AA-01467
|
|
bind>=9.10.0<9.10.4pl8 denial-of-service https://kb.isc.org/article/AA-01467
|
|
php{56,70,71}-gmp-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7963
|
|
mediawiki<1.23.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331
|
|
mediawiki>=1.26.0<1.26.4 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331
|
|
mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331
|
|
mediawiki<1.23.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332
|
|
mediawiki>=1.26.0<1.26.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332
|
|
mediawiki>=1.27.0<1.27.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332
|
|
mediawiki<1.23.15 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333
|
|
mediawiki>=1.26.0<1.26.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333
|
|
mediawiki>=1.27.0<1.27.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333
|
|
mediawiki<1.23.15 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334
|
|
mediawiki>=1.26.0<1.26.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334
|
|
mediawiki>=1.27.0<1.27.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334
|
|
mediawiki<1.23.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335
|
|
mediawiki>=1.26.0<1.26.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335
|
|
mediawiki>=1.27.0<1.27.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335
|
|
mediawiki<1.23.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336
|
|
mediawiki>=1.26.0<1.26.4 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336
|
|
mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336
|
|
mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6337
|
|
qemu<2.8.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7718
|
|
libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7982
|
|
ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8957
|
|
ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8958
|
|
ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8959
|
|
ImageMagick{6,}<6.9.5.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5010
|
|
ImageMagick{6,}<6.8.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7513
|
|
ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7514
|
|
ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7516
|
|
ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7517
|
|
ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7518
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7520
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7521
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7525
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7526
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7527
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7530
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7532
|
|
ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7534
|
|
ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7535
|
|
ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7536
|
|
ImageMagick{6,}<6.9.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7538
|
|
ImageMagick{6,}<6.9.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7540
|
|
moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3729
|
|
moodle<3.0.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3731
|
|
moodle<3.0.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3732
|
|
moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3733
|
|
moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3734
|
|
mbedtls<1.3.19 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2784
|
|
mbedtls>=2.2<2.4.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2784
|
|
podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7994
|
|
podofo<0.9.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8053
|
|
podofo-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8054
|
|
php55-bz2<5.5.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399
|
|
php56-bz2<5.6.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399
|
|
php70-bz2<7.0.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399
|
|
chicken<4.12.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9954
|
|
weechat<1.7.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8073
|
|
graphite2<1.3.10 out-of-bounds-write https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
|
|
nss<3.29.5 out-of-bounds-write https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
|
|
sudo<1.8.12 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9680
|
|
pcre2<10.30 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8399
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8343
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8343
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8344
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8344
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8345
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8345
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8346
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8346
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8347
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8347
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8348
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8348
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8349
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8349
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8350
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8350
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8351
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8351
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8352
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8352
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8353
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8353
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8354
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8354
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8355
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8355
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8356
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8356
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8357
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8357
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8765
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8765
|
|
boehm-gc<=7.4.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9427
|
|
wget<1.19.1nb1 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2017-6508
|
|
magento-[0-9]* multiple-vulnerabilities http://www.defensecode.com/advisories/DC-2017-04-003_Magento_Arbitrary_File_Upload.pdf
|
|
apache-tomcat-[0-9]* directory-traversal http://www.defensecode.com/advisories/DC-2017-03-001_DefenseCode_ThunderScan_SAST_Apache_Tomcat_Security_Advisory.pdf
|
|
php{56,70,71}-concrete5-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2017-7725
|
|
php{56,70,71}-concrete5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8082
|
|
firefox45<45.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/
|
|
mysql-server>=5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
|
|
mysql-client>=5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
|
|
openjdk8<1.8.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA
|
|
oracle-jdk8<8.0.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA
|
|
oracle-jre8<8.0.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA
|
|
podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8787
|
|
podofo-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8378
|
|
podofo-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-7994
|
|
podofo<0.9.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8054
|
|
podofo-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8053
|
|
pcre2<10.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8786
|
|
qemu<2.10.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8112
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8086
|
|
qemu<2.9 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2017-8284
|
|
qemu<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7718
|
|
wordpress<4.7.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-8295
|
|
php{56,70,71}-ja-wordpress<4.7.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-8295
|
|
openssl>=1.1.0<1.1.0e denial-of-service https://www.openssl.org/news/secadv/20170216.txt
|
|
openssl>=1.0.2<1.0.2k multiple-vulnerabilities https://www.openssl.org/news/secadv/20170126.txt
|
|
openssl>=1.1.0<1.1.0d multiple-vulnerabilities https://www.openssl.org/news/secadv/20170126.txt
|
|
openssl>=1.1.0<1.1.0c multiple-vulnerabilities https://www.openssl.org/news/secadv/20161110.txt
|
|
rxvt<2.7.10nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7483
|
|
rzip-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8364
|
|
libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8365
|
|
suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8365
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362
|
|
suse{,32}_libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362
|
|
libsndfile<1.0.28nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8363
|
|
suse{,32}_libsndfile-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8363
|
|
libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361
|
|
suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361
|
|
libsndfile<1.0.28nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8365
|
|
suse{,32}_libsndfile-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8365
|
|
libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361
|
|
suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361
|
|
libsndfile<1.0.28nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362
|
|
suse{,32}_libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362
|
|
libsndfile<1.0.28nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8363
|
|
suse{,32}_libsndfile-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8363
|
|
ettercap-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8366
|
|
ettercap-NG-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8366
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6519
|
|
libarchive<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10349
|
|
libarchive<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10350
|
|
Radicale<1.1.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8342
|
|
php{56,70,71}-roundcube<1.2.5 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-8114
|
|
dpkg-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8283
|
|
udfclient<0.8.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8305
|
|
libressl>=2.5.1<2.5.4 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2017-8301
|
|
freetype2<2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8105
|
|
webmin<1.830 arbitrary-script-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2106
|
|
lshell-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2016-6903
|
|
freetype2<2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8287
|
|
lame<3.100 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8419
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397
|
|
nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398
|
|
ghostscript-agpl<9.23 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-8291
|
|
ghostscript-gpl-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-8291
|
|
libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8372
|
|
libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8373
|
|
libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8374
|
|
firefox52<52.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/
|
|
apache-tomcat>=7.0<7.0.77 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647
|
|
apache-tomcat>=8.0<8.0.43 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647
|
|
apache-tomcat>=8.5<8.5.13 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647
|
|
apache-tomcat>=7.0<7.0.76 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648
|
|
apache-tomcat>=8.0<8.0.42 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648
|
|
apache-tomcat>=8.5<8.5.12 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648
|
|
salt<2016.11.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8109
|
|
lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8845
|
|
suse{,32}_base-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8804
|
|
libetpan<1.8 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8825
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8830
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8830
|
|
lrzip-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8844
|
|
lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-8846
|
|
lrzip-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8847
|
|
lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8842
|
|
lrzip-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8843
|
|
libxslt<1.1.29nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-5029
|
|
kpathsea<6.2.2nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-10243
|
|
xenkernel42-[0-9]* information-disclosure http://www.openwall.com/lists/oss-security/2017/03/05/1
|
|
libytnef<1.9.2 multiple-vulnerabilities https://www.debian.org/security/2017/dsa-3846
|
|
php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0890
|
|
php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891
|
|
php{56,70,71}-nextcloud<11.0.3 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2017-0892
|
|
php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0893
|
|
php{56,70,71}-nextcloud<11.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0894
|
|
php{56,70,71}-nextcloud<11.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0895
|
|
lxterminal<0.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10369
|
|
git-base<2.12.3 security-restrictions-bypass https://www.debian.org/security/2017/dsa-3848
|
|
miniupnpc<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8798
|
|
libxml2<2.9.8nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8872
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-215.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-215.html
|
|
xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-215.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-214.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-214.html
|
|
xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-214.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-214.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-213.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-213.html
|
|
xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-213.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-213.html
|
|
tnef<1.4.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8911
|
|
ghostscript-agpl<9.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8908
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8908
|
|
pcmanfm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8934
|
|
moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7489
|
|
moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7490
|
|
moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7491
|
|
bitlbee<3.5.1 multiple-vulnerabilities https://www.debian.org/security/2017/dsa-3853
|
|
yara<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8929
|
|
php>=7<7.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8923
|
|
php>=8.0<8.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8923
|
|
flightgear<2017.2.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-8921
|
|
postgresql92-server<9.2.21 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/
|
|
postgresql93-server<9.3.17 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/
|
|
postgresql94-server<9.4.12 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/
|
|
postgresql95-server<9.5.7 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/
|
|
postgresql96-server<9.6.3 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/
|
|
libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327
|
|
libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327
|
|
libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7856
|
|
libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7856
|
|
libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870
|
|
libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870
|
|
libreoffice-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-7882
|
|
libreoffice5-bin-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-7882
|
|
libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8358
|
|
libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8358
|
|
php{56,70,71}-owncloud>=9.0<9.058 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891
|
|
php{56,70,71}-owncloud>=9.1<9.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891
|
|
php{56,70,71}-wordpress<4.7.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9061
|
|
php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9062
|
|
php{56,70,71}-wordpress<4.7.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9063
|
|
php{56,70,71}-wordpress<4.7.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9064
|
|
php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9065
|
|
php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9066
|
|
libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9047
|
|
libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9048
|
|
libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9049
|
|
libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9050
|
|
openvpn<2.3.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7478
|
|
openvpn<2.3.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7479
|
|
cairo<1.14.10nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7475
|
|
p5-Perl-Tidy-[0-9]* symlink-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10374
|
|
kdelibs4<4.14.32 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422
|
|
kauth<5.34 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9110
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9111
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9112
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9113
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9114
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9115
|
|
openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9116
|
|
libraw<0.18.2 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6886
|
|
libraw<0.18.2 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6887
|
|
samba4<4.6.4 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494
|
|
samba<3.6.25nb6 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494
|
|
go>1.6<1.8.2 weak-cryptography https://golang.org/issue/20040
|
|
pgbouncer<1.5.5 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4054
|
|
pgbouncer<1.6.1 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6817
|
|
php{56,70,71}-roundcube<1.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5381
|
|
php{56,70,71}-roundcube<1.1.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5382
|
|
php{56,70,71}-roundcube<1.1.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5383
|
|
ruby{18,193,200,21,22,23}-redmine<2.6.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8477
|
|
ghostscript-agpl<9.21 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977
|
|
ghostscript-gpl-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977
|
|
ghostscript-agpl<9.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7978
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7978
|
|
ghostscript-agpl<9.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7979
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7979
|
|
zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9840
|
|
zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9841
|
|
zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9842
|
|
zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9843
|
|
libtasn1<4.11 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6891
|
|
mantis<1.3.11 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620
|
|
mantis>=2.0<2.3.3 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620
|
|
mantis>=2.4<2.4.1 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620
|
|
qemu<2.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8309
|
|
qemu<2.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8379
|
|
libytnef-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9146
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9151
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9152
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9153
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9154
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9155
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9156
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9157
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9158
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9159
|
|
autotrace-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9160
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9161
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9162
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9163
|
|
autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9164
|
|
autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9165
|
|
autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9166
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9167
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9168
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9169
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9170
|
|
autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9171
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9172
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9173
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9174
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9175
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9176
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9177
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9178
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9179
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9180
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9181
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9182
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9183
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9184
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9185
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9186
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9187
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9188
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9189
|
|
autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9190
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9191
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9192
|
|
autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9193
|
|
autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9194
|
|
autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9195
|
|
autotrace-[0-9]* negative-size-param https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9196
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9197
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9198
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9199
|
|
autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9200
|
|
qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9208
|
|
qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9209
|
|
qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9210
|
|
vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8310
|
|
vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8311
|
|
vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8312
|
|
vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8313
|
|
kodi<17.2 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8313
|
|
botan>=2.0<2.1.0 verification-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2801
|
|
botan<1.10.6 verification-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2801
|
|
jbig2dec<0.13nb1 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9216
|
|
oniguruma<6.8.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9224
|
|
oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9225
|
|
oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9226
|
|
oniguruma<6.8.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9227
|
|
oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9228
|
|
oniguruma<6.8.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9229
|
|
tiff<4.0.8nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9147
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html
|
|
webkit-gtk<2.16.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html
|
|
webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html
|
|
webkit-gtk<2.16.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html
|
|
yodl<3.07.01 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10375
|
|
ImageMagick6<6.9.8.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9141
|
|
ImageMagick>=7.0<7.0.5.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9141
|
|
ImageMagick6<6.9.8.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9142
|
|
ImageMagick>=7.0<7.0.5.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9142
|
|
ImageMagick6<6.9.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9143
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9143
|
|
ImageMagick6<6.9.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9144
|
|
ImageMagick>=7.0<7.0.5.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9144
|
|
exiv2<0.27 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9239
|
|
picocom<2.0 command-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9059
|
|
gajim<0.16.8 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10376
|
|
GraphicsMagick<1.3.24 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9098
|
|
ImageMagick>=7.0<7.0.5.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9098
|
|
snort-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6658
|
|
qemu<2.10.0 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7493
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9038
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9039
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9040
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9041
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9042
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9043
|
|
binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9044
|
|
libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9052
|
|
libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9053
|
|
libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9054
|
|
libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9055
|
|
dropbear<2017.75 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9078
|
|
dropbear<2017.75 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9079
|
|
libytnef<1.9.3 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9058
|
|
asterisk>=13.0<13.15.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-002.html
|
|
asterisk>=14.0<14.4.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-002.html
|
|
asterisk>=13.0<13.15.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-003.html
|
|
asterisk>=14.0<14.4.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-003.html
|
|
asterisk>=13.0<13.15.1 denial-of-service http://downloads.asterisk.org/pub/security/AST-2017-004.html
|
|
asterisk>=14.0<14.4.1 denial-of-service http://downloads.asterisk.org/pub/security/AST-2017-004.html
|
|
sudo>=1.8.6p7<1.8.20 privilege-escalation https://www.sudo.ws/alerts/linux_tty.html
|
|
p5-File-Path<2.13 insecure-chmod http://search.cpan.org/dist/File-Path/lib/File/Path.pm#SECURITY_CONSIDERATIONS
|
|
perl<5.26.0nb1 insecure-chmod http://search.cpan.org/dist/File-Path/lib/File/Path.pm#SECURITY_CONSIDERATIONS
|
|
yara<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9304
|
|
irssi<1.0.3 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468
|
|
irssi<1.0.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469
|
|
git-base<2.12.3 remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386
|
|
libquicktime-[0-9]* infinite-loop https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9122
|
|
libquicktime-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9123
|
|
libquicktime-[0-9]* null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9124
|
|
libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9125
|
|
libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9126
|
|
libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127
|
|
libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127
|
|
libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9128
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9262
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9262
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9261
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9261
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9409
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9409
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9439
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9439
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9440
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9440
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
|
|
ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499
|
|
ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500
|
|
ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500
|
|
poppler-utils<0.56.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
|
|
poppler-utils<0.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7515
|
|
poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9083
|
|
poppler<0.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9406
|
|
poppler<0.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9408
|
|
samba<4.4.10 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-9461
|
|
samba>=4.5<4.5.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-9461
|
|
expat<2.2.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9063
|
|
expat<2.2.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9233
|
|
php{56,70,71}-contao43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
chicken<4.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9334
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8782
|
|
vlc<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9300
|
|
vlc<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9301
|
|
freeradius<3.0.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9148
|
|
php>=7<7.3.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9119
|
|
php>=7.4<7.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9119
|
|
wireshark<2.2.7 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-30.html
|
|
ansible<1.9.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-6240
|
|
libytnef<1.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9474
|
|
libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9473
|
|
libytnef-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9472
|
|
libytnef<1.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9471
|
|
libytnef<1.9.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9470
|
|
py{27,34,35,36}-mercurial<4.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9462
|
|
yara<3.6.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9465
|
|
yara<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9438
|
|
yara<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9465
|
|
kodi<17.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8314
|
|
php{56,70,71}-piwigo<2.9.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9452
|
|
apache-tomcat>=7.0<7.0.78 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664
|
|
apache-tomcat>=8.0<8.0.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664
|
|
apache-tomcat>=8.5<8.5.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664
|
|
yodl<3.07.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10375
|
|
openvpn<2.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7508
|
|
openvpn<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7520
|
|
openvpn<2.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7521
|
|
openvpn<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7522
|
|
openldap<2.4.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9287
|
|
libsndfile<1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6892
|
|
jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9782
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9130
|
|
poppler<0.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9865
|
|
lame<3.100nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9099
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9100
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9101
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9869
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9870
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9871
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9872
|
|
unrar<5.5.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-6706
|
|
ntopng<3.0 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7459
|
|
ntopng<3.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-7416
|
|
libmtp<1.1.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9831
|
|
libmtp<1.1.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9832
|
|
gnutls<3.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7507
|
|
libgcrypt<1.7.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9526
|
|
gnuplot<5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9670
|
|
libstaroffice<0.0.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9432
|
|
php{56,70,71}-piwigo<2.9.1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-9464
|
|
php{56,70,71}-piwigo<2.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9463
|
|
php{56,70,71}-piwigo-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9837
|
|
php{56,70,71}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9836
|
|
libthrift<0.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3254
|
|
samba<4.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9461
|
|
libcroco-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8871
|
|
libcroco-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8834
|
|
lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9928
|
|
lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9929
|
|
rabbitmq<3.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-4965
|
|
rabbitmq<3.6.9 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2017-4966
|
|
rabbitmq<3.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-4967
|
|
jetty<9.4.6.20170531 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9735
|
|
exim<4.90 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000369
|
|
radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9520
|
|
radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9761
|
|
radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9762
|
|
ansible<1.6.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3498
|
|
ansible<1.9.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2015-6240
|
|
libmwaw<0.3.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9433
|
|
h2o<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7835
|
|
cryptopp<5.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9434
|
|
dnstracer<1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9430
|
|
kdepim4<5.5.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9604
|
|
apache>=2.2.0<2.2.33 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-3167
|
|
apache>=2.4.1<2.4.26 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-3167
|
|
apache>=2.2.0<2.2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3169
|
|
apache>=2.4.1<2.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3169
|
|
apache>=2.2.0<2.2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7668
|
|
apache>=2.4.1<2.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7668
|
|
apache>=2.2.0<2.2.33 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7679
|
|
apache>=2.4.1<2.4.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7679
|
|
thunderbird<52.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/
|
|
firefox<54.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/
|
|
firefox52<52.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/
|
|
thunderbird<52.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/
|
|
py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220
|
|
adobe-flash-player<26.0.0.126 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-17.html
|
|
rar-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-9983
|
|
bind>=9.9.0<9.9.10pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3140
|
|
bind>=9.10.0<9.10.5pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3140
|
|
php{56,70,71}-tiki6<17.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9305
|
|
tiff<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9403
|
|
tiff<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9815
|
|
tiff<4.0.9nb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9935
|
|
tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9936
|
|
jbigkit<2.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9937
|
|
tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10688
|
|
libdwarf<20160115 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-8538
|
|
libdwarf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9998
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9218
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9219
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9220
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9221
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9222
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9223
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9253
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9254
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9255
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9256
|
|
faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9257
|
|
php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10678
|
|
php{56,70,71}-piwigo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10679
|
|
php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10680
|
|
php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10681
|
|
php{56,70,71}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10682
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9988
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9989
|
|
tor<0.3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-0375
|
|
tor<0.3.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0377
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10791
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10792
|
|
p5-DBD-mysql-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10788
|
|
p5-DBD-mysql-[0-9]* verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-10789
|
|
qemu<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9310
|
|
qemu<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9330
|
|
php>=5.6<5.6.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4473
|
|
php>=7.0<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4473
|
|
wireshark<2.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9616
|
|
wireshark<2.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9766
|
|
ruby{22,23}-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9096
|
|
ruby24<2.4.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9096
|
|
ruby{22,23,24}-mail{,25}<2.5.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9097
|
|
binutils<2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9742
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9954
|
|
binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9955
|
|
gdb-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9778
|
|
ntopng<3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7458
|
|
radare2<1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9949
|
|
radare2<1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9763
|
|
ocaml>=4.04<4.04.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-9772
|
|
horde-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9773
|
|
horde-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9774
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9953
|
|
teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9982
|
|
stalin-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2015-8697
|
|
ffmpeg3<3.3.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9990
|
|
ffmpeg2<2.8.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9991
|
|
ffmpeg3<3.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9991
|
|
ffmpeg2<2.8.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9992
|
|
ffmpeg3<3.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9992
|
|
ffmpeg2<2.8.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-9993
|
|
ffmpeg3<3.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-9993
|
|
ffmpeg2<2.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9994
|
|
ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9994
|
|
ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9995
|
|
ffmpeg2<2.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9996
|
|
ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9996
|
|
p5-XML-LibXML<2.0131 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-10672
|
|
mpg123<1.25.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10683
|
|
ncurses<6.0nb4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10684
|
|
ncurses<6.0nb4 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-10685
|
|
ncursesw<6.0nb3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10684
|
|
ncursesw<6.0nb3 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-10685
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-10686
|
|
libsass-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10687
|
|
vlc>=2.2<2.2.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-10699
|
|
mcollective<2.10.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2292
|
|
libtasn1<4.13 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-10790
|
|
GraphicsMagick<1.3.26 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10794
|
|
GraphicsMagick<1.3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10799
|
|
GraphicsMagick<1.3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10800
|
|
webmin<1.850 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9313
|
|
rt4<4.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6127
|
|
rt4<4.2.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5361
|
|
rt4<4.2.14 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-5943
|
|
rt4<4.2.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5944
|
|
contao35<3.5.28 file-inclusion https://contao.org/en/news/contao-3_5_28.html
|
|
php{55,56,70,71}-contao35<3.5.28 file-inclusion https://contao.org/en/news/contao-3_5_28.html
|
|
php{56,70,71}-contao44<4.4.1 file-inclusion https://contao.org/en/news/contao-3_5_28.html
|
|
evince<3.22.1nb6 command-injection https://bugzilla.gnome.org/show_bug.cgi?id=784630
|
|
jabberd<2.6.1 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5664
|
|
xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html
|
|
xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html
|
|
xenkernel46<4.6.6 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html
|
|
xenkernel48<4.8.2 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html
|
|
xenkernel42-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html
|
|
xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html
|
|
xenkernel46<4.6.6 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html
|
|
xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html
|
|
xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html
|
|
xenkernel45-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html
|
|
xenkernel46<4.6.6 privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html
|
|
xenkernel48<4.8.2 privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html
|
|
xenkernel45-[0-9]* information-disclosure https://xenbits.xen.org/xsa/advisory-220.html
|
|
xenkernel46<4.6.6 information-disclosure https://xenbits.xen.org/xsa/advisory-220.html
|
|
xenkernel48<4.8.2 information-disclosure https://xenbits.xen.org/xsa/advisory-220.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-221.html
|
|
xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-221.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-221.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-222.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-222.html
|
|
xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-222.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-222.html
|
|
xenkernel42-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html
|
|
xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html
|
|
xenkernel46<4.6.6 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html
|
|
xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html
|
|
py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220
|
|
radare2<1.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10929
|
|
ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
|
|
ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928
|
|
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166
|
|
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141
|
|
ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
|
|
ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995
|
|
ImageMagick<7.0.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188
|
|
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170
|
|
modular-xorg-server<1.19.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10971
|
|
modular-xorg-server<1.19.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10972
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9524
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9129
|
|
#pcre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11164 # disputed https://lists.exim.org/lurker/message/20200803.110207.8e4981db.en.html
|
|
php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11147
|
|
php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11147
|
|
php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145
|
|
php>=7.0<7.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145
|
|
php>=7.0<7.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145
|
|
php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144
|
|
php>=7.0<7.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144
|
|
php>=7.0<7.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144
|
|
php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11143
|
|
php>=5.6<5.6.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142
|
|
php>=7.0<7.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142
|
|
php>=7.1<7.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142
|
|
php>=5.6<5.6.28 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10397
|
|
php>=7.0<7.0.13 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10397
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11140
|
|
GraphicsMagick<1.3.27 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-11139
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11102
|
|
mpg123<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11126
|
|
ncurses<6.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11113
|
|
ncurses<6.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11112
|
|
ncursesw<6.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11113
|
|
ncursesw<6.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11112
|
|
tcpdump<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11108
|
|
nasm<2.13.02 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11111
|
|
vim<8.0.0704 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11109
|
|
phpldapadmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11107
|
|
knot<2.5.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-11104
|
|
catdoc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11110
|
|
sqlite3<3.20.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10989
|
|
libcares<1.13.0 out-of-bounds-read https://c-ares.haxx.se/adv_20170620.html
|
|
irssi<1.0.4 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_07.txt
|
|
poppler<0.56 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2818
|
|
poppler<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2814
|
|
gnome-session<2.29.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11171
|
|
ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478
|
|
ImageMagick<7.0.6.1 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556
|
|
ImageMagick6<6.9.9.0 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556
|
|
ImageMagick<7.0.7.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11540
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11537
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11537
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11538
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11538
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11539
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11539
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11536
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11536
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11534
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11534
|
|
libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11554
|
|
libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11555
|
|
libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11556
|
|
tcpdump<4.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11541
|
|
tcpdump<4.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11542
|
|
tcpdump<4.9.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11543
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11553
|
|
# in stills2dv, not libjpeg-turbo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9614
|
|
libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11550
|
|
libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11551
|
|
sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11332
|
|
sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11358
|
|
sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11359
|
|
libao-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11548
|
|
yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11692
|
|
xz<5.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-4035
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11691
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000031
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000032
|
|
gsoap<2.8.48 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9765
|
|
nodejs<8.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11499
|
|
libvorbis<1.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11333
|
|
vorbis-tools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11331
|
|
timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11546
|
|
timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11547
|
|
timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11549
|
|
tinyproxy<1.10.0 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11747
|
|
tenshi-[0-9]* local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11746
|
|
nosefart-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11119
|
|
php{56,70,71}-owncloud>=9.0<9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8896
|
|
php{56,70,71}-owncloud>=9.1<9.1.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9338
|
|
memcached<1.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9951
|
|
jasper<2.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000050
|
|
php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-8864
|
|
glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11474
|
|
glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11475
|
|
glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11329
|
|
glpi<9.1.5.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11183
|
|
glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11184
|
|
librsvg<2.40.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11464
|
|
adobe-flash-player<26.0.0.131 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-21.html
|
|
libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11423
|
|
libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11590
|
|
jenkins<2.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000362
|
|
shotwell<0.25.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000024
|
|
libopenmpt<0.2.8461 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-11311
|
|
xmlsec1<1.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000061
|
|
cairo<1.14.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9814
|
|
yara<3.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11328
|
|
phpmyadmin<4.6.6 denial-of-service https://www.phpmyadmin.net/security/PMASA-2017-3/
|
|
gtk-vnc<0.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000044
|
|
moodle<3.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2642
|
|
moodle<3.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7531
|
|
moodle<3.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7532
|
|
bind>=9.9.0<9.9.10pl2 information-disclosure https://kb.isc.org/article/AA-01504/74/CVE-2017-3142
|
|
bind>=9.10.0<9.10.5pl2 information-disclosure https://kb.isc.org/article/AA-01504/74/CVE-2017-3142
|
|
bind>=9.9.0<9.9.10pl2 security-bypass https://kb.isc.org/article/AA-01504/74/CVE-2017-3143
|
|
bind>=9.10.0<9.10.5pl2 security-bypass https://kb.isc.org/article/AA-01504/74/CVE-2017-3143
|
|
nginx<1.12.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7529
|
|
nginx>=1.13<1.13.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7529
|
|
teamspeak-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8290
|
|
heimdal<7.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-11103
|
|
apache>=2.4.26<2.4.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-9789
|
|
apache<2.2.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9788
|
|
apache>=2.4<2.4.27 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9788
|
|
apache-roller<5.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-0249
|
|
ruby{22,23,24}-mixlib-archive<0.4.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-1000026
|
|
epiphany<3.18.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000025
|
|
php{56,70,71}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000035
|
|
KeePass<1.33 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000066
|
|
libcares>=1.8.0<1.13.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000381
|
|
freeradius>=3.0<3.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10978
|
|
freeradius<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10978
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11336
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11341
|
|
chicken<4.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11343
|
|
php70-intl<7.0.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11362
|
|
php71-intl<7.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11362
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11399
|
|
ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11399
|
|
go<1.7.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8932
|
|
go>=1.8<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8932
|
|
ruby24>=2.4.1<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11465
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11434
|
|
php<5.6.31 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628
|
|
php>=7.0<7.0.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628
|
|
php>=7.1<7.1.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628
|
|
gcc48<4.8.5nb4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671
|
|
gcc49<4.9.4nb4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671
|
|
gcc5<5.4.0nb5 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671
|
|
gcc6<6.4.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671
|
|
soundtouch<1.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9258
|
|
mpg123<1.25.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9545
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11720
|
|
ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11719
|
|
rspamd<1.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11737
|
|
ntp<4.2.8p5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5300
|
|
links<2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11114
|
|
tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11613
|
|
GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11643
|
|
ImageMagick6<6.9.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-11644
|
|
ImageMagick<7.0.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-11644
|
|
arts-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-7543
|
|
kdelibs3-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-7543
|
|
mantis<1.2.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5059
|
|
mantis<1.3.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061
|
|
mantis>=2.0<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061
|
|
mantis>=2.0<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12062
|
|
libmad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11552
|
|
cacti<1.1.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12066
|
|
cacti<1.1.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12065
|
|
potrace-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12067
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11703
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11704
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11705
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11728
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11729
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11730
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11732
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11733
|
|
ImageMagick6>=6.9.9.4<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11750
|
|
ImageMagick>=7.0.6.4<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11750
|
|
ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11751
|
|
ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11751
|
|
ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11754
|
|
ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11754
|
|
ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11752
|
|
ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11752
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11753
|
|
ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11755
|
|
ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11755
|
|
ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12140
|
|
ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12140
|
|
libytnef<1.9.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12141
|
|
libquicktime-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12143
|
|
libytnef<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12142
|
|
libytnef<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12144
|
|
libquicktime-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12145
|
|
hplip<3.15.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-0839
|
|
jasper<1.900.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5203
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10664
|
|
qemu<2.10.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10806
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11334
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11731
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11734
|
|
php56-gd<5.6.31 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890
|
|
php70-gd<7.0.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890
|
|
php71-gd<7.1.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890
|
|
ioquake3<1.36.20200125 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11721
|
|
mysql-server<5.0.67 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4098
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11722
|
|
ImageMagick<7.0.6.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12418
|
|
ImageMagick6<6.9.9.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12418
|
|
ghostscript-agpl<9.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11714
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11714
|
|
varnish>=4.0.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425
|
|
varnish>=4.1.0<4.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425
|
|
varnish>=5.1.0<5.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12428
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12428
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12429
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12429
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12430
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12430
|
|
ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12427
|
|
ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12427
|
|
ImageMagick6<6.9.9.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12431
|
|
ImageMagick<7.0.6.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12431
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12432
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12432
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12433
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12433
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12434
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12434
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12435
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12435
|
|
binutils<2.30 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12448
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12449
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12450
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12452
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12451
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12454
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12453
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12455
|
|
binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-12457
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12458
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12456
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12459
|
|
ledger-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12481
|
|
ledger-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12482
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11724
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11724
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11665
|
|
ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11665
|
|
mantis-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12419
|
|
libsndfile<1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12562
|
|
ImageMagick6<6.9.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12565
|
|
ImageMagick<7.0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12565
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12564
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12564
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12566
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12566
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12563
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12563
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12587
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12587
|
|
rsyslog<8.28.0 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-12588
|
|
openexr<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12596
|
|
opencv<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12598
|
|
opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12597
|
|
opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12600
|
|
opencv<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12599
|
|
opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12602
|
|
opencv<3.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12601
|
|
opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12603
|
|
opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12604
|
|
opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12605
|
|
opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12606
|
|
libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6419
|
|
clamav<0.99.3nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-6418
|
|
clamav<0.99.3nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-6420
|
|
samba>=4.0.0<4.5.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-2126
|
|
ImageMagick6<6.9.9.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12640
|
|
ImageMagick<7.0.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12640
|
|
ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12641
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12641
|
|
ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12643
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12643
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12642
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12642
|
|
ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12644
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12644
|
|
ghostscript-agpl<9.23 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9835
|
|
ghostscript-gpl-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9835
|
|
mysql-client>=5.6<5.6.37 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.37 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.19 unauthorized-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3651
|
|
mysql-server>=5.7<5.7.19 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
|
|
openjdk8<1.8.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA
|
|
oracle-jdk8<8.0.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA
|
|
oracle-jre8<8.0.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA
|
|
ipsec-tools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10396
|
|
firefox<68.0 denial-of-service http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt
|
|
cliqz<1.28.0 denial-of-service http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt
|
|
seamonkey<2.48 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/
|
|
fontforge<20170730 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11576
|
|
freerdp-[0-9]* multiple-vulnerabilities http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12654
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12662
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12663
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12664
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12665
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12666
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12667
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12668
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12669
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12670
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12671
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12672
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12673
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12674
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12675
|
|
ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12676
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12967
|
|
binutils<2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12799
|
|
firefox52<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-19/
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12958
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12959
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12960
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12961
|
|
libsass<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12962
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12963
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12964
|
|
unrar<5.5.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-12938
|
|
unrar<5.5.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12940
|
|
unrar<5.5.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12941
|
|
unrar<5.5.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12942
|
|
exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12955
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12956
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12957
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11683
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12935
|
|
GraphicsMagick<1.3.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12936
|
|
GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12937
|
|
libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11661
|
|
libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11662
|
|
libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11663
|
|
libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11664
|
|
adobe-flash-player<26.0.0.151 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-23.html
|
|
librest07<0.7.93 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-2675
|
|
librest-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-2675
|
|
tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12944
|
|
py{27,34,35,36}-attic<0.15 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2015-4082
|
|
augeas<1.8.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7555
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12927
|
|
postgresql94-server<9.4.13 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/
|
|
postgresql95-server<9.5.8 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/
|
|
postgresql96-server<9.6.4 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/
|
|
apache>=2.4<2.4.26 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-7659
|
|
php{56,70,71}-owncloud<10.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9339
|
|
php{56,70,71}-owncloud<10.0.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9340
|
|
apache-tomcat>=8.5<8.5.16 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7675
|
|
apache-tomcat>=7.0<7.0.79 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7675
|
|
apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796
|
|
apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796
|
|
apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796
|
|
apache-tomcat>=7.0<7.0.72 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797
|
|
apache-tomcat>=8.0<8.0.37 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797
|
|
apache-tomcat>=8.5<8.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797
|
|
apache-tomcat>=7.0<7.0.74 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745
|
|
apache-tomcat>=8.0<8.0.40 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745
|
|
apache-tomcat>=8.5<8.5.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745
|
|
apache-tomcat>=8.5<8.5.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6817
|
|
apache-tomcat>=8.5<8.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6794
|
|
apache-tomcat>=7.0<7.0.72 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8744
|
|
apache-tomcat>=8.0<8.0.37 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8744
|
|
apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018
|
|
apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018
|
|
apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018
|
|
apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762
|
|
apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762
|
|
apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762
|
|
opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12863
|
|
opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12864
|
|
opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12862
|
|
xenkernel45-[0-9]* multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html
|
|
xenkernel46<4.6.6nb1 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html
|
|
xenkernel48<4.8.2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html
|
|
py{27,33,34,35}-numpy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12852
|
|
mantis<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061
|
|
mantis<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12062
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9410
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9411
|
|
lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9412
|
|
lame<3.100 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9412
|
|
taglib<1.11.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12678
|
|
subversion-base<1.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9800
|
|
curl>=7.34.0<7.55.0 out-of-bounds-read https://curl.haxx.se/docs/adv_20170809A.html
|
|
curl>=7.15.0<7.55.0 information-disclosure https://curl.haxx.se/docs/adv_20170809B.html
|
|
curl>=7.54.1<7.55.0 out-of-bounds-read https://curl.haxx.se/docs/adv_20170809C.html
|
|
soundtouch<1.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9259
|
|
soundtouch<1.9.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9260
|
|
mit-krb5<1.14.5nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11368
|
|
libgcrypt<1.7.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2017-7526
|
|
libsoup<2.58.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2885
|
|
py{27,34,35,36}-mercurial<4.3.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-1000115
|
|
py{27,34,35,36}-mercurial<4.3.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-1000116
|
|
cvs<1.12.13nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-12836
|
|
patch<2.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9637
|
|
salt<2014.7.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-4017
|
|
patch<2.7.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1395
|
|
py{27,33,34,35}-kerberos-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-3206
|
|
tidy<5.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13692
|
|
php>=7.0<7.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12934
|
|
php>=7.1<7.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12934
|
|
php>=5.6<5.6.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933
|
|
php>=7.0<7.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933
|
|
php>=7.1<7.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933
|
|
php>=7.0<7.0.22 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12932
|
|
php>=7.1<7.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12932
|
|
gnutls<3.4.13 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12932
|
|
ntp<4.2.8p2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-3405
|
|
qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0143
|
|
python27<2.7.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616
|
|
python34<3.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616
|
|
python35<3.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616
|
|
py{27,33,34,35}-simplejson<3.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616
|
|
apache-tomcat>=7.0<7.0.78 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674
|
|
apache-tomcat>=8.0<8.0.44 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674
|
|
apache-tomcat>=8.5<8.5.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674
|
|
apache-tomcat>=8.5<8.5.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7675
|
|
x265-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13666
|
|
ImageMagick6<6.9.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13658
|
|
ImageMagick<7.0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13658
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-226.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-226.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-226.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-226.html
|
|
xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html
|
|
xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html
|
|
xenkernel46<4.6.6nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html
|
|
xenkernel48<4.8.2 privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-228.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-228.html
|
|
py{27,33,34,35}-JWT<1.5.1 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2017-11424
|
|
nagios-base<4.3.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12847
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13648
|
|
binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13710
|
|
flightgear<2017.3.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-13709
|
|
qpdf<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12595
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13147
|
|
GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13063
|
|
GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13064
|
|
GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13065
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13066
|
|
ImageMagick6<6.9.9.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12983
|
|
ImageMagick<7.0.6.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12983
|
|
ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13026
|
|
ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13026
|
|
ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13058
|
|
ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13058
|
|
ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13059
|
|
ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13059
|
|
ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13060
|
|
ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13060
|
|
ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13061
|
|
ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13061
|
|
ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13131
|
|
ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13132
|
|
ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13133
|
|
ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13134
|
|
ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13139
|
|
ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13139
|
|
ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13140
|
|
ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13140
|
|
ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13141
|
|
ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13141
|
|
ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13142
|
|
ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13142
|
|
ImageMagick6<6.9.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143
|
|
ImageMagick<7.0.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143
|
|
ImageMagick6<6.9.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143
|
|
ImageMagick6<6.9.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13145
|
|
ImageMagick<7.0.5.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13145
|
|
ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13146
|
|
ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13146
|
|
newsbeuter-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12904
|
|
libzip<1.3.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-12858
|
|
salt<2017.7.1 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-12791
|
|
salt<2015.8.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6941
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12809
|
|
py27-supervisor<3.3.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-11610
|
|
dnsdist<1.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-7557
|
|
ha-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1198
|
|
ppmd-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1199
|
|
wpa_supplicant<2.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-0210
|
|
xymon<4.3.18 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1430
|
|
unshield<1.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1386
|
|
bash<4.3.047 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-0634
|
|
mantis<1.2.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-2046
|
|
qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8380
|
|
openjpeg<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12982
|
|
cacti<1.1.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12978
|
|
ruby22-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820
|
|
ruby23-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820
|
|
ruby24-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820
|
|
qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0142
|
|
qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0145
|
|
qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0146
|
|
asn1c-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12966
|
|
kpathsea<6.0.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-5700
|
|
kpathsea<6.2.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-5701
|
|
kgb-bot-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1554
|
|
php{56,70,71}-basercms<3.0.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10842
|
|
libfpx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12919
|
|
lame<3.100 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13712
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13716
|
|
openssl<1.0.2knb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-3735
|
|
openssl>=1.1.0<1.1.0g out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-3735
|
|
heimdal<7.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-6594
|
|
mpg123<1.25.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12797
|
|
sqlite3<3.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13685
|
|
tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13726
|
|
tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13727
|
|
ncurses<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13728
|
|
libraw<0.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13735
|
|
jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13745
|
|
mpg123<1.18.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9497
|
|
libgcrypt<1.8.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2017-0379
|
|
sleuthkit<4.1.3nb6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-13755
|
|
openjpeg<2.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10504
|
|
wireshark<2.4.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13764
|
|
ffmpeg010<0.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-2805
|
|
mbedtls<1.3.21 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14032
|
|
mbedtls>=2<2.1.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14032
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14054
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14055
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14055
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14056
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14056
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14057
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14057
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14058
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14058
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14059
|
|
ffmpeg2<2.8.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14169
|
|
ffmpeg3<3.3.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14169
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14170
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14170
|
|
ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14171
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14171
|
|
libidn2<2.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14061
|
|
ruby22-base<2.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064
|
|
ruby23-base<2.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064
|
|
ruby24-base<2.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064
|
|
pngcrush<1.7.87 double-free https://nvd.nist.gov/vuln/detail/CVE-2015-7700
|
|
qemu<2.11.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-13672
|
|
libzip<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14107
|
|
ImageMagick6<6.9.9.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12691
|
|
ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12691
|
|
emacs24-24.4* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9483
|
|
emacs24-nox11-24.4* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9483
|
|
asterisk>=13.0<13.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14098
|
|
asterisk>=14.0<14.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14098
|
|
asterisk>=11.0<11.25.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099
|
|
asterisk>=13.0<13.17.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099
|
|
asterisk>=14.0<14.6.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099
|
|
asterisk>=11.0<11.25.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100
|
|
asterisk>=13.0<13.17.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100
|
|
asterisk>=14.0<14.6.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100
|
|
ffmpeg1<1.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-0870
|
|
jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14132
|
|
opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14136
|
|
evince<3.22.1nb6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000083
|
|
gedit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14108
|
|
py{27,34,35,36}-scrapy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14158
|
|
ledger-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2807
|
|
ledger-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-2808
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14165
|
|
libarchive<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14166
|
|
ruby19<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-6438
|
|
py{27,34,35,36}-django>=1.10<1.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12794
|
|
py{27,34,35,36}-django>=1.11<1.11.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12794
|
|
mp3gain-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-12911
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12912
|
|
gd<2.2.5 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-6362
|
|
ocaml<4.04.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-9779
|
|
php{56,70,71}-concrete5<5.7.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2015-4724
|
|
php{56,70,71}-concrete5<5.7.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4721
|
|
ntp<4.2.8p3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5146
|
|
qt5-qtwebkit<5.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8079
|
|
libwpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14226
|
|
#jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14229 Disputed, see https://github.com/jasper-maint/jasper/issues/20#issuecomment-648920879
|
|
libbson-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14227
|
|
nasm<2.13.02 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14228
|
|
cyrus-imapd<3.0.4 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14230
|
|
ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14248
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249
|
|
ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249
|
|
libraw<0.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14265
|
|
file<5.32 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-1000249
|
|
GraphicsMagick<1.3.27 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14314
|
|
perl<5.26.0nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12837
|
|
git-base<2.14.1 command-injection https://github.com/git/git/blob/master/Documentation/RelNotes/2.14.1.txt
|
|
mariadb-server<5.5.57 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
|
|
jenkins<1.586 information-leak https://nvd.nist.gov/vuln/detail/CVE-2014-9634
|
|
jenkins<1.586 information-leak https://nvd.nist.gov/vuln/detail/CVE-2014-9635
|
|
mantis<1.2.19 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2014-9624
|
|
tcpreplay<4.1.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14266
|
|
xenkernel42-[0-9]* out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html
|
|
xenkernel45-[0-9]* out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html
|
|
xenkernel46<4.6.6nb1 out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html
|
|
xenkernel48<4.8.3 out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html
|
|
xentools42-[0-9]* double-free http://xenbits.xen.org/xsa/advisory-233.html
|
|
xentools45-[0-9]* double-free http://xenbits.xen.org/xsa/advisory-233.html
|
|
xentools46<4.6.6nb1 double-free http://xenbits.xen.org/xsa/advisory-233.html
|
|
xentools48<4.8.3 double-free http://xenbits.xen.org/xsa/advisory-233.html
|
|
xenkernel42-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-232.html
|
|
xenkernel45-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-232.html
|
|
xenkernel46<4.6.6nb1 null-dereference http://xenbits.xen.org/xsa/advisory-232.html
|
|
xenkernel48<4.8.3 null-dereference http://xenbits.xen.org/xsa/advisory-232.html
|
|
xenkernel42-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html
|
|
xenkernel45-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html
|
|
xenkernel46<4.6.6nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html
|
|
xenkernel48<4.8.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html
|
|
xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-207.html
|
|
xenkernel45<4.5.5nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html
|
|
xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html
|
|
xenkernel48<4.8.1 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14325
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14325
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14326
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14326
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14324
|
|
ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14341
|
|
ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14341
|
|
ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14343
|
|
ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14343
|
|
ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14342
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14400
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14400
|
|
ImageMagick<7.0.6.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14248
|
|
ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249
|
|
ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249
|
|
ImageMagick<7.0.7.2 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14505
|
|
ImageMagick6<6.9.9.13 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14505
|
|
ImageMagick6<6.9.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14528
|
|
ImageMagick<7.0.7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14528
|
|
ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14531
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14531
|
|
ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14533
|
|
ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14533
|
|
ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14532
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14532
|
|
ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14224
|
|
ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14224
|
|
ImageMagick<7.0.7.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14607
|
|
ImageMagick6<6.9.9.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14607
|
|
ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14625
|
|
ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14625
|
|
ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14624
|
|
ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14624
|
|
ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14626
|
|
ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14626
|
|
horde>=2.0.0<2.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14650
|
|
ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14684
|
|
ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14684
|
|
ImageMagick<7.0.7.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14682
|
|
ImageMagick6<6.9.9.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14682
|
|
binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
cross-aarch64-none-elf-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
cross-arm-none-eabi-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
avr-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
binutils-mips<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
cross-freemint-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
cross-h8300-elf-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
cross-h8300-hms-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
nios2-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333
|
|
binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
cross-aarch64-none-elf-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
cross-arm-none-eabi-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
avr-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
binutils-mips<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
cross-freemint-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
cross-h8300-elf-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
cross-h8300-hms-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
nios2-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
cross-pdp11-aout-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
mingw-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529
|
|
weechat<1.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14727
|
|
wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14726
|
|
php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14726
|
|
wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14724
|
|
php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14724
|
|
wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14722
|
|
php{56,70,71}-ja-wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14722
|
|
wordpress<4.8.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-14725
|
|
php{56,70,71}-ja-wordpress<4.8.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-14725
|
|
wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14718
|
|
php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14718
|
|
wordpress<4.8.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14723
|
|
php{56,70,71}-ja-wordpress<4.8.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14723
|
|
wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14721
|
|
php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14721
|
|
wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14720
|
|
php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14720
|
|
wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14719
|
|
php{56,70,71}-ja-wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14719
|
|
magento-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-9758
|
|
mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14685
|
|
mupdf<1.11nb5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14686
|
|
mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14687
|
|
bladeenc-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14648
|
|
libexif<0.6.21nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7544
|
|
GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14504
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14649
|
|
openjpeg<2.3.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14164
|
|
libraw<0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14348
|
|
libraw<0.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14608
|
|
mp3gain-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14406
|
|
mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14407
|
|
mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14408
|
|
mp3gain-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14409
|
|
mp3gain-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14410
|
|
mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14411
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14412
|
|
php{56,70,71}-drupal<7.35 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-2749
|
|
php{56,70,71}-drupal<7.35 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-2750
|
|
mit-krb5<1.14.6 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-11462
|
|
ruby22-base<2.2.8 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898
|
|
ruby23-base<2.3.5 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898
|
|
ruby24-base<2.4.2 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898
|
|
ruby22-base<2.2.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784
|
|
ruby23-base<2.3.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784
|
|
ruby24-base<2.4.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784
|
|
ruby22-base<2.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033
|
|
ruby23-base<2.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033
|
|
ruby24-base<2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033
|
|
ruby22-base<2.2.8 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
|
|
ruby23-base<2.3.5 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
|
|
ruby24-base<2.4.2 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899
|
|
ruby22-base<2.2.8 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
|
|
ruby23-base<2.3.5 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
|
|
ruby24-base<2.4.2 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900
|
|
ruby22-base<2.2.8 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
|
|
ruby23-base<2.3.5 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
|
|
ruby24-base<2.4.2 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901
|
|
ruby22-base<2.2.8 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
|
|
ruby23-base<2.3.5 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
|
|
ruby24-base<2.4.2 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902
|
|
libofx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2816
|
|
libofx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2816
|
|
tcpdump<4.9.2 multiple-vulnerabilities http://www.tcpdump.org/tcpdump-changes.txt
|
|
botan>=2.0<2.3.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737
|
|
botan<1.10.17 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737
|
|
ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741
|
|
ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741
|
|
ImageMagick<7.0.7.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
|
|
ImageMagick6-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739
|
|
ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222
|
|
ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222
|
|
ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223
|
|
ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223
|
|
ffmpeg3<3.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14225
|
|
emacs21<21.4anb39 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs22-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs23-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs24-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs25<25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs21-nox11<21.4anb39 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs22-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs23-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs24-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
emacs25-nox11<25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482
|
|
libbpg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14734
|
|
newsbeuter-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14500
|
|
moodle<3.3.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12157
|
|
moodle<3.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12156
|
|
libarchive<3.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14501
|
|
libarchive<3.3.3 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14502
|
|
libarchive<3.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14503
|
|
poppler<0.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14518
|
|
poppler<0.61.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14517
|
|
poppler<0.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14520
|
|
poppler<0.61.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-14519
|
|
tor>=0.3.0<0.3.0.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0380
|
|
tor>=0.3.1<0.3.1.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0380
|
|
apache<2.2.34nb1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9798
|
|
apache>=2.4<2.4.27nb2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9798
|
|
apache-tomcat>=7.0<7.0.81 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12616
|
|
gdk-pixbuf2<2.36.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2862
|
|
qemu<2.11.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14167
|
|
dovecot>=2<2.2.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3420
|
|
mongodb-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14227
|
|
nagios-base-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14312
|
|
perl<5.26.0nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12883
|
|
py{27,34,35,36}-ipython<3.2.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5607
|
|
py{27,34,35,36}-ipython<3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4707
|
|
py{27,34,35,36}-ipython>=3.0<3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4706
|
|
nautilus<3.23.90 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-14604
|
|
libpgf<6.15.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2015-6673
|
|
SOGo<3.1.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5395
|
|
kannel-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-14609
|
|
ruby{22,23,24}-chef-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8559
|
|
libvorbis<1.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14633
|
|
libvorbis<1.3.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14632
|
|
libvorbis<1.3.6nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14160
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14634
|
|
libsndfile<1.0.28nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14245
|
|
libsndfile<1.0.28nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14246
|
|
samba<4.6.8 man-in-the-middle https://www.samba.org/samba/security/CVE-2017-12150.html
|
|
samba<4.6.8 man-in-the-middle https://www.samba.org/samba/security/CVE-2017-12151.html
|
|
samba<4.6.8 information-leak https://www.samba.org/samba/security/CVE-2017-12163.html
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14745
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14930
|
|
binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14932
|
|
binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14933
|
|
binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14934
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14938
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14939
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14940
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14617
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14926
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14927
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14928
|
|
poppler<0.60.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-14929
|
|
php{56,70,71}-tiki6<17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14924
|
|
php{56,70,71}-tiki6<17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14925
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14857
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14858
|
|
exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14859
|
|
exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14860
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14861
|
|
exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14862
|
|
exiv2<0.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14863
|
|
exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14864
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14865
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14866
|
|
git-base<2.14.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14867
|
|
percona-toolkit<2.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-2029
|
|
libofx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14731
|
|
nodejs<8.6.0 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2017-14849
|
|
libbpg-[0-9] denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14795
|
|
libbpg-[0-9] denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14796
|
|
salt<2016.11.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5200
|
|
salt<2016.11.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-5192
|
|
ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14767
|
|
kdepim<4.14.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-8878
|
|
tcpdump<4.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3138
|
|
freexl<1.0.4 arbitrary-code-execution https://www.debian.org/security/2017/dsa-3976
|
|
protobuf<3.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5237
|
|
openvpn<2.4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12166
|
|
dnsmasq<2.78 multiple-vulnerabilities https://www.kb.cert.org/vuls/id/973527
|
|
pngcrush<1.7.84 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2158
|
|
modular-xorg-server<1.19.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723
|
|
salt<2017.7.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-5192
|
|
ruby{18,20,21,22,23}-http<0.7.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-1828
|
|
py{27,34,35,36}-ipython<4.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5607
|
|
wpa_supplicant<2.6nb1 weak-cryptography http://seclists.org/oss-sec/2017/q4/83
|
|
coreutils<8.13 local-file-delete https://nvd.nist.gov/vuln/detail/CVE-2015-1865
|
|
libbfd-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14729
|
|
wesnoth<1.12.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5069
|
|
ImageMagick<7.0.7.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14989
|
|
ImageMagick6<6.9.9.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14989
|
|
apache-tomcat>=7.0<7.0.82 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617
|
|
apache-tomcat>=8.0<8.0.47 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617
|
|
apache-tomcat>=8.5<8.5.23 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14926
|
|
GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14994
|
|
git-base<2.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-1000117
|
|
lame<3.100 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15018
|
|
go<1.8.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15041
|
|
go>=1.9<1.9.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15041
|
|
redis<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15047
|
|
libofx<0.9.12 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-2920
|
|
curl>=7.7<7.56.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000254
|
|
openexif-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14931
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15056
|
|
libmp3splt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15185
|
|
apache-roller<5.0.3 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-0030
|
|
mpfr<3.1.2pl11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2014-9474
|
|
asterisk>=11.0<11.25.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603
|
|
asterisk>=13.0<13.17.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603
|
|
asterisk>=14.0<14.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603
|
|
qemu<2.11.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15038
|
|
zookeeper<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5637
|
|
wesnoth<1.12.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5070
|
|
salt<2015.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-6918
|
|
nodejs<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-7384
|
|
sudo<1.8.7 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-8239
|
|
magento<1.9.2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8707
|
|
php{56,70,71}-piwigo<2.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10513
|
|
php{56,70,71}-piwigo<2.8.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10514
|
|
wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15190
|
|
wireshark>=2.0.0<2.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191
|
|
wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191
|
|
wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191
|
|
wireshark>=2.4.0<2.4.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-15189
|
|
wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15193
|
|
wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15193
|
|
wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15192
|
|
wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15192
|
|
cacti<1.1.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15194
|
|
ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15217
|
|
ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15217
|
|
ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15218
|
|
ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15218
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15225
|
|
libjpeg-turbo<1.5.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15232
|
|
GraphicsMagick<1.3.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15238
|
|
libXfont<1.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13720
|
|
libXfont2<2.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13720
|
|
libXfont<1.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13722
|
|
libXfont2<2.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13722
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15020
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15021
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15022
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15023
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15024
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15025
|
|
libextractor<1.5 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-15266
|
|
libextractor<1.5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15267
|
|
dnsmasq<2.78 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14492
|
|
dnsmasq<2.78 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14493
|
|
ImageMagick<7.0.7.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-15032
|
|
SDL2_image<2.0.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887
|
|
SDL_image-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887
|
|
SDL2<2.0.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2888
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14997
|
|
ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15015
|
|
ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15015
|
|
lame<3.100 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15019
|
|
ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15016
|
|
ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15016
|
|
ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15017
|
|
ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15017
|
|
lame<3.100 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15045
|
|
lame<3.100 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15046
|
|
ImageMagick<7.0.7.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-15033
|
|
qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15268
|
|
ImageMagick6<6.9.9.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15277
|
|
ImageMagick<7.0.6.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15277
|
|
ImageMagick<7.0.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281
|
|
graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281
|
|
sqlite3<3.21.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15286
|
|
dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13704
|
|
dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14491
|
|
dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14495
|
|
dnsmasq<2.78 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14494
|
|
dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14496
|
|
wordpress-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-14990
|
|
git-base<2.14.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15298
|
|
radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15368
|
|
mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15369
|
|
sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15370
|
|
sox-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15372
|
|
sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15371
|
|
icu<59.1nb3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-14952
|
|
thunderbird<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-20/
|
|
firefox52<52.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/
|
|
thunderbird<52.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/
|
|
irssi<1.0.5 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_10.txt
|
|
wget<1.19.1nb2 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13089
|
|
wget<1.19.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13090
|
|
mupdf<1.11nb5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15587
|
|
opensmtpd<5.7.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-7687
|
|
radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15385
|
|
qemu<2.11.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-15289
|
|
p5-Perl-Tidy<20120714 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-2277
|
|
mediawiki>=1.24.0<1.24.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487
|
|
mediawiki>=1.23.0<1.23.8 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487
|
|
mediawiki>=1.22.0<1.22.15 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487
|
|
mediawiki>=1.19.0<1.19.23 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487
|
|
ruby{22,23,24}-redmine<3.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10515
|
|
ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568
|
|
ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568
|
|
ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569
|
|
ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569
|
|
ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570
|
|
ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570
|
|
ruby{22,23,24}-redmine<3.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15573
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15573
|
|
ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571
|
|
ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571
|
|
ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15576
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15576
|
|
ruby{22,23,24}-redmine<3.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15574
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15574
|
|
ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15572
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15572
|
|
ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15577
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15577
|
|
ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15575
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15575
|
|
rsync<3.1.2nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16548
|
|
graphicsmagick-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16352
|
|
graphicsmagick-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16353
|
|
graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16545
|
|
graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16547
|
|
graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15930
|
|
ImageMagick<7.0.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16546
|
|
ImageMagick6<6.9.9.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16546
|
|
modular-xorg-server<1.19.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721
|
|
tor-browser<7.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16541
|
|
ruby{22,23,24}-yajl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/vulnId=CVE-2017-16516
|
|
openssl<1.0.2m sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3736
|
|
openssl>=1.1.0<1.1.0g sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3736
|
|
wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510
|
|
php{56,70,71}-ja-wordpress<4.8.3 sql-injection https://nvd.nist.gov/view/vuln/detail/CVE-2017-16510
|
|
webkit-gtk<2.16.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000121
|
|
webkit-gtk<2.16.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000122
|
|
radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16359
|
|
radare2<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16358
|
|
radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16357
|
|
radare2<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15931
|
|
radare2<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15932
|
|
slurm>=2.4.0pre4<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566
|
|
go<1.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15042
|
|
go>=1.9<1.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15042
|
|
webmin<1.860 multiple-vulnerabilities https://blogs.securiteam.com/index.php/archives/3430
|
|
p5-Catalyst-Plugin-Static-Simple<0.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16248
|
|
mongodb<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15535
|
|
curl<7.56.1 buffer-overrun https://curl.haxx.se/docs/adv_20171023.html
|
|
libvirt<3.9.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000256
|
|
nodejs<4.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919
|
|
nodejs>=6<6.11.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919
|
|
nodejs>=8<8.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919
|
|
xenkernel42-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html
|
|
xenkernel45-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html
|
|
xenkernel46-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html
|
|
xenkernel48<4.8.3 memory-corruption http://xenbits.xen.org/xsa/advisory-236.html
|
|
qemu<2.5.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2015-7549
|
|
quagga<1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16227
|
|
py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838
|
|
xerces-j-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0881
|
|
py{27,33,34,35,36}-dulwich<0.18.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16228
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15996
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15938
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15939
|
|
rsync>3.1.2<3.1.2nb1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15994
|
|
bchunk<1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15953
|
|
bchunk<1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15954
|
|
bchunk<1.2.2 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15955
|
|
apollo<1.7.1 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2014-3579
|
|
libextractor<1.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-15922
|
|
glusterfs<3.10 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15096
|
|
openssh<7.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15906
|
|
redis<3.2.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10517
|
|
ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15186
|
|
salt<2017.7.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14695
|
|
salt<2017.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14696
|
|
apr<1.6.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12613
|
|
apr-util<1.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12618
|
|
py{27,33,34,35,36}-werkzeug<0.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10516
|
|
adobe-flash-player<26.0.0.170 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
|
|
sox-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15642
|
|
wordpress-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2012-6707
|
|
mysql-server>=5.5<5.5.58 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.38 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.20 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
|
|
mariadb-server>=5.5<5.5.58 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.58 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379
|
|
mysql-client>=5.6<5.6.38 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379
|
|
mysql-client>=5.7<5.7.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379
|
|
mariadb-client>=5.5<5.5.58 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379
|
|
py{27,33,34,35,36}-mistune<0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15612
|
|
oracle-{jdk,jre}8<8.0.151 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA
|
|
openjdk8<1.8.151 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA
|
|
libextractor<1.6 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15600
|
|
libextractor<1.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15601
|
|
libextractor<1.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-15602
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-235.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-235.html
|
|
xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-235.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-237.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-237.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-237.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-237.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-238.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-238.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-238.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-238.html
|
|
xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html
|
|
xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html
|
|
xenkernel46<4.6.6nb1 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html
|
|
xenkernel48<4.8.3 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-240.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-240.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-240.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-240.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-241.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-241.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-241.html
|
|
xenkernel42-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-242.html
|
|
xenkernel45-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-242.html
|
|
xenkernel46<4.6.6nb1 memory-leak https://xenbits.xen.org/xsa/advisory-242.html
|
|
xenkernel48<4.8.3 memory-leak https://xenbits.xen.org/xsa/advisory-242.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-243.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-243.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-243.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-243.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-244.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-244.html
|
|
xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-244.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-244.html
|
|
poppler<0.61.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15565
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0008.html
|
|
webkit-gtk<2.18.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0008.html
|
|
go<1.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000098
|
|
go<1.7.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-1000097
|
|
qemu<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7504
|
|
postgresql94-server<9.4.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/
|
|
postgresql95-server<9.5.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/
|
|
postgresql96-server<9.6.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/
|
|
postgresql10-server<10.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/
|
|
php{56,70,71}-roundcube<1.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651
|
|
php>=5.6<5.6.32 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651
|
|
php>=7.0<7.0.25 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651
|
|
php>=7.1<7.1.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651
|
|
cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16641
|
|
cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16660
|
|
cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16661
|
|
libpcap<1.2.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-1935
|
|
ffmpeg3<3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-15672
|
|
openjpeg<2.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1239
|
|
openjpeg15-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1239
|
|
php{56,70,71,72}-drupal<7.41 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-7943
|
|
py{27,34,35,36}-sanic<0.5.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-16762
|
|
openssl<1.0.2h denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-8610
|
|
ruby{22,23,24}-redmine<3.2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16804
|
|
ruby{22,23,24}-redmine>=3.3.0<3.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16804
|
|
tcpdump<4.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16808
|
|
couchdb<1.7.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-12635
|
|
couchdb>2.0<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-12635
|
|
couchdb<1.7.0 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12636
|
|
couchdb>2.0<2.1.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12636
|
|
collectd-snmp<5.6.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-16820
|
|
cacti<1.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4000
|
|
scala<2.10.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288
|
|
scala>2.11<2.11.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288
|
|
scala>2.12<2.12.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288
|
|
konversation<1.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15923
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16826
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16827
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16828
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16829
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16830
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16831
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16832
|
|
mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808
|
|
mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808
|
|
mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808
|
|
mediawiki<1.27.4 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809
|
|
mediawiki>1.28<1.28.3 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809
|
|
mediawiki>1.29<1.29.2 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809
|
|
mediawiki<1.27.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810
|
|
mediawiki>1.28<1.28.3 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810
|
|
mediawiki>1.29<1.29.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810
|
|
mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811
|
|
mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811
|
|
mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811
|
|
mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812
|
|
mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812
|
|
mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812
|
|
mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814
|
|
mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814
|
|
mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814
|
|
mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815
|
|
mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815
|
|
mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815
|
|
libbpg-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13135
|
|
libbpg-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13136
|
|
libbpg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14034
|
|
procmail<3.22nb5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16844
|
|
opensaml<2.6.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16853
|
|
varnish<4.1.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8807
|
|
python27<2.7.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158
|
|
python34<3.4.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158
|
|
python35<3.5.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158
|
|
optipng-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000229
|
|
ldns<1.6.17nb5 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000231
|
|
ldns<1.6.17nb6 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000232
|
|
trafficserver>5.1<5.1.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-3624
|
|
root<6.9.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000203
|
|
lynx<2.8.8.2nb9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000211
|
|
exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000126
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000127
|
|
exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000128
|
|
qemu<2.11.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16845
|
|
subversion>1.8<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-4246
|
|
trafficserver>5.3<5.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3249
|
|
ming-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-16883
|
|
icinga-base-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-16882
|
|
bftpd<4.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-16892
|
|
php{56,70,71,72}-concrete5<5.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-5107
|
|
php{56,70,71,72}-concrete5<5.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-5108
|
|
php{56,70,71,72}-tt-rss-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16896
|
|
moodle<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15110
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16898
|
|
fig2dev<3.2.6anb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16899
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0009.html
|
|
webkit-gtk<2.18.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0009.html
|
|
webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0007.html
|
|
webkit-gtk<2.16.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0007.html
|
|
exim<4.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16944
|
|
exim<4.90 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-16943
|
|
libsndfile<1.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16942
|
|
optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16938
|
|
libxml2<2.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-16932
|
|
libxml2<2.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-16931
|
|
cacti<1.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10700
|
|
mit-krb5<1.16.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15088
|
|
rpm<4.13.0.2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-7501
|
|
ncurses<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16879
|
|
slurm>=2.4.0pre4<16.05.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566
|
|
slurm>=17<17.02.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566
|
|
slurm>=17.11<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566
|
|
wordpress<4.9 cross-domain-flash-injection https://nvd.nist.gov/vuln/detail/CVE-2016-9263
|
|
php{56,70,71,72}-ja-wordpress<4.9 cross-domain-flash-injection https://nvd.nist.gov/vuln/detail/CVE-2016-9263
|
|
wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510
|
|
php{56,70,71,72}-ja-wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510
|
|
firefox52<52.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/
|
|
firefox<57.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/
|
|
thunderbird<52.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/
|
|
ffmpeg3<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16840
|
|
ansible>=2.3<2.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7550
|
|
ansible>=2.4<2.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7550
|
|
asterisk>=13.0<13.18.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html
|
|
asterisk>=14.0<14.7.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html
|
|
asterisk>=15.0<15.1.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html
|
|
asterisk>=13.0<13.18.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html
|
|
asterisk>=14.0<14.7.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html
|
|
asterisk>=15.0<15.1.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html
|
|
asterisk>=13.0<13.18.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html
|
|
asterisk>=14.0<14.7.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html
|
|
asterisk>=15.0<15.1.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html
|
|
evince<3.25.91 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159
|
|
vim<8.0.1345 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000382
|
|
bzr<2.6.0nb1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14176
|
|
emacs20-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383
|
|
emacs21-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383
|
|
emacs21-nox11-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383
|
|
emacs25-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383
|
|
emacs25-nox11-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383
|
|
mrxvt-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
rxvt-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
webkit24-gtk{,3}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{34,35,36}-borgbackup>=1.1.0<1.1.3 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2017-15914
|
|
wordpress<4.9.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.9.1
|
|
php{56,70,71,72}-ja-wordpress<4.9.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.9.1
|
|
tiff<4.0.9nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17095
|
|
asterisk>=13.0<13.18.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html
|
|
asterisk>=14.0<14.7.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html
|
|
asterisk>=15.0<15.1.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html
|
|
vim<8.0.1263 insecure-temporary-files https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17087
|
|
wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-47.html
|
|
wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-47.html
|
|
wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-48.html
|
|
wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-48.html
|
|
wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-49.html
|
|
wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-49.html
|
|
php{56,70,71}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16893
|
|
libXcursor<1.1.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16612
|
|
libXfont<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16611
|
|
libXfont2<2.0.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16611
|
|
adobe-flash-player<27.0.0.130 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-28.html
|
|
binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17080
|
|
php>=5.6<5.6.32 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642
|
|
php>=7.0<7.0.25 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642
|
|
php>=7.1<7.1.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642
|
|
curl>=7.56.0<7.57.0 out-of-bounds-read https://curl.haxx.se/docs/adv_2017-af0a.html
|
|
curl>=7.21.0<7.57.0 out-of-bounds-read https://curl.haxx.se/docs/adv_2017-ae72.html
|
|
curl>=7.36.0<7.57.0 buffer-overflow https://curl.haxx.se/docs/adv_2017-12e7.html
|
|
radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16805
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-246.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-246.html
|
|
xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-246.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-246.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-247.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-247.html
|
|
xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-247.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-247.html
|
|
ruby{22,23,24,25,26}-yard<0.9.11 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-17042
|
|
graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16669
|
|
kmplayer-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16952
|
|
cacti<1.1.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-16785
|
|
samba<4.6.11 information-leak https://www.samba.org/samba/security/CVE-2017-15275.html
|
|
samba>4<4.6.11 use-after-free https://www.samba.org/samba/security/CVE-2017-14746.html
|
|
rsync<3.1.2nb2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17433
|
|
rsync<3.1.2nb2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17434
|
|
openssl<1.0.2n multiple-vulnerabilities https://www.openssl.org/news/secadv/20171207.txt
|
|
openjpeg<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17479
|
|
openjpeg<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17480
|
|
libsndfile<1.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16942
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17456
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17457
|
|
libextractor<1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17440
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16883
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16898
|
|
fossil<2.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17459
|
|
nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11695
|
|
nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11696
|
|
nss<3.49 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-11697
|
|
nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11698
|
|
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914
|
|
ImageMagick<7.0.7.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
|
|
ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934
|
|
ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884
|
|
ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884
|
|
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885
|
|
ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885
|
|
ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17887
|
|
ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17887
|
|
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17886
|
|
ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17886
|
|
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17883
|
|
ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17883
|
|
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17882
|
|
ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17882
|
|
ImageMagick<7.0.7.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17879
|
|
ImageMagick6<6.9.9.28 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17879
|
|
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17881
|
|
ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17881
|
|
ImageMagick<7.0.7.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17504
|
|
ImageMagick6<6.9.9.24 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17504
|
|
ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17682
|
|
ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17682
|
|
ImageMagick<7.0.7.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-17681
|
|
ImageMagick6<6.9.9.24 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-17681
|
|
ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17680
|
|
ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17680
|
|
ImageMagick6<6.9.9.24 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17499
|
|
ImageMagick<7.0.7.12 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17499
|
|
ffmpeg3<3.2.6 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9608
|
|
ffmpeg3>=3.3<3.3.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9608
|
|
ffmpeg2<2.8.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17081
|
|
ffmpeg3<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17081
|
|
aubio<0.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17555
|
|
h2o<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10908
|
|
h2o<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10869
|
|
h2o<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10872
|
|
h2o<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10868
|
|
GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17503
|
|
GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17782
|
|
GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17783
|
|
GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17502
|
|
GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17500
|
|
GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17501
|
|
GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17498
|
|
GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17913
|
|
GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17912
|
|
GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17915
|
|
icu<60.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17484
|
|
seamonkey-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17848
|
|
seamonkey-enigmail<1.9.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-17845
|
|
seamonkey-enigmail<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17846
|
|
seamonkey-enigmail<1.9.9 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17843
|
|
seamonkey-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17847
|
|
seamonkey-enigmail<1.9.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17847
|
|
thunderbird-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17848
|
|
seamonkey-enigmail<1.9.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-17845
|
|
seamonkey-enigmail<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17846
|
|
thunderbird-enigmail<1.9.9 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17843
|
|
thunderbird-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17847
|
|
thunderbird-enigmail<1.9.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17847
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-17774
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17775
|
|
php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17823
|
|
php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17822
|
|
php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17824
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17825
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17826
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-17827
|
|
ruby{22,23,24}-puppet<3.6.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-3250
|
|
ruby{22,23,24}-puppet<1.6.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2016-5713
|
|
adobe-flash-player<27.0.0.187 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-33.html
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17817
|
|
nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17819
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17820
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17816
|
|
nasm<2.13.02 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17818
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17814
|
|
nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17815
|
|
nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17810
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17813
|
|
nasm<2.13.02 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17811
|
|
nasm<2.13.02 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17812
|
|
hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17508
|
|
hdf5<1.10.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-17509
|
|
hdf5<1.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17506
|
|
hdf5<1.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17507
|
|
hdf5<1.10.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17505
|
|
phabricator<20171110 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17536
|
|
gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17784
|
|
gimp<2.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17785
|
|
gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17786
|
|
gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17787
|
|
gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17788
|
|
gimp<2.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17789
|
|
nodejs>=8<8.9.3 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2017-15897
|
|
nodejs>=9<9.2.1 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2017-15897
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-249.html
|
|
xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-249.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-249.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-248.html
|
|
xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-248.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-248.html
|
|
xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-250.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-250.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-251.html
|
|
xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-251.html
|
|
xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-251.html
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17121
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17122
|
|
binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17123
|
|
binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17124
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17125
|
|
binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17126
|
|
asterisk>=13.0<13.18.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html
|
|
asterisk>=14.0<14.7.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html
|
|
asterisk>=15.0<15.1.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html
|
|
asterisk>=14.0<14.7.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html
|
|
asterisk>=15.0<15.1.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html
|
|
asterisk>=13.0<13.18.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html
|
|
asterisk>=13.0<13.18.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html
|
|
asterisk>=14.0<14.7.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html
|
|
asterisk>=15.0<15.1.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html
|
|
wireshark<2.2.12 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2017-17935
|
|
wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17085
|
|
wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17085
|
|
wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17084
|
|
wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17084
|
|
wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17083
|
|
wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17083
|
|
tidy<5.6.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17497
|
|
jenkins-[0-9]* cross-site-scripting https://jenkins.io/security/advisory/2017-12-05/
|
|
openafs<1.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17432
|
|
lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17523
|
|
qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17381
|
|
py{27,34,35,36}-mercurial<4.4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17458
|
|
ruby{22,23,24}-net-ldap<0.16.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-17718
|
|
ruby24-base<2.4.3 dns-hijacking https://nvd.nist.gov/vuln/detail/CVE-2017-17790
|
|
ruby24-base<2.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405
|
|
ruby23-base<2.3.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405
|
|
ruby22-base<2.2.9 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405
|
|
ruby23-base<2.3.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-0903
|
|
ruby22-base<2.2.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-0903
|
|
abiword-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17529
|
|
aubio<0.4.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17554
|
|
aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17054
|
|
tiff<4.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17942
|
|
tkabber-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17533
|
|
geomview-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17530
|
|
exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17669
|
|
libXcursor<1.1.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16612
|
|
sylpheed-[0-9]* command-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17517
|
|
fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17521
|
|
global<6.6.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17531
|
|
ocaml-batteries-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17519
|
|
swi-prolog-lite-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17524
|
|
scummvm-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17528
|
|
py{27,34,35,36}-kiwi-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17532
|
|
ruby{22,23,24}-nexpose-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17532
|
|
vlc<3.0.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-17670
|
|
most-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1253
|
|
tor>=0.3.1<0.3.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8819
|
|
tor>=0.3.1<0.3.1.9 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8820
|
|
tor>=0.3.1<0.3.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8821
|
|
tor>=0.3.1<0.3.1.9 weak-anonymity https://nvd.nist.gov/vuln/detail/CVE-2017-8822
|
|
heimdal<7.5.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17439
|
|
php{56,70,71,72}-contao35<3.5.31 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16558
|
|
php{56,70,71,72}-contao44<4.4.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16558
|
|
wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17997
|
|
webmin<1.870 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17089
|
|
tiff<4.0.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17973
|
|
graphicsmagick-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17782
|
|
graphicsmagick-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17783
|
|
apache-2.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
exiv2<0.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18005
|
|
magento<2.1.2 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2016-10704
|
|
ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17880
|
|
ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17880
|
|
opencv<3.4.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17760
|
|
py{27,33,34,35,36}-mistune<0.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-16876
|
|
nodejs>=8<8.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15897
|
|
nodejs>=9<9.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15897
|
|
mupdf<1.12.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17866
|
|
irssi<1.0.6 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2018_01.txt
|
|
syncthing<0.14.34 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2017-1000420
|
|
phpmyadmin<4.7.7 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000499
|
|
gifsicle<1.90 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000421
|
|
awstats-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000501
|
|
ImageMagick<7.0.7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13758
|
|
ImageMagick6<6.9.9.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13758
|
|
ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13769
|
|
ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13769
|
|
libraw<0.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16909
|
|
libraw<0.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16910
|
|
poppler-utils<0.57.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9775
|
|
poppler-utils<0.57.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9776
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14975
|
|
poppler<0.60.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14976
|
|
poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14977
|
|
tex-context-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513
|
|
tex-lualibs-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513
|
|
ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17920
|
|
ImageMagick<7.0.7.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18008
|
|
opencv<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18009
|
|
tiff<4.0.9nb5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18013
|
|
libwildmidi<0.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000418
|
|
ImageMagick<7.0.7.5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000445
|
|
ImageMagick6<6.9.9.17 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000445
|
|
poppler<0.61.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000456
|
|
gdk-pixbuf2<2.36.11 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000422
|
|
miniupnpd<2.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000494
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-4868
|
|
ffmpeg3<3.2.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000460
|
|
poco<1.8.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-1000472
|
|
coreutils<8.29 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2017-18018
|
|
erlang<18.3.4.7 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385
|
|
erlang>=19<19.3.6.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385
|
|
erlang>=20<20.1.7 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385
|
|
xenkernel410-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5244
|
|
openldap-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17740
|
|
ImageMagick<7.0.7.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5247
|
|
ImageMagick6<6.9.9.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5247
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5251
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5296
|
|
py{27,34,35,36}-numpy<1.8.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2014-1858
|
|
py{27,34,35,36}-numpy<1.8.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2014-1859
|
|
p5-Clipboard-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2014-5509
|
|
teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-7221
|
|
teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-7222
|
|
mono<3.12.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2318
|
|
mono<3.12.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2319
|
|
mono<3.12.1 ssl-downgrade https://nvd.nist.gov/vuln/detail/CVE-2015-2320
|
|
adobe-flash-player<28.0.0.126 data-manipulation https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
|
|
magento<2.0.10 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-5301
|
|
ffmpeg2<2.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-1208
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5308
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5309
|
|
ruby{22,23,24,25}-puppet>=3.7<3.8.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-4100
|
|
qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15124
|
|
ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17916
|
|
ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17917
|
|
ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17919
|
|
ruby{22,23,24,25}-redmine<3.2.9 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026
|
|
ruby{22,23,24,25}-redmine>=3.3<3.3.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026
|
|
ruby{22,23,24,25}-redmine>=3.4<3.4.4 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026
|
|
adobe-flash-player<28.0.0.137 out-of-bounds-read https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
|
|
thunderbird-enigmail<1.9.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-17844
|
|
seamonkey-enigmail<1.9.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-17844
|
|
wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5334
|
|
wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5334
|
|
wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5335
|
|
wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5335
|
|
wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5336
|
|
wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5336
|
|
cups<1.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-8166
|
|
qemu<1.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-3471
|
|
ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357
|
|
ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
|
|
ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358
|
|
ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476
|
|
ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027
|
|
ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18028
|
|
ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18028
|
|
ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18029
|
|
ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18029
|
|
lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5650
|
|
xmltooling<1.6.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0486
|
|
GraphicsMagick<1.3.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5685
|
|
mupdf<1.13.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5686
|
|
tiff<4.0.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-5360
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5692
|
|
webkit-gtk<2.18.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0001.html
|
|
libxml2<2.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15412
|
|
mysql-client>=5.6<5.6.39 denial-of-service http://seclists.org/oss-sec/2018/q1/59
|
|
mysql-client>=5.7<5.7.21 denial-of-service http://seclists.org/oss-sec/2018/q1/59
|
|
asterisk>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
mysql-server>=5.5<5.5.59 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.39 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.21 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
|
|
mariadb-server>=5.5<5.5.59 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.162 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA
|
|
openjdk8<1.8.162 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA
|
|
ImageMagick<7.0.7.21 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5246
|
|
ImageMagick6<6.9.9.33 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5246
|
|
ImageMagick<7.0.7.21 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18022
|
|
ImageMagick6<6.9.9.33 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18022
|
|
ImageMagick<7.0.7.21 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5248
|
|
ImageMagick6<6.9.9.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5248
|
|
openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5785
|
|
openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5727
|
|
lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-5747
|
|
lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5786
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5783
|
|
tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5784
|
|
opencv<3.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000450
|
|
mit-krb5<1.16.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-5710
|
|
wordpress<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5776
|
|
php{56,70,71,72}-ja-wordpress<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5776
|
|
py{27,34,35,36}-markdown2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5773
|
|
guacamole-server-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3158
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5772
|
|
openocd-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5704
|
|
rsync<3.1.2nb3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-5764
|
|
gd<2.3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711
|
|
php56-gd<5.6.33 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711
|
|
php70-gd<7.0.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711
|
|
php71-gd<7.1.13 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711
|
|
php72-gd<7.2.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711
|
|
php>=5.6<5.6.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712
|
|
php>=7.0<7.0.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712
|
|
php>=7.1<7.1.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712
|
|
php>=7.2<7.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712
|
|
libdwarf>=20130126<20150806 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-9482
|
|
firefox52<52.6 side-channel https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
|
|
firefox<57.0.4 side-channel https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
|
|
firefox52<52.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/
|
|
firefox52<52.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/
|
|
firefox<58.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/
|
|
mpv<0.27.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6360
|
|
ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6358
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-6359
|
|
ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6315
|
|
podofo<0.9.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5295
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6352
|
|
clamav<0.99.3 multiple-vulnerabilities http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html
|
|
binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6323
|
|
opencv<3.4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5268
|
|
opencv<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5269
|
|
dovecot>=2.0<2.2.33.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15132
|
|
jenkins<2.84 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-10-11/
|
|
jenkins-lst<2.73.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-10-11/
|
|
jenkins<2.89 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-11-08/
|
|
jenkins-lts<2.73.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-11-08/
|
|
libvirt<4.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5748
|
|
w3m<0.5.3.0.20180125 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6196
|
|
w3m<0.5.3.0.20180125 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-6197
|
|
w3m<0.5.3.0.20180125 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-6198
|
|
mupdf<1.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6192
|
|
libreoffice{,5-bin}<5.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871
|
|
openssh<7.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10708
|
|
mupdf<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17858
|
|
pdns-recursor>=4.1.0<4.1.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000003
|
|
knot<1.5.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000002
|
|
moodle<3.4.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-1042
|
|
moodle<3.4.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1043
|
|
moodle<3.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1044
|
|
moodle<3.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1045
|
|
libtasn1<4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6003
|
|
pdns-recursor>=4.0.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15092
|
|
pdns-recursor>=4.0.0<4.0.7 dnssec-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15090
|
|
pdns-recursor<4.0.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15093
|
|
pdns-recursor>=4.0.0<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15094
|
|
powerdns<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15091
|
|
unbound<1.6.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-15105
|
|
dnsmasq-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-15107
|
|
qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18030
|
|
mailman<2.1.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5950
|
|
qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5683
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12176
|
|
modular-xorg-server<1.19.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12177
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12178
|
|
modular-xorg-server<1.19.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12179
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12180
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12181
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12182
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12183
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12184
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12185
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12187
|
|
modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12186
|
|
mupdf<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6187
|
|
jenkins<2.95 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000504
|
|
jenkins-lts<2.89.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000504
|
|
jenkins<2.95 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000503
|
|
jenkins-lts<2.89.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000503
|
|
curl>=7.49.0<7.58.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1000005
|
|
curl>=6.0<7.58.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000007
|
|
jenkins<2.57 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000353
|
|
jenkins-lts<2.46.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000353
|
|
jenkins<2.57 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000354
|
|
jenkins-lts<2.46.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000354
|
|
jenkins<2.57 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000356
|
|
jenkins-lts<2.46.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000356
|
|
jenkins<2.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000355
|
|
jenkins-lts<2.46.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000355
|
|
irssi<1.0.7 multiple-vulnerabilities https://irssi.org/security/html/irssi_sa_2018_02/
|
|
irssi>=1.1.0<1.1.1 multiple-vulnerabilities https://irssi.org/security/html/irssi_sa_2018_02/
|
|
zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6381
|
|
pound<2.8 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2016-10711
|
|
gcpio-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-7516
|
|
ptex<2.1.33 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-3835
|
|
ffmpeg2<2.8.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6392
|
|
ffmpeg3<3.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6392
|
|
p7zip<16.02nb2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-17969
|
|
mantis-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-6382
|
|
xpdf<3.02 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2902
|
|
ffmpeg2<2.4.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2015-1208
|
|
ImageMagick6<6.9.9.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6405
|
|
ImageMagick<7.0.7.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6405
|
|
apache-tomcat>=7.0.79<7.0.84 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706
|
|
apache-tomcat>=8.0.45<8.0.48 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706
|
|
apache-tomcat>=8.5.16<8.5.24 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706
|
|
ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5294
|
|
p7zip<18.00 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-5996
|
|
qemu<2.10.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18043
|
|
zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6484
|
|
zabbix<2.3.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-3005
|
|
gifsicle<1.91 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-18120
|
|
mantis<2.11.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6526
|
|
zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6541
|
|
zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6540
|
|
zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6542
|
|
mupdf<1.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6544
|
|
binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6543
|
|
patch<2.2.5 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-1416
|
|
py{27,34,35,36}-django<1.11.10 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-6188
|
|
py{27,34,35,36}-crypto-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6594
|
|
openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6616
|
|
libopenmpt<0.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6611
|
|
jhead-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6612
|
|
ffmpeg3<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6621
|
|
thttpd<2.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17663
|
|
mini_httpd<1.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17663
|
|
wordpress-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6389
|
|
py{27,34,35,36}-uwsgi<2.0.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6758
|
|
adobe-flash-player<28.0.0.161 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6759
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6767
|
|
GraphicsMagick<1.3.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6799
|
|
audacity<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2541
|
|
proftpd<1.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2001-0136
|
|
audacity<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2540
|
|
libxml2<2.9.5 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-5130
|
|
go<1.8.7 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6574
|
|
go>=1.9.0<1.9.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6574
|
|
python27<2.7.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000030
|
|
wireshark<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6836
|
|
ffmpeg010<0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-5359
|
|
ffmpeg010<0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-5360
|
|
exim{,3}<4.90.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6789
|
|
php<5.5.32 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712
|
|
php>=5.6<5.6.18 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712
|
|
php>=7.0<7.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712
|
|
postgresql93-server<9.3.21 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/
|
|
postgresql94-server<9.4.16 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/
|
|
postgresql95-server<9.5.11 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/
|
|
postgresql96-server<9.6.7 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/
|
|
postgresql10-server<10.2 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/
|
|
transmission<2.93 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-5702
|
|
zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6381
|
|
binutils<2.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6872
|
|
zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6869
|
|
libfpx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6876
|
|
fish<2.1.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-3219
|
|
ruby{22,23,24,25}-puppet<5.3.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2017-10689
|
|
ruby{22,23,24,25}-puppet<5.3.4 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-10690
|
|
squid>=3.0<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000024
|
|
git-base<2.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000021
|
|
squid>=3.0<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000027
|
|
unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000035
|
|
librsvg<2.40.20 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000041
|
|
mupdf<1.13.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000051
|
|
ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6912
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17722
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17723
|
|
exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17725
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17724
|
|
mariadb-server<10.1.30 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15365
|
|
mbedtls>=1.3.8<1.3.22 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0487
|
|
mbedtls>=2.1<2.1.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0487
|
|
mbedtls>=1.3.0<1.3.22 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0488
|
|
mbedtls>=2.1<2.1.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0488
|
|
ImageMagick<7.0.7.23 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6930
|
|
freetype2<2.9.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-6942
|
|
qpdf<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9252
|
|
qpdf<7.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18183
|
|
qpdf<7.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18186
|
|
qpdf<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18184
|
|
qpdf<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18185
|
|
patch<2.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10713
|
|
patch<2.7.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6951
|
|
patch<2.7.6nb1 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-6952
|
|
mbedtls<2.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18187
|
|
sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18189
|
|
jenkins<2.107 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000067
|
|
jenkins-lts<2.89.4 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000067
|
|
jenkins<2.107 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000068
|
|
jenkins-lts<2.89.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000068
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7173
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7174
|
|
xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7175
|
|
cups<2.2.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18190
|
|
leptonica<1.75.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7186
|
|
php{56,70,71}-tiki6<18.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7188
|
|
go<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7187
|
|
bind>=9.9.0<9.9.11 denial-of-service https://kb.isc.org/article/AA-01542/0/CVE-2017-3145
|
|
bind>=9.10.0<9.10.6 denial-of-service https://kb.isc.org/article/AA-01542/0/CVE-2017-3145
|
|
tiff<4.0.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-11335
|
|
quagga<1.2.3 sensitive-information-disclosure https://www.quagga.net/security/Quagga-2018-0543.txt
|
|
quagga<1.2.3 double-free https://www.quagga.net/security/Quagga-2018-1114.txt
|
|
quagga<1.2.3 out-of-bounds-read https://www.quagga.net/security/Quagga-2018-1550.txt
|
|
quagga>=0.99.9<1.2.3 infinite-loop https://www.quagga.net/security/Quagga-2018-1975.txt
|
|
webkit-gtk<2.18.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0002.html
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7208
|
|
bugzilla<5.0.4 sensitive-information-disclosure https://www.bugzilla.org/security/4.4.12/
|
|
leptonica<1.76.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7247
|
|
libvncserver<0.9.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7225
|
|
php{56,70,71,72}-fpm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9253
|
|
libxml2<2.9.7 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2017-7375
|
|
libxml2<2.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7376
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7253
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7254
|
|
libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2004-2779
|
|
libmad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7263
|
|
wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5315
|
|
wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5316
|
|
elinks-[0-9]* remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2012-6709
|
|
unixodbc<2.3.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7409
|
|
php{56,70,71}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7302
|
|
php{56,70,71}-tiki6-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7303
|
|
php{56,70,71}-tiki6-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7304
|
|
asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html
|
|
asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html
|
|
asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html
|
|
asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-005.html
|
|
asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-005.html
|
|
php{56,70,71,72}-drupal<7.57 multiple-vulnerabilities https://www.drupal.org/sa-core-2018-001
|
|
php{56,70,71,72}-drupal>8<8.4.5 multiple-vulnerabilities https://www.drupal.org/sa-core-2018-001
|
|
xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7452
|
|
xpdf<5.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7453
|
|
xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7454
|
|
xpdf<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-7455
|
|
php{56,70,71,72}-piwigo<2.9.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-6883
|
|
libcdio<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18199
|
|
libcdio<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18198
|
|
leptonica<1.75.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7440
|
|
leptonica<1.76.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-7441
|
|
leptonica<1.76.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-7442
|
|
leptonica<1.75.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-18196
|
|
ImageMagick6<6.9.9.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7443
|
|
ImageMagick<7.0.7.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7443
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7435
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7436
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7437
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7438
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7439
|
|
apache-tomcat>=7.<7.0.85 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305
|
|
apache-tomcat>=8.<8.0.50 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305
|
|
apache-tomcat>=8.5.0<8.5.28 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305
|
|
mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7339
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-05.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-05.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-06.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-06.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-07.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-07.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-08.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-09.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-09.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-10.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-10.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-11.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-11.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-12.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-12.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-13.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-13.html
|
|
wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-14.html
|
|
wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-14.html
|
|
php{56,70,71,72}-concrete5<8.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-18195
|
|
libcdio<2.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-18201
|
|
ImageMagick<7.0.7.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470
|
|
ImageMagick6<6.9.9.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470
|
|
unixodbc<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7485
|
|
py{27,34,35,36}-uwsgi<2.0.17 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-7490
|
|
xmltooling<1.6.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0489
|
|
zsh<5.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18206
|
|
trafficserver<7.0.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5660
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-252.html
|
|
zsh<5.4.2nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7548
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-255.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-256.html
|
|
zsh<5.4.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7549
|
|
ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7557
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7557
|
|
apache-tomcat>=7.0.0<7.0.85 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304
|
|
apache-tomcat>=8.0.0<8.0.50 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304
|
|
apache-tomcat>=8.5.0<8.5.28 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7568
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7569
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7570
|
|
xerces-c<3.2.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-12627
|
|
qemu<2.12.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7550
|
|
ImageMagick<7.0.7.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18209
|
|
ImageMagick6<6.9.9.18 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18209
|
|
curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000122
|
|
libvorbis<1.3.6 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
|
|
tremor<1.0.2.20180316 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
|
|
seamonkey<2.49.2nb3 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
|
|
firefox52<52.7.2nb1 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
|
|
firefox45-[0-9]* remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
|
|
firefox<59.0.1 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
|
|
squirrelmail<1.4.23pre14764 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-8741
|
|
zsh<5.0.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-10070
|
|
zsh<5.4.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1071
|
|
zsh<5.4.2nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1083
|
|
zsh<5.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18205
|
|
zsh<5.0.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-10071
|
|
zsh<5.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-10072
|
|
zsh<5.3 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2016-10714
|
|
ImageMagick<7.0.7.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470
|
|
ImageMagick6<6.9.9.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470
|
|
ImageMagick<7.0.7.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18211
|
|
ImageMagick6<6.9.9.19 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18211
|
|
ImageMagick<7.0.7.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18210
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8106
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8107
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8105
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8103
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8104
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8102
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8100
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8101
|
|
exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18236
|
|
exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18238
|
|
exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18235
|
|
exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18237
|
|
exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18233
|
|
exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18234
|
|
exempi<2.4.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7731
|
|
exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7730
|
|
exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7729
|
|
exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7728
|
|
php{56,70,71,72}-piwigo<2.6.2 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2014-4613
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7724
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7723
|
|
php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7722
|
|
sqlite3<3.23.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-8740
|
|
php>=5.6<5.6.34 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584
|
|
php>=7.0<7.0.28 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584
|
|
php>=7.1<7.1.14 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584
|
|
php>=7.2<7.2.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584
|
|
dovecot<2.2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15130
|
|
dovecot<2.2.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14461
|
|
postgresql93-server<9.3.22 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/
|
|
postgresql94-server<9.4.17 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/
|
|
postgresql95-server<9.5.12 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/
|
|
postgresql96-server<9.6.8 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/
|
|
postgresql10-server<10.3 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/
|
|
binutils<2.31 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7642
|
|
binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7643
|
|
openjpeg<2.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7648
|
|
nodejs>=8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7651
|
|
nodejs>=9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7651
|
|
xv<3.10anb24 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-18215
|
|
tor<0.2.9.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490
|
|
tor>=0.3.1<0.3.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490
|
|
tor>=0.3.2<0.3.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490
|
|
tor>=0.3.2<0.3.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0491
|
|
memcached<1.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000115
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18219
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18220
|
|
phpmyadmin<4.7.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7260
|
|
mit-krb5>=1.6<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5729
|
|
mit-krb5>=1.6<1.16.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-5730
|
|
ntp<4.2.8p7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-7170
|
|
ntp<4.2.8p11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-7182
|
|
ntp<4.2.8p11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7184
|
|
ntp<4.2.8p11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7185
|
|
zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7725
|
|
zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7726
|
|
zziplib<0.13.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-7727
|
|
gcc48<4.8.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-5044
|
|
net-snmp<5.7.3 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000116
|
|
ruby{22,23,24,25}-rack-protection<2.0.0 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-1000119
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7752
|
|
py{27,34,35,36}-bleach>=2.1<2.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-7753
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7866
|
|
ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7867
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7868
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7869
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7870
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7871
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7872
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7873
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7874
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7875
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7876
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7877
|
|
calibre<3.19.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7889
|
|
ntp>=4.2.8p6<4.2.8p11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7183
|
|
php{56,70,71}-tiki6<18.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7290
|
|
py{27,34,35,36}-django>=1.8<1.8.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536
|
|
py{27,34,35,36}-django>=1.11<1.11.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536
|
|
py{27,34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536
|
|
py{27,34,35,36}-django>=1.8<1.8.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537
|
|
py{27,34,35,36}-django>=1.11<1.11.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537
|
|
py{34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537
|
|
graphite2<1.3.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7999
|
|
podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8000
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8001
|
|
podofo-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-8002
|
|
postgresql10-server<10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1052
|
|
tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8129
|
|
tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8130
|
|
tiff<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5314
|
|
jasper<2.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-9600
|
|
py{34,35,36}-asyncssh<1.12.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7749
|
|
gsharutils-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000097
|
|
glpi<9.2.2 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2018-7562
|
|
glpi<9.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7563
|
|
qemu<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7858
|
|
isc-dhclient<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01565/75/CVE-2018-5732
|
|
isc-dhcpd<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01541/0/CVE-2017-3144
|
|
isc-dhcpd<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01567/75/CVE-2018-5733
|
|
trafficserver<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7671
|
|
magento<1.9.3.8 cross-site-request-forgery https://www.defensecode.com/advisories/DC-2018-03-001-Magento-Backups-Cross-Site-Request-Forgery.pdf
|
|
magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf
|
|
magento>=2.1<2.1.12 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf
|
|
magento>=2.2<2.2.3 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf
|
|
magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-002-Magento-Multiple-Stored-XSS.pdf
|
|
magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf
|
|
magento>=2.1<2.1.12 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf
|
|
magento>=2.2<2.2.3 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf
|
|
asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html
|
|
asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html
|
|
asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html
|
|
asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html
|
|
asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html
|
|
asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html
|
|
libvpx<1.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13194
|
|
php{56,70,71,72}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-7394
|
|
php{56,70,71,72}-roundcube<1.3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000071
|
|
ruby22-base<2.2.9nb1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073
|
|
ruby23-base<2.3.6nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073
|
|
ruby24-base<2.4.3nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073
|
|
ruby25-base<2.5.0nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073
|
|
ruby22-base<2.2.9nb1 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074
|
|
ruby23-base<2.3.6nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074
|
|
ruby24-base<2.4.3nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074
|
|
ruby25-base<2.5.0nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074
|
|
ruby22-base<2.2.9nb1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075
|
|
ruby23-base<2.3.6nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075
|
|
ruby24-base<2.4.3nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075
|
|
ruby25-base<2.5.0nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075
|
|
ruby22-base<2.2.9nb1 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076
|
|
ruby23-base<2.3.6nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076
|
|
ruby24-base<2.4.3nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076
|
|
ruby25-base<2.5.0nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076
|
|
ruby22-base<2.2.9nb1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077
|
|
ruby23-base<2.3.6nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077
|
|
ruby24-base<2.4.3nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077
|
|
ruby25-base<2.5.0nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077
|
|
ruby22-base<2.2.9nb1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078
|
|
ruby23-base<2.3.6nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078
|
|
ruby24-base<2.4.3nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078
|
|
ruby25-base<2.5.0nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078
|
|
ruby22-base<2.2.9nb1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079
|
|
ruby23-base<2.3.6nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079
|
|
ruby24-base<2.4.3nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079
|
|
ruby25-base<2.5.0nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079
|
|
py{27,34,35,36}-bitmessage<0.6.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000070
|
|
clamav<0.99.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000085
|
|
samba>=3.6.0<4.6.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1050
|
|
samba>=4.0.0<4.6.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1057
|
|
py{27,34,35,36}-paramiko<2.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7750
|
|
firefox52<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
|
|
py{27,34,35,36}-notebook<5.4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8768
|
|
libvirt<4.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6764
|
|
slurm>=2.4.0pre4<17.02.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7033
|
|
slurm>=17.11<17.11.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7033
|
|
webmin-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8712
|
|
py{27,34,35,36}-mercurial<4.5.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1000132
|
|
curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000121
|
|
curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000120
|
|
libgit2<0.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8099
|
|
libgit2<0.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8098
|
|
memcached<1.4.37 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000127
|
|
GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18231
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18229
|
|
GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18230
|
|
ImageMagick<7.0.7.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18250
|
|
ImageMagick6<6.9.9.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18251
|
|
ImageMagick<7.0.7.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18251
|
|
ImageMagick6<6.9.9.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18252
|
|
ImageMagick<7.0.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18252
|
|
ImageMagick<7.0.7.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18253
|
|
ImageMagick6<6.9.9.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18254
|
|
ImageMagick<7.0.7.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18254
|
|
ImageMagick6<6.9.9.39 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-8804
|
|
ImageMagick<7.0.7.27 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-8804
|
|
ImageMagick6<6.9.9.39 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8960
|
|
ImageMagick<7.0.7.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8960
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8806
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8807
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8961
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8962
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8963
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8964
|
|
ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-9009
|
|
jenkins<2.107 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6356
|
|
jenkins-lts<2.89.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6356
|
|
jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9055
|
|
firefox<59.0.2 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
|
|
firefox52<52.7.3 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
|
|
seamonkey<2.49.3 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
|
|
apache<2.4.33 multiple-vulnerabilities https://httpd.apache.org/security/vulnerabilities_24.html#2.4.33
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000100
|
|
cups<2.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18248
|
|
thunderbird<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
|
|
seamonkey<2.49.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
|
|
GraphicsMagick<1.3.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9018
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8976
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8977
|
|
netpbm<10.73.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8975
|
|
libressl<2.7.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-8970
|
|
librelp>=1.1.1<1.2.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000140
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7570
|
|
tiff<4.0.9nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8905
|
|
nasm<2.13.02 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8881
|
|
nasm<2.14 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2018-8882
|
|
nasm<2.14 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8883
|
|
radare2<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8808
|
|
radare2<2.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8809
|
|
radare2<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8810
|
|
php{56,70,71,72}-drupal>=7<7.58 remote-code-execution https://www.drupal.org/SA-CORE-2018-002
|
|
php{56,70,71,72}-drupal>=8.4<8.4.6 remote-code-execution https://www.drupal.org/SA-CORE-2018-002
|
|
php{56,70,71,72}-drupal>=8.5<8.5.1 remote-code-execution https://www.drupal.org/SA-CORE-2018-002
|
|
php{53,54,55}-owncloud<6.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-1665
|
|
php{53,54,55}-owncloud<5.0.15 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-2048
|
|
knot<1.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0486
|
|
clamav<0.99.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0202
|
|
ruby{22,23,24,25}-loofah<2.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-8048
|
|
openssl<1.0.2o multiple-vulnerabilities https://www.openssl.org/news/secadv/20180327.txt
|
|
openssl>=1.1.0<1.1.0h multiple-vulnerabilities https://www.openssl.org/news/secadv/20180327.txt
|
|
lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9058
|
|
libvirt<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1064
|
|
php{56,70,71,72}-nextcloud<11.0.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-0936
|
|
opera-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6608
|
|
ruby{22,23,24,25}-rails-html-sanitizer<1.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-3741
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9132
|
|
ImageMagick<7.0.7.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9133
|
|
ImageMagick6<6.9.9.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9133
|
|
ImageMagick<7.0.7.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9135
|
|
ImageMagick6<6.9.9.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9135
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9138
|
|
exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-9144
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9145
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9165
|
|
botan>=2.2.0<2.5.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-9127
|
|
ruby22-base<2.2.10 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742
|
|
ruby23-base<2.3.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742
|
|
ruby24-base<2.4.4 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742
|
|
ruby25-base<2.5.1 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742
|
|
ruby22-base<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777
|
|
ruby23-base<2.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777
|
|
ruby24-base<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777
|
|
ruby25-base<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777
|
|
ruby22-base<2.2.10 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914
|
|
ruby23-base<2.3.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914
|
|
ruby24-base<2.4.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914
|
|
ruby25-base<2.5.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914
|
|
ruby22-base<2.2.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778
|
|
ruby23-base<2.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778
|
|
ruby24-base<2.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778
|
|
ruby25-base<2.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778
|
|
ruby22-base<2.2.10 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780
|
|
ruby23-base<2.3.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780
|
|
ruby24-base<2.4.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780
|
|
ruby25-base<2.5.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780
|
|
ruby22-base<2.2.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779
|
|
ruby23-base<2.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779
|
|
ruby24-base<2.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779
|
|
ruby25-base<2.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9256
|
|
wireshark<2.4.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9257
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9258
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9259
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9260
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9261
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9262
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9263
|
|
wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9264
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9265
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9266
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9267
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9268
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9269
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9270
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9271
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9272
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9273
|
|
wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9274
|
|
gnupg2<2.2.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-9234
|
|
ncmpc<0.30 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9240
|
|
jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9252
|
|
libxml2>=2.9.6<2.9.8nb1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9251
|
|
pam-yubico>=2.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-9275
|
|
moodle<3.4.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1081
|
|
moodle<3.4.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1082
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9303
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9304
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9305
|
|
py{27,34,35,36}-rope-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3539
|
|
patch<2.7.6nb1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000156
|
|
ocaml<4.07.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9838
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9841
|
|
php{56,70,71,72}-roundcube<1.2.8 imap-injection https://nvd.nist.gov/vuln/detail/CVE-2018-9846
|
|
php56-fpm<5.6.35 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545
|
|
php70-fpm<7.0.29 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545
|
|
php71-fpm<7.1.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545
|
|
php72-fpm<7.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545
|
|
icu<60.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15422
|
|
libxml2<2.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18258
|
|
php{56,70,71,72}-typo3<7.6.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-6905
|
|
php{56,70,71,72}-contao35<3.5.35 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125
|
|
php{56,70,71,72}-contao44<4.4.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125
|
|
php{71,72}-contao45<4.5.8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125
|
|
squid<3.5.27nb3 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2018_3.txt
|
|
zabbix<3.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2826
|
|
horde<2.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-3999
|
|
qpdf<8.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9918
|
|
mbedtls<2.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9988
|
|
mbedtls<2.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9989
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10001
|
|
SDL2_image<2.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-3837
|
|
SDL2_image<2.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-3838
|
|
SDL2_image<2.0.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-3839
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9996
|
|
jenkins-lts<2.44 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-2599
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10016
|
|
libopenmpt<0.3.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10017
|
|
zsh<5.5 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1100
|
|
wordpress<4.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2014-6412
|
|
py27-trytond<2.4.15 command-injection https://nvd.nist.gov/vuln/detail/CVE-2014-6633
|
|
py{27,34,35,36}-diffoscope<77 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-0359
|
|
fuse-ntfs-3g<2017.3.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-0358
|
|
mediawiki<1.28.1 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
|
|
mysql-server>=5.5<5.5.60 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.40 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.22 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
|
|
mysql-client>=5.5<5.5.60 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
|
|
mysql-client>=5.6<5.6.40 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.22 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.171 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA
|
|
openjdk8<1.8.171 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA
|
|
cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10059
|
|
cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10060
|
|
cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10061
|
|
botan>=1.11.32<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9860
|
|
mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-1686
|
|
postfix<2.11.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140
|
|
postfix>3.0<3.0.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140
|
|
postfix>3.1<3.1.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140
|
|
postfix>3.2<3.2.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140
|
|
openssl>=1.1.0<1.1.0i timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0737
|
|
jenkins<2.116 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000169
|
|
jenkins-lts<2.107.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000169
|
|
jenkins<2.116 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000170
|
|
jenkins-lts<2.107.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000170
|
|
wordpress<4.9.5 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10100
|
|
wordpress<4.9.5 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10101
|
|
wordpress<4.9.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10102
|
|
gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10111
|
|
gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10112
|
|
gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10113
|
|
gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10114
|
|
libreoffice<5.4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10119
|
|
libreoffice>=6<6.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10119
|
|
libreoffice<5.4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10120
|
|
libreoffice>=6<6.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10120
|
|
cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3846
|
|
cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3848
|
|
cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3849
|
|
ImageMagick<7.0.7.29 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10177
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10186
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10187
|
|
perl<5.26.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6797
|
|
perl<5.26.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6798
|
|
perl<5.26.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6913
|
|
maradns<2.0.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-2031
|
|
maradns<2.0.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-2032
|
|
py{27,34,35,36}-gunicorn<19.5.0 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000164
|
|
nmap<7.70 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000161
|
|
glusterfs<3.12.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-1088
|
|
kodi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-8831
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10194
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10194
|
|
mysql-cluster<7.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-2877
|
|
phpmyadmin<4.8.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-10188
|
|
php{56,70,71,72}-drupal>=8.4<8.4.7 cross-site-scripting https://www.drupal.org/SA-CORE-2018-003
|
|
php{56,70,71,72}-drupal>=8.5<8.5.2 cross-site-scripting https://www.drupal.org/SA-CORE-2018-003
|
|
eclipse-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2017-8315
|
|
awstats-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10245
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8945
|
|
zabbix<3.4.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-2825
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10254
|
|
tiff-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10126
|
|
mupdf<1.14.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10289
|
|
curl<7.52.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9586
|
|
curl<7.52.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2016-9594
|
|
openslp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17833
|
|
salt<2016.3.6 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-7893
|
|
nasm<2.14 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10316
|
|
packagekit<1.1.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1106
|
|
mupdf<1.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-8728
|
|
jbig2dec<0.14 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2016-8729
|
|
ansible<2.1.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-9587
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2899
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2900
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2901
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2902
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2903
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2904
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2905
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2906
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2907
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2908
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2918
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12081
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12082
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12086
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12099
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12100
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12101
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12102
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12103
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12104
|
|
blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12105
|
|
SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12122
|
|
SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14440
|
|
SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14441
|
|
SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14442
|
|
SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14448
|
|
SDL2_image<2.0.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-14449
|
|
SDL2_image<2.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14450
|
|
freerdp-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2834
|
|
freerdp-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2835
|
|
freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2836
|
|
freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2837
|
|
freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2838
|
|
freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2839
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2923
|
|
freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2924
|
|
openssl>=1.1.0<1.1.0h verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0733
|
|
npm<6.0.1 modification-of-assumed-immutable-data https://nvd.nist.gov/vuln/detail/CVE-2018-3728
|
|
leptonica<1.75.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-3836
|
|
ffmpeg3<3.4.3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7751
|
|
ktexteditor>=5.34.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10361
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10372
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10373
|
|
glusterfs<3.12.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1112
|
|
flac<1.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-6888
|
|
qemu<2.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-9602
|
|
libvorbis<1.3.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10392
|
|
libvorbis<1.3.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10393
|
|
enlightenment<0.17.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-1845
|
|
enlightenment<0.17.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-1846
|
|
xenkernel42-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html
|
|
xenkernel45-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html
|
|
xenkernel46-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html
|
|
xenkernel48<4.8.4 information-leak https://xenbits.xen.org/xsa/advisory-258.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-259.html
|
|
libraw<0.18.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10528
|
|
libraw<0.18.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10529
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10535
|
|
binutils<2.31 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10534
|
|
wavpack<5.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10536
|
|
wavpack<5.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10537
|
|
wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10538
|
|
wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10539
|
|
wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10540
|
|
php56-iconv<5.6.36 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546
|
|
php70-iconv<7.0.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546
|
|
php71-iconv<7.1.17 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546
|
|
php72-iconv<7.2.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546
|
|
php>=5.6<5.6.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547
|
|
php>=7.0<7.0.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547
|
|
php>=7.1<7.1.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547
|
|
php>=7.2<7.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547
|
|
php56-exif<5.6.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549
|
|
php70-exif<7.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549
|
|
php71-exif<7.1.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549
|
|
php72-exif<7.2.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549
|
|
php56-ldap<5.6.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548
|
|
php70-ldap<7.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548
|
|
php71-ldap<7.1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548
|
|
php72-ldap<7.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548
|
|
phpmyadmin<4.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-18264
|
|
libreoffice-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10583
|
|
openvpn<2.4.6 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-9336
|
|
ansible<1.2.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-2233
|
|
p7zip<18.05 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10115
|
|
lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10685
|
|
libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10733
|
|
libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10767
|
|
ncurses<6.1nb3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10754
|
|
jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9154
|
|
abcm2ps<8.13.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10753
|
|
abcm2ps<8.13.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10771
|
|
wget<1.19.5 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2018-0494
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10772
|
|
poppler-utils<0.37 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10768
|
|
webkit-gtk<2.20.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0003.html
|
|
webkit-gtk<2.20.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0004.html
|
|
gd<2.0.35 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2007-2756
|
|
gd<2.0.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2007-3473
|
|
gd<2.0.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2007-3477
|
|
php{56,70,71,72}-drupal>=7<7.58 remote-code-execution https://www.drupal.org/SA-CORE-2018-004
|
|
php{56,70,71,72}-drupal>=8.4<8.4.8 remote-code-execution https://www.drupal.org/SA-CORE-2018-004
|
|
php{56,70,71,72}-drupal>=8.5<8.5.3 remote-code-execution https://www.drupal.org/SA-CORE-2018-004
|
|
firefox52<52.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/
|
|
python27<2.7.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060
|
|
python27<2.7.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061
|
|
python34<3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060
|
|
python34<3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061
|
|
python35<3.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060
|
|
python35<3.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061
|
|
python36<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060
|
|
python36<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061
|
|
jenkins-lts<2.32.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-02-01/
|
|
jenkins<2.44 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-02-01/
|
|
xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html
|
|
xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html
|
|
xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html
|
|
xenkernel48<4.8.4 privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-261.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-262.html
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11017
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11095
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11100
|
|
xpdf<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11033
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10998
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10999
|
|
lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-10992
|
|
postgresql96-contrib<9.6.9 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1115
|
|
postgresql10-contrib<10.4 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1115
|
|
poppler<0.65.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18267
|
|
xdg-open<1.1.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-18266
|
|
tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10963
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10780
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10958
|
|
haproxy<1.8.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10184
|
|
prosody<0.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18265
|
|
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
|
|
ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804
|
|
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
|
|
ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805
|
|
ImageMagick<7.0.7.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251
|
|
ImageMagick6<6.9.9.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251
|
|
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271
|
|
ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271
|
|
ImageMagick<7.0.7.23 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18272
|
|
ImageMagick6<6.9.9.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18272
|
|
ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18273
|
|
ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18273
|
|
tiff<4.0.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10801
|
|
nghttp2>=1.10.0<1.31.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-1000168
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10776
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10777
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10778
|
|
adobe-flash-player<29.0.0.113 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
|
|
adobe-flash-player<29.0.0.140 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
|
|
adobe-flash-player<29.0.0.171 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11254
|
|
podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11255
|
|
podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11256
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11243
|
|
nodejs>=9<9.10.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
|
|
nodejs>=8<8.11.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
|
|
nodejs>=6<6.14.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11225
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11226
|
|
apache-tomcat>=7.0.0<7.0.89 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014
|
|
apache-tomcat>=8.0.0<8.0.53 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014
|
|
apache-tomcat>=8.5.0<8.5.32 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014
|
|
hdf5<1.12.2 multiple-vulnerabilities https://github.com/Twi1ight/fuzzing-pocs/tree/master/hdf5
|
|
git-base<2.16.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11235
|
|
git-base>=2.17<2.17.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11235
|
|
jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11212
|
|
jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11213
|
|
jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11214
|
|
zookeeper<3.4.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8012
|
|
jenkins-lts<2.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-2607
|
|
jenkins<2.44 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-2607
|
|
jenkins-lts<2.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2609
|
|
jenkins<2.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2609
|
|
cppcms<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11367
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11375
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11376
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11377
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11378
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11379
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11380
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11381
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11382
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11383
|
|
radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11384
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11354
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11355
|
|
wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356
|
|
wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356
|
|
wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357
|
|
wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357
|
|
wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358
|
|
wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358
|
|
wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359
|
|
wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359
|
|
wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360
|
|
wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11361
|
|
wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362
|
|
wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362
|
|
wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362
|
|
epiphany-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11396
|
|
mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000036
|
|
mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000037
|
|
mupdf<1.12.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000038
|
|
mupdf<1.12.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000039
|
|
mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000040
|
|
curl>=7.54.1<7.60.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000300
|
|
curl>=7.20.0<7.60.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000301
|
|
jpegoptim<1.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11416
|
|
moodle<3.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1133
|
|
moodle<3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1134
|
|
moodle<3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1135
|
|
moodle<3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1136
|
|
moodle<3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1137
|
|
discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11468
|
|
haproxy>=1.8.0<1.8.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11469
|
|
libsass>=3.4.7<3.6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11499
|
|
lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11496
|
|
discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11503
|
|
discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11504
|
|
vlc<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11516
|
|
sudo<1.8.18p1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-7076
|
|
exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11531
|
|
git-base<2.16.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11233
|
|
git-base>=2.17<2.17.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11233
|
|
taglib<1.11.1nb1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11439
|
|
graphviz-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10196
|
|
slurm>=2.4.0pre4<17.11.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-10995
|
|
ImageMagick<7.0.7.20 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-11655
|
|
ImageMagick<7.0.7.20 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-11656
|
|
ImageMagick6<6.9.9.50 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11624
|
|
ImageMagick<7.0.7.38 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11624
|
|
ImageMagick6<6.9.9.50 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11625
|
|
ImageMagick<7.0.7.38 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11625
|
|
ruby{22,23,24,25}-sinatra<2.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-11627
|
|
ghostscript-gpl-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11645
|
|
ghostscript-agpl<9.21rc1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11645
|
|
nikto-[0-9]* arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11652
|
|
thunderbird<52.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/
|
|
sysinfo<10.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-7268
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-263.html
|
|
mariadb-server<5.5.60 multiple-vulnerabilities https://mariadb.com/kb/en/library/mariadb-5560-release-notes/
|
|
prosody<0.10.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10847
|
|
npm<5.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16023
|
|
npm<2.14.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16026
|
|
libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11693
|
|
libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11694
|
|
libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11695
|
|
libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11696
|
|
libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11697
|
|
libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11698
|
|
libopenmpt<0.3.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11710
|
|
webkit-gtk>=2.20.0<2.20.2 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11712
|
|
webkit-gtk<2.20.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11713
|
|
webkit-gtk<2.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646
|
|
webkit24-gtk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646
|
|
webkit24-gtk3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646
|
|
gnupg<1.4.23 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12020
|
|
gnupg2<2.2.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12020
|
|
bird<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12066
|
|
bird6<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12066
|
|
epiphany<3.28.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12016
|
|
perl<5.28.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-12015
|
|
p5-Archive-Tar<2.30 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-12015
|
|
npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3739
|
|
npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3737
|
|
npm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3721
|
|
npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16137
|
|
jpeg<9cnb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11813
|
|
firefox52<52.8.1 heap-buffer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/
|
|
firefox<60.0.2 heap-buffer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/
|
|
jenkins>=2.107<2.121 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-05-09/
|
|
jenkins<2.107.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-05-09/
|
|
sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11737
|
|
sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11738
|
|
sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11739
|
|
sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11740
|
|
file<5.32nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10360
|
|
grafana<5.2.0b1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-12099
|
|
lepton-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12108
|
|
thunderbird-enigmail<2.0.7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12019
|
|
seamonkey-enigmail<2.0.7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12019
|
|
libgcrypt<1.8.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0495
|
|
nodejs>=10<10.4.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
|
|
nodejs>=8<8.11.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
|
|
nodejs>=6<6.14.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
|
|
radare2<2.7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-12320
|
|
radare2<2.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12321
|
|
radare2<2.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12322
|
|
exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12264
|
|
exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12265
|
|
qemu<3.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11806
|
|
openssl<1.0.2p denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0732
|
|
openssl>1.1.0<1.1.0i denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0732
|
|
asterisk>=15.0<15.4.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-007.html
|
|
asterisk>=13.0<13.21.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html
|
|
asterisk>=14.0<14.7.7 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html
|
|
asterisk>=15.0<15.4.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html
|
|
firefox<56.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/
|
|
password-store<1.7.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12356
|
|
libressl<2.7.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12434
|
|
botan>=2.5.0<2.7.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12435
|
|
libtomcrypt<1.18.2 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12437
|
|
boringssl-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12440
|
|
ImageMagick<7.0.7.16 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18271
|
|
ImageMagick6<6.9.9.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18271
|
|
ImageMagick<7.0.7.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-18272
|
|
ImageMagick<6.9.9.29 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-18272
|
|
ImageMagick<7.0.7.16 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18273
|
|
ImageMagick6<6.9.9.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18273
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11037
|
|
hdf5<1.10.3 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-11203
|
|
hdf5<1.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11204
|
|
hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11205
|
|
hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11206
|
|
hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11207
|
|
yara-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12034
|
|
yara-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12035
|
|
evolution-data-server-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12422
|
|
libbpg-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12447
|
|
ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458
|
|
ffmpeg4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458
|
|
ffmpeg4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12459
|
|
ffmpeg4<4.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-12460
|
|
discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12495
|
|
redis<4.0.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11218
|
|
redis<4.0.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11219
|
|
redis<4.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12326
|
|
passenger<5.3.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-12026
|
|
passenger<5.3.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12027
|
|
passenger<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12028
|
|
passenger<5.3.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-12029
|
|
hdf5<1.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11202
|
|
libjpeg-turbo<2.0.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-1152
|
|
liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12096
|
|
liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12097
|
|
liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12098
|
|
webkit-gtk<2.20.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0005.html
|
|
firefox52<52.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/
|
|
glusterfs<3.12.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-10841
|
|
ntp<4.2.8p12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12327
|
|
p5-Email-Address<1.912 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12558
|
|
ImageMagick<7.0.8.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12599
|
|
ImageMagick6<6.9.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12599
|
|
ImageMagick<7.0.8.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12600
|
|
ImageMagick6<6.9.10.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12600
|
|
dovecot<2.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2669
|
|
passenger<5.3.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-12615
|
|
qemu<3.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12617
|
|
phpmyadmin<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-12581
|
|
phpmyadmin<4.8.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12613
|
|
ansible2<2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2017-7466
|
|
jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7656
|
|
jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7657
|
|
jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7658
|
|
jetty<9.4.11.20180605 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12536
|
|
jetty<9.4.11.20180605 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2018-12538
|
|
exempi<2.4.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-12648
|
|
phpldapadmin-[0-9]* remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-12689
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12641
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12697
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12698
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12699
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12700
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12934
|
|
php72-exif<7.2.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-12882
|
|
php{56,70,71,72}-basercms<3.0.16 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0569
|
|
php{56,70,71,72}-basercms<3.0.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0570
|
|
php{56,70,71,72}-basercms<3.0.16 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-0571
|
|
php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0572
|
|
php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0573
|
|
php{56,70,71,72}-basercms<3.0.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0574
|
|
php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0575
|
|
h2o<2.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0608
|
|
u-boot<2018.07 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000205
|
|
py{34,35,36}-websockets<5.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000518
|
|
mbedtls-[0-9]* verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1000520
|
|
ruby{22,23,24,25}-zip<1.2.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000544
|
|
wordpress<4.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12895
|
|
ruby{22,23,24,25}-sprockets<2.2.3nb3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-3760
|
|
ruby{22,23,24,25}-sprockets<3.7.2 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-3760
|
|
tiff<4.0.10nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12900
|
|
py{27,34,35,36}-yaml<4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18342
|
|
wine-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12932
|
|
wine-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12933
|
|
apache-cassandra<3.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8016
|
|
openslp-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2018-12938
|
|
p5-Archive-Zip<1.61 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-10860
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-264.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-265.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-266.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html
|
|
xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-267.html
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12982
|
|
podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12983
|
|
gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13005
|
|
gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13006
|
|
htslib-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-14329
|
|
htslib<1.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13843
|
|
htslib<1.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13844
|
|
htslib<1.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13845
|
|
powerdns<4.1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1046
|
|
mp4v2<4.1.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14326
|
|
mp4v2<4.1.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14325
|
|
mp4v2<4.1.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-14054
|
|
clamav<0.100.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-0360
|
|
clamav<0.100.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0361
|
|
curl>=7.52.0<7.54.0 security-bypass https://curl.haxx.se/docs/adv_20170419.html
|
|
curl>=7.54.1<7.61.0 heap-overflow https://curl.haxx.se/docs/adv_2018-70a2.html
|
|
libsixel<1.8.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14072
|
|
libsixel<1.8.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14073
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13866
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13867
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13868
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13869
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13870
|
|
hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13871
|
|
hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13872
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13873
|
|
hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13874
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13875
|
|
hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13876
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14031
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14032
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14033
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14034
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14035
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13300
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13300
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13301
|
|
ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13303
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13304
|
|
ffmpeg4<4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-13305
|
|
php{56,70,71,72}-nextcloud<12.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3761
|
|
php{56,70,71,72}-nextcloud>=13<13.0.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3761
|
|
php{56,70,71,72}-nextcloud<12.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3762
|
|
php{56,70,71,72}-nextcloud>=13<13.0.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3762
|
|
xapian<1.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0499
|
|
ansible<2.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10874
|
|
giflib<5.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11490
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13033
|
|
glpi>=9.2<9.3.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-13049
|
|
ming-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13066
|
|
qemu<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2615
|
|
ansible<2.4.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10855
|
|
tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13112
|
|
npm<6.0.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-3750
|
|
libsndfile<1.0.28nb3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13139
|
|
ImageMagick<7.0.8.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13153
|
|
ImageMagick6<6.9.10.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13153
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13250
|
|
ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13251
|
|
libsoup<2.62.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-12910
|
|
ntopng<3.4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2018-12520
|
|
py27-mercurial<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13346
|
|
py27-mercurial<4.6.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13347
|
|
py27-mercurial<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13348
|
|
libsndfile-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13419
|
|
libaudiofile-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13440
|
|
qemu<2.9.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-7471
|
|
png<1.6.35 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13785
|
|
adobe-flash-player<30.0.0.113 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
|
|
php{56,70,71,72}-concrete5<8.3.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-13790
|
|
rust<1.27.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000622
|
|
libgit2<0.27.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10887
|
|
libgit2<0.27.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10888
|
|
moodle<3.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10889
|
|
moodle<3.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10890
|
|
moodle<3.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10891
|
|
polkit<0.116 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1116
|
|
vlc<3.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11529
|
|
couchdb<2.1.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-8007
|
|
nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13441
|
|
nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13457
|
|
nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13458
|
|
mailman<2.1.28 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-13796
|
|
radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14015
|
|
radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14016
|
|
radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14017
|
|
exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14046
|
|
soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14044
|
|
soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14045
|
|
epubcheck<4.0.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2016-9487
|
|
xfe<1.40 file-permissions https://nvd.nist.gov/vuln/detail/CVE-2014-2079
|
|
libextractor<1.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14346
|
|
libextractor<1.7 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14347
|
|
mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14349
|
|
neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14349
|
|
mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14350
|
|
neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14350
|
|
mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14351
|
|
neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14351
|
|
mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14352
|
|
neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14352
|
|
mutt<1.10.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14353
|
|
neomutt<20180716 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14353
|
|
mutt<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14354
|
|
neomutt<20180716 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14354
|
|
mutt<1.10.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14355
|
|
neomutt<20180716 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14355
|
|
mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14356
|
|
neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14356
|
|
mutt<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14357
|
|
neomutt<20180716 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14357
|
|
mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14358
|
|
neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14358
|
|
mutt<1.10.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14359
|
|
neomutt<20180716 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14359
|
|
neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14360
|
|
neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14361
|
|
mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14362
|
|
neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14362
|
|
neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14363
|
|
mp4v2<4.1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14379
|
|
mysql-workbench<8.0.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-2598
|
|
oracle-{jdk,jre}8<8.0.173 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA
|
|
openjdk8<1.8.173 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA
|
|
mysql-client>=5.5<5.5.61 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
|
|
mysql-client>=5.6<5.6.41 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.23 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
|
|
mysql-server>=5.5<5.5.61 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.41 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.23 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
|
|
apache<2.4.34 multiple-vulnerabilities https://httpd.apache.org/security/vulnerabilities_24.html#2.4.34
|
|
wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14339
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14340
|
|
wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14341
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14342
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14343
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14344
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14367
|
|
wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14368
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14369
|
|
wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14370
|
|
nss<3.30 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9574
|
|
ansible<2.3.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7481
|
|
ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14394
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14394
|
|
ffmpeg3<3.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14395
|
|
ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14395
|
|
mp4v2<4.1.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14403
|
|
libxml2<2.9.8nb2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-14404
|
|
openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14423
|
|
evolution-data-server<3.21.2 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2016-10727
|
|
ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14434
|
|
ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14435
|
|
ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14435
|
|
ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14436
|
|
ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14436
|
|
ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14437
|
|
ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14437
|
|
confuse<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14447
|
|
mp4v2<4.1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14446
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14460
|
|
npm<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3736
|
|
adobe-flash-player<30.0.0.134 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-24.html
|
|
mitmproxy<4.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14505
|
|
aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14521
|
|
aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14522
|
|
aubio<0.4.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14523
|
|
ImageMagick<7.0.8.8 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-14551
|
|
ImageMagick6<6.9.10.8 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-14551
|
|
jenkins-lts<2.121.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-07-18/
|
|
jenkins<2.132 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-07-18/
|
|
ffmpeg2<2.8.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010
|
|
ffmpeg2<2.8.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012
|
|
ffmpeg4<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010
|
|
ffmpeg4<4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1999011
|
|
ffmpeg4<4.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012
|
|
ffmpeg4<4.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1999013
|
|
ffmpeg3<3.4.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010
|
|
ffmpeg3<3.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1999011
|
|
ffmpeg3<3.4.3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012
|
|
ffmpeg3<3.4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1999013
|
|
ffmpeg4<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1999014
|
|
ffmpeg4<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999015
|
|
wesnoth>=1.7.0<1.14.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1999023
|
|
u-boot<2017.09 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-3225
|
|
u-boot<2017.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3226
|
|
fuse<2.9.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-10906
|
|
poppler<0.67.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13988
|
|
ansible<2.2.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-8647
|
|
gdm<3.24.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12164
|
|
kafka<0.10.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12610
|
|
qemu<2.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7539
|
|
mit-krb5<1.16.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2017-7562
|
|
mailman<2.1.27 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-0618
|
|
kafka<1.1.0 data-loss https://nvd.nist.gov/vuln/detail/CVE-2018-1288
|
|
qemu<2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15119
|
|
powerdns-recursor<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15120
|
|
npm<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16114
|
|
netpbm<10.61 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2579
|
|
netpbm<10.61 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2580
|
|
netpbm<10.61 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2581
|
|
netpbm<10.61 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2586
|
|
netpbm<10.61 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2587
|
|
qemu<2.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2620
|
|
modular-xorg-server<1.19.0 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-2624
|
|
libXdmcp<1.1.3 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-2625
|
|
libICE<1.0.10 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-2626
|
|
qemu<2.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2630
|
|
curl<7.53.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-2629
|
|
qemu<1.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2633
|
|
advancecomp<2.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1056
|
|
qemu<2.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9603
|
|
qemu<2.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15118
|
|
cups<2.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-15400
|
|
cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4180
|
|
cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4181
|
|
cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4182
|
|
cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4183
|
|
php56-exif<5.6.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883
|
|
php70-exif<7.0.31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883
|
|
php71-exif<7.1.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883
|
|
php72-exif<7.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883
|
|
php56-exif<5.6.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851
|
|
php71-exif<7.1.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851
|
|
php70-exif<7.0.31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851
|
|
php72-exif<7.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851
|
|
bind>=9.9.12<9.9.13 authorization-bypass https://kb.isc.org/article/AA-01616/74/CVE-2018-5738
|
|
bind>=9.10.7<9.10.8 authorization-bypass https://kb.isc.org/article/AA-01616/74/CVE-2018-5738
|
|
libraw<0.18.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5813
|
|
libraw<0.18.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5815
|
|
libraw<0.18.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5816
|
|
thunderbird<52.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/
|
|
mbedtls>=1.2<2.1.14 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0497
|
|
mbedtls>=2.2<2.7.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0497
|
|
mbedtls>=1.2<2.1.14 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0498
|
|
mbedtls>=2.2<2.7.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0498
|
|
libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14679
|
|
libmspack<0.7alpha unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14680
|
|
libmspack<0.7alpha out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14681
|
|
libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14682
|
|
firefox<49.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
|
|
firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
|
|
firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
|
|
firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/
|
|
thunderbird45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-93/
|
|
firefox<55.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/
|
|
firefox52<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/
|
|
firefox52<52.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/
|
|
thunderbird45<45.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/
|
|
thunderbird<52.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-09/
|
|
firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/
|
|
firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
|
|
firefox52<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
|
|
firefox<59.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
|
|
firefox52<52.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
|
|
firefox<59.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
|
|
firefox<57.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/
|
|
firefox52<52.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/
|
|
firefox52<52.0.1 integer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/
|
|
thunderbird<52.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/
|
|
wordpress-[0-9]* remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-14028
|
|
postgresql93-server<9.3.24 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/
|
|
postgresql94-server<9.4.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/
|
|
postgresql95-server<9.5.14 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/
|
|
postgresql96-server<9.6.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/
|
|
postgresql10-server<10.5 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/
|
|
wpa_supplicant<2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14526
|
|
couchdb<2.2.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11769
|
|
webkit-gtk<2.20.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0006.html
|
|
nmap<7.80 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15173
|
|
squirrelmail<1.4.23pre14832 multiple-vulnerabilities https://sourceforge.net/p/squirrelmail/bugs/2831/
|
|
tcpflow-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14938
|
|
cgit<1.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14912
|
|
py{27,34,35,36,37}-cryptography>=1.9.0<2.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10903
|
|
ansible<2.2.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-8614
|
|
ansible<2.2.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2016-8628
|
|
curl<7.51.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-8618
|
|
curl<7.51.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-8617
|
|
curl<7.51.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8622
|
|
curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8624
|
|
curl<7.51.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-8621
|
|
curl<7.51.0 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2016-8615
|
|
curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8616
|
|
curl<7.51.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8620
|
|
curl<7.51.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-8619
|
|
curl<7.51.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8623
|
|
curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8625
|
|
nss<3.28 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8635
|
|
nagios-base<4.2.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-8641
|
|
openjpeg<2.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-9572
|
|
openjpeg<2.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9573
|
|
openjpeg<2.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9580
|
|
openjpeg<2.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2016-9581
|
|
lftp<4.8.4 arbitrary-file-removal https://nvd.nist.gov/vuln/detail/CVE-2018-10916
|
|
libXcursor<1.1.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-9262
|
|
jasper<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8654
|
|
jasper<2.0.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9583
|
|
cfitsio<3.44 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3847
|
|
apache-tomcat>=7.0.28<7.0.87 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336
|
|
apache-tomcat>=8.0.0<8.0.52 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336
|
|
apache-tomcat>=8.5.0<8.5.31 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336
|
|
apache-tomcat>=9.0.0<9.0.8 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336
|
|
apache-tomcat>=7.0.35<7.0.89 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034
|
|
apache-tomcat>=8.0.0<8.0.53 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034
|
|
apache-tomcat>=8.5.0<8.5.32 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034
|
|
apache-tomcat>=9.0.0<9.0.10 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034
|
|
apache-tomcat>=8.5.5<8.5.32 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8037
|
|
apache-tomcat>=9.0.0<9.0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8037
|
|
ntp<4.2.8p10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9042
|
|
knot<2.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-10920
|
|
#php-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9118 # disputed https://bugs.php.net/bug.php?id=74604
|
|
php{56,70,71,72}-mysqli-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9120
|
|
php>=7.0<7.0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884
|
|
php>=7.1<7.1.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884
|
|
php>=7.2<7.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884
|
|
mantis>=2.1.0<2.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-13055
|
|
mantis>=2.0<2.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14504
|
|
py{27,34,35,36,37}-django>=1.11.0<1.11.15 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574
|
|
py{34,35,36,37}-django>=2.0<2.0.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574
|
|
libreoffice-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14939
|
|
php{56,70,71,72}-drupal>=7<7.56 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-003
|
|
php{56,70,71,72}-drupal>=8<8.3.4 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-003
|
|
rpm<4.14.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-7500
|
|
webkit-gtk<2.20.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12293
|
|
webkit-gtk<2.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12294
|
|
php{56,70,71,72}-tiki6<18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14849
|
|
php{56,70,71,72}-tiki6<18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14850
|
|
php{56,70,71,72}-nextcloud<13.05 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-3780
|
|
apache>=2.2<2.2.32 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2016-4975
|
|
apache>=2.4<2.4.25 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2016-4975
|
|
redis<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12453
|
|
gdm<3.29.91 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14424
|
|
mingw-w64-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-5392
|
|
libxml2<2.9.8nb3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14567
|
|
xentools42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-272.html
|
|
xentools45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-272.html
|
|
xentools48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-272.html
|
|
xentools411<4.11.1 denial-of-service https://xenbits.xen.org/xsa/advisory-272.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-269.html
|
|
xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-269.html
|
|
xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-269.html
|
|
openssh<7.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15473
|
|
libgit2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15501
|
|
py{27,34,35,36,37}-cryptodome<3.6.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-15560
|
|
py{27,34,35,36,37}-Pyro<3.15 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-2765
|
|
sympa<6.2.32 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000550
|
|
zutils<1.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000637
|
|
libtasn1<4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000654
|
|
rust>=1.3.0<1.22.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000657
|
|
libvirt<2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5160
|
|
pkgconf>=1.5.0<1.5.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000221
|
|
soundtouch<2.1.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000223
|
|
gd<2.2.5nb4 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000222
|
|
dropbear<2019.77 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15599
|
|
nodejs<6.14.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166
|
|
nodejs>=8<8.11.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166
|
|
nodejs>=10<10.9.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166
|
|
nodejs<6.14.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115
|
|
nodejs>=8<8.11.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115
|
|
nodejs>=10<10.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115
|
|
ImageMagick<7.0.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15607
|
|
ImageMagick6<6.9.10.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15607
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15671
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15672
|
|
gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10844
|
|
gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10845
|
|
gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10846
|
|
samba<4.6.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10858
|
|
samba>=4.7<4.7.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10918
|
|
samba>=4.8<4.8.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10918
|
|
samba<4.6.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10919
|
|
samba>=4.7<4.7.9 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-1139
|
|
samba>=4.8<4.8.4 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-1139
|
|
samba>=4.8<4.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1140
|
|
libbpg-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-2575
|
|
libvirt>=2.5.0<3.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-2635
|
|
curl<7.10.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2003-1605
|
|
jenkins-lts<2.121.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-08-15/
|
|
jenkins<2.138 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-08-15/
|
|
ffmpeg2<2.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822
|
|
ffmpeg3<3.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822
|
|
ffmpeg4<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822
|
|
php{56,70,71,72}-nextcloud<12.0.3 weak-authorization https://nvd.nist.gov/vuln/detail/CVE-2018-3775
|
|
php{56,70,71,72}-nextcloud<12.0.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-3776
|
|
libX11<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14598
|
|
libX11<1.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14599
|
|
libX11<1.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14600
|
|
pango<1.42.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15120
|
|
php{56,70,71,72,73}-phpmyadmin<4.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-15605
|
|
ntp<4.2.8p11 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15605
|
|
xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html
|
|
xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html
|
|
xenkernel46-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html
|
|
xenkernel48<4.8.5 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html
|
|
xenkernel411<4.11.1 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html
|
|
apache-ant<1.9.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15605
|
|
apache-ant>=1.10<1.10.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15605
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16391
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16392
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16393
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16418
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16419
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16420
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16421
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16422
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16423
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16424
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16425
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16426
|
|
opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16427
|
|
libykneomgr-[0-9]* multiple-vulnerabilities https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15870
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15871
|
|
libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15853
|
|
libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15854
|
|
libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15855
|
|
libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15856
|
|
libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15857
|
|
libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15858
|
|
libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15859
|
|
libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15861
|
|
libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15862
|
|
libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15863
|
|
libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15864
|
|
ap{22,24}-perl<2.0.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2011-2767
|
|
podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15889
|
|
ghostscript-agpl<9.24 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15908
|
|
ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15908
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15909
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15909
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15910
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15910
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15911
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15911
|
|
nsd<4.1.23 sensitive-information-disclosure https://www.nlnetlabs.nl/projects/nsd/security-advisories/#nsd-time-sensitive-tsig-compare-vulnerability
|
|
firefox<62.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/
|
|
firefox60<60.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16511
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16511
|
|
ghostscript-agpl<9.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16509
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16509
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16510
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16510
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16513
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16513
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16541
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16541
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16539
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16539
|
|
ghostscript-agpl<9.24 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16540
|
|
ghostscript-gpl-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16540
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16542
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16542
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16543
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16585
|
|
ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16585
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16543
|
|
ghostscript-agpl<9.25 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16802
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16802
|
|
adobe-flash-player<30.0.0.154 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-25.html
|
|
trafficserver<7.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1318
|
|
trafficserver<7.1.4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2018-8004
|
|
trafficserver<7.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8005
|
|
trafficserver<6.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8022
|
|
trafficserver<7.1.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8040
|
|
spamassassin<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15705
|
|
spamassassin<3.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11780
|
|
spamassassin<3.4.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11781
|
|
ImageMagick<7.0.8.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16323
|
|
ImageMagick<7.0.8.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16328
|
|
ImageMagick6<6.9.10.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16328
|
|
ImageMagick<7.0.8.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16329
|
|
ImageMagick<7.0.8.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16412
|
|
ImageMagick<7.0.8.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16413
|
|
ImageMagick6<6.9.10.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16413
|
|
ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16640
|
|
ImageMagick6<6.9.10.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16640
|
|
ImageMagick<7.0.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16641
|
|
ImageMagick<7.0.7.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16642
|
|
ImageMagick6<6.9.9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16642
|
|
ImageMagick<7.0.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16643
|
|
ImageMagick6<6.9.10.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16643
|
|
ImageMagick<7.0.8.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16644
|
|
ImageMagick<6.9.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16644
|
|
ImageMagick<7.0.8.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16645
|
|
ImageMagick<7.0.7.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16749
|
|
ImageMagick6<6.9.9.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16749
|
|
ImageMagick<7.0.7.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16750
|
|
ImageMagick6<6.9.9.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16750
|
|
mgetty<1.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16741
|
|
mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16742
|
|
mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16743
|
|
mgetty<1.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16744
|
|
mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16745
|
|
glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10904
|
|
glusterfs<3.12.14 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10907
|
|
glusterfs<3.12.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10911
|
|
glusterfs<3.12.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10913
|
|
glusterfs<3.12.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10914
|
|
glusterfs<3.12.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10923
|
|
glusterfs<3.12.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10924
|
|
glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10926
|
|
glusterfs<3.12.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10927
|
|
glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10928
|
|
glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10929
|
|
glusterfs<3.12.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-10930
|
|
icu<60.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15396
|
|
moodle<3.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14630
|
|
moodle<3.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14631
|
|
curl<7.61.1 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2018-14618
|
|
wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16056
|
|
wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16057
|
|
wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16058
|
|
glib2<2.56.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16428
|
|
glib2<2.56.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16429
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16336
|
|
php{56,70,71,72}-contao35<3.5.36 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057
|
|
php{56,70,71,72}-contao44<4.4.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057
|
|
php{71,72}-contao45-4.5.* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057
|
|
php{71,72}-contao45-4.5.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
openssh-[0-9]* oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15919
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15746
|
|
grafana<4.6.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-15727
|
|
fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-16140
|
|
jdbc-postgresql{93,94}-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-10936
|
|
tiff<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16335
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16368
|
|
xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16369
|
|
openjpeg<2.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16375
|
|
openjpeg<2.3.1nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16376
|
|
jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16554
|
|
jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17088
|
|
mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16647
|
|
mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16648
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16382
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16517
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16999
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000667
|
|
openafs<1.6.23 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16947
|
|
openafs>=1.7<1.8.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16947
|
|
openafs<1.6.23 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16948
|
|
openafs>=1.7<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16948
|
|
openafs<1.6.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16949
|
|
openafs>=1.7<1.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16949
|
|
powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7068
|
|
pdns-recursor<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7068
|
|
powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7072
|
|
powerdns<4.0.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7073
|
|
pdns-recursor<4.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7073
|
|
powerdns<4.0.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7074
|
|
pdns-recursor<4.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7074
|
|
soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17096
|
|
soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17097
|
|
soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17098
|
|
tiff<4.0.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17000
|
|
tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17100
|
|
tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17101
|
|
wordpress<4.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000600
|
|
wordpress-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000773
|
|
zsh<5.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0502
|
|
zsh<5.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-13259
|
|
libextractor<1.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16430
|
|
lcms2<2.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16435
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16438
|
|
pidgin<2.11.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1000030
|
|
npm<3.10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-1000232
|
|
py{27,34,35,36,37,38}-flask-admin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16516
|
|
zziplib-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16548
|
|
sympa<6.2.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000671
|
|
okular<18.08.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000801
|
|
accountsservice<0.6.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14036
|
|
poppler<0.72 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16646
|
|
openssl<1.0.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2016-7056
|
|
monit<5.20.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-7067
|
|
ansible<2.4.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10875
|
|
libbson<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16790
|
|
dnsdist<1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7069
|
|
radare2<2.9.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-15834
|
|
gitolite<3.6.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16976
|
|
opencc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16982
|
|
tor-browser<8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-16983
|
|
php<5.6.38 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082
|
|
php>=7.0<7.0.32 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082
|
|
php>=7.1<7.1.22 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082
|
|
php>=7.2<7.2.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082
|
|
libaudiofile-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17095
|
|
podofo<0.9.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14320
|
|
thunderbird<60.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/
|
|
firefox<61.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/
|
|
boringssl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15423
|
|
xml-security-c<2.0.1 denial-of-service https://shibboleth.net/community/advisories/secadv_20180803.txt
|
|
seamonkey<2.49.4 multiple-vulnerabilities https://www.seamonkey-project.org/releases/seamonkey2.49.4/
|
|
bitcoin<0.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17144
|
|
ghostscript-agpl<9.25 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-17183
|
|
ghostscript-gpl-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-17183
|
|
elasticsearch<6.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-3826
|
|
elasticsearch<6.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-3831
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17229
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17230
|
|
hylafax<6.0.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17141
|
|
asterisk>=11<12 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-009.html
|
|
bind<8.2.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2001-0497
|
|
bind>=9.0<9.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2001-0497
|
|
sun-{jre,jdk}<1.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2000-1099
|
|
dropbear<0.43 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2004-2486
|
|
hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17233
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17234
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17237
|
|
libmp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17235
|
|
libmp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17236
|
|
exiv2<0.27 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17282
|
|
gitolite<3.5.3.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2013-4451
|
|
gitolite<3.5.3.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2013-7203
|
|
haproxy<1.8.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14645
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17358
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17359
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17360
|
|
mediawiki<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0503
|
|
mediawiki<1.31.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0504
|
|
mediawiki<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0505
|
|
mediawiki>=1.31<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-13258
|
|
firefox60<60.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/
|
|
dvipsk<5.998nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407
|
|
luatex<1.07.0nb6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407
|
|
web2c<2018nb5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407
|
|
hdf5-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17432
|
|
hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17433
|
|
hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17434
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17435
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17436
|
|
hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17437
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17438
|
|
hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17439
|
|
spidermonkey52-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
|
|
firefox<62.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
|
|
firefox60<60.2.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
|
|
git-base<2.14.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456
|
|
git-base>=2.15<2.15.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456
|
|
git-base>=2.16<2.16.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456
|
|
git-base>=2.17<2.17.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456
|
|
git-base>=2.18<2.18.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456
|
|
git-base>=2.19<2.19.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456
|
|
py27-expat<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647
|
|
py34-expat<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647
|
|
py35-expat<3.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647
|
|
py36-expat<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647
|
|
py37-expat<3.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647
|
|
adobe-flash-player<31.0.0.108 privilege-escalation https://helpx.adobe.com/security/products/flash-player/apsb18-31.html
|
|
apache>=2.4.17<2.4.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11763
|
|
ruby{23,24,25}-jekyll<3.6.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567
|
|
ruby{23,24,25}-jekyll>=3.7<3.7.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567
|
|
ruby{23,24,25}-jekyll>=3.8<3.8.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567
|
|
tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17580
|
|
tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17582
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17581
|
|
libiberty-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17794
|
|
zziplib-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-17828
|
|
py{34,35,36,37,38}-django>=2.1<2.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16984
|
|
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17965
|
|
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17966
|
|
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17967
|
|
ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18016
|
|
ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18023
|
|
ImageMagick6<6.9.10.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18024
|
|
ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18024
|
|
ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18025
|
|
tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17974
|
|
apache-tomcat<7.0.91 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784
|
|
apache-tomcat>=8.0<8.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784
|
|
apache-tomcat>=8.5.0<8.5.34 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784
|
|
apache-tomcat>=9.0.0<9.0.12 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784
|
|
py27-mercurial<4.7.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-17983
|
|
libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17985
|
|
py{27,34,35,36,37,38}-paramiko<2.4.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000805
|
|
py{27,34,35,36,37,38}-OpenSSL<17.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000807
|
|
py{27,34,35,36,37,38}-OpenSSL<17.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000808
|
|
rust<1.29.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000810
|
|
cairo<1.16.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18064
|
|
net-snmp<5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18065
|
|
net-snmp<5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18066
|
|
webkit-gtk<2.22.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0007.html
|
|
firefox45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox52-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
spidermonkey52-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
tinc<1.0.30 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16737
|
|
tinc<1.0.35 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16738
|
|
tinc<1.0.35 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-16758
|
|
geeklog<1.4.0rc1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2005-4026
|
|
ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17961
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17961
|
|
py{27,34,35,36,37,38}-requests<2.20.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-18074
|
|
qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17958
|
|
qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17962
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17963
|
|
openjpeg<2.3.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18088
|
|
jenkins-lts<2.138.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-10-10/
|
|
jenkins<2.146 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-10-10/
|
|
wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18225
|
|
wireshark>=2.6.0<2.6.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18226
|
|
wireshark<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18227
|
|
wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18227
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18309
|
|
py27-moin<1.9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-5934
|
|
clamav<0.100.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15378
|
|
ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18073
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18073
|
|
libssh<0.76 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10933
|
|
firefox{,-bin,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
|
|
firefox{,-bin,-gtk1}>=2.0<2.0.0.1 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
|
|
thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
|
|
seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
|
|
firefox60<60.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/
|
|
firefox<62.0.2 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2018-22/
|
|
thunderbird<60.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/
|
|
firefox60<60.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/
|
|
tiff<4.0.9nb4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18557
|
|
modular-xorg-server>=1.19<1.20.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-14665
|
|
mkvtoolnix<28.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-4022
|
|
salt<2018.3.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-15750
|
|
salt<2018.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15751
|
|
mysql-server>=5.5<5.5.62 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.42 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.24 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
|
|
mariadb-server>=5.5<5.5.62 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.192 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA
|
|
openjdk8<1.8.192 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18454
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18455
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18456
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18457
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18458
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18459
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18650
|
|
xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18651
|
|
qemu<4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18438
|
|
qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10839
|
|
unzip<6.0nb9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18384
|
|
tcpreplay<4.3.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18407
|
|
tcpreplay<4.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18408
|
|
tcpflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18409
|
|
openexr<2.4.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18443
|
|
openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18444
|
|
libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18483
|
|
libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18484
|
|
ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18284
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18284
|
|
xfce4-thunar-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-18398
|
|
ImageMagick<7.0.8.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18544
|
|
ImageMagick6<6.9.10.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18544
|
|
teeworlds<0.6.5 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18541
|
|
libmspack<0.8alpha out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18584
|
|
libmspack<0.8alpha unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-18585
|
|
libmspack<0.8alpha directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-18586
|
|
ansible<2.6.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16837
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18605
|
|
binutils<2.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18606
|
|
binutils<2.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18607
|
|
amanda-client<3.3.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-10729
|
|
amanda-client<3.3.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-10730
|
|
prayer-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-18655
|
|
mupdf<1.15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-18662
|
|
tiff<4.0.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18661
|
|
openssl>=1.1.0<1.1.0j timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0735
|
|
py{27,34,35,36,37,38}-flask<0.12.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000656
|
|
gthumb-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2018-18718
|
|
gettext-tools<0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18751
|
|
mini_httpd<1.30 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-18778
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18700
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18701
|
|
openssl<1.0.2q timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0734
|
|
openssl>=1.1.0<1.1.0j timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0734
|
|
firefox<63.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/
|
|
ruby{22,23,24,25}-loofah<2.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16468
|
|
curl<7.62.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16839
|
|
curl<7.62.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16840
|
|
curl<7.62.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16842
|
|
php{56,70,71,72}-nextcloud<12.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16463
|
|
php{56,70,71,72}-nextcloud>=13<13.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16463
|
|
php{56,70,71,72}-nextcloud<14.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16464
|
|
php{56,70,71,72}-nextcloud<14.0.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16465
|
|
php{56,70,71,72}-nextcloud<12.0.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16466
|
|
php{56,70,71,72}-nextcloud>=13<13.0.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16466
|
|
php{56,70,71,72}-nextcloud<14.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16467
|
|
mantis>=2.1.0<2.17.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17782
|
|
mantis>=2.1.0<2.17.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17783
|
|
redis<6.0.6nb1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-2121
|
|
glusterfs<4.1.6 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-14651
|
|
glusterfs<4.1.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14652
|
|
glusterfs<4.1.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-14653
|
|
glusterfs<4.1.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-14654
|
|
glusterfs<4.1.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14659
|
|
glusterfs<4.1.6 format-string https://nvd.nist.gov/vuln/detail/CVE-2018-14661
|
|
jasper<2.0.19 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18873
|
|
samba<4.3.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2125
|
|
libexif<0.6.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-6328
|
|
xenkernel411<4.11.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18883
|
|
icecast<2.4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18820
|
|
samba>=4.0.0<4.3.13 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-2123
|
|
powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2120
|
|
glusterfs<4.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14660
|
|
SDL2_image<2.0.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-3977
|
|
qemu<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16847
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18849
|
|
poppler<0.73.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18897
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18915
|
|
icu<63.1nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18928
|
|
ruby23-base<2.3.8 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395
|
|
ruby24-base<2.4.5 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395
|
|
ruby25-base<2.5.2 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395
|
|
ruby23-base<2.3.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396
|
|
ruby24-base<2.4.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396
|
|
ruby25-base<2.5.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396
|
|
ruby{23,24,25}-rack>=2.0.4<2.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16470
|
|
ruby{23,24,25}-rack16<1.6.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16471
|
|
ruby{23,24,25}-rack<2.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16471
|
|
php{56,70,71,72}-basercms<4.1.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18942
|
|
php{56,70,71,72}-basercms<4.1.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18943
|
|
ruby{23,24,25}-i18n<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-10077
|
|
nginx<1.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16843
|
|
nginx>=1.15<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16843
|
|
nginx<1.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16844
|
|
nginx>=1.15<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16844
|
|
powerdns<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851
|
|
powerdns>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851
|
|
pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851
|
|
pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851
|
|
powerdns>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626
|
|
pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626
|
|
pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626
|
|
pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14644
|
|
pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14644
|
|
lighttpd<1.4.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-19052
|
|
poppler<0.72.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19058
|
|
poppler<0.72.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-19059
|
|
poppler<0.72.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19060
|
|
librecad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19105
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19107
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19108
|
|
postgresql93-server<9.3.25 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850
|
|
postgresql94-server<9.4.20 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850
|
|
postgresql95-server<9.5.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850
|
|
postgresql96-server<9.6.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850
|
|
postgresql10-server<10.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850
|
|
squid-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19131
|
|
squid-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19132
|
|
jasper<2.0.19 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19139
|
|
poppler<0.70.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19149
|
|
caddy<0.11.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19148
|
|
poppler<0.70.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19149
|
|
thunderbird<60.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/
|
|
py{27,34,35,36,37,38}-crypto-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
uriparser<0.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-19198
|
|
uriparser<0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19199
|
|
uriparser<0.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19200
|
|
php{56,70,71,72}-roundcube-plugin-enigma<1.3.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19205
|
|
php{56,70,71,72}-roundcube<1.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19206
|
|
libwpd-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19208
|
|
tiff<4.0.10nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19210
|
|
ncurses<6.1nb7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19211
|
|
ncurses<6.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19217
|
|
nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19209
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19213
|
|
nasm<2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19214
|
|
nasm<2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19215
|
|
nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-19216
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19218
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19219
|
|
adobe-flash-player<31.0.0.148 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb18-39.html
|
|
asterisk>=15.0<15.6.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-010.html
|
|
harfbuzz<1.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9274
|
|
qemu<3.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18954
|
|
webkit1-gtk{,3}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
go-net<20180713 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17075
|
|
go-net<20180926 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17142
|
|
go-net<20180926 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17143
|
|
go-net<20190126 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-17846
|
|
go-net<20190126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17847
|
|
go-net<20190126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17848
|
|
py{27,34,35,36,37,38}-notebook<5.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19351
|
|
py{27,34,35,36,37,38}-notebook<5.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19352
|
|
gnome-keyring-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19358
|
|
xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html
|
|
xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html
|
|
xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html
|
|
xenkernel48<4.8.5 privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html
|
|
xenkernel411<4.11.0nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html
|
|
xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-276.html
|
|
xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-277.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-279.html
|
|
xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-279.html
|
|
xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-279.html
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html
|
|
xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-280.html
|
|
xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-280.html
|
|
u-boot<2018.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18439
|
|
u-boot<2018.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18440
|
|
php<7.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19396
|
|
webkit-gtk<2.22.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0008.html
|
|
ghostscript-agpl<9.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-19409
|
|
ghostscript-gpl-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-19409
|
|
libsndfile<1.0.28nb3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19432
|
|
adobe-flash-player<31.0.0.153 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb18-44.html
|
|
php56-imap<5.6.39 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518
|
|
php70-imap<7.0.33 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518
|
|
php71-imap<7.1.25 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518
|
|
php72-imap<7.2.13 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518
|
|
py{27,34,35,36,37,38}-tryton>=5.0.0<5.0.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-19443
|
|
openssl<1.0.2q timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-5407
|
|
openssl>=1.1.0<1.1.0i timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-5407
|
|
ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19475
|
|
ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19475
|
|
ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19476
|
|
ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19476
|
|
ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19477
|
|
ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19477
|
|
git-base<2.19.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19486
|
|
gnuplot<5.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19490
|
|
gnuplot<5.2.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19491
|
|
gnuplot<5.2.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19492
|
|
faad2<2.9.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19502
|
|
faad2<2.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19503
|
|
faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19504
|
|
qpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18020
|
|
tcpdump-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19519
|
|
podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19532
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19535
|
|
jasper<2.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19539
|
|
jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19540
|
|
jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19541
|
|
jasper<2.0.17 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19542
|
|
jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19543
|
|
pdns-recursor>=4.1.0<4.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16855
|
|
moodle<3.5.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-16854
|
|
dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19565
|
|
dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19566
|
|
dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19567
|
|
dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19568
|
|
dnsdist<1.3.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-14663
|
|
ruby{23,24,25}-activejob42<4.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16476
|
|
ruby{23,24,25}-activejob51<5.1.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16476
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19607
|
|
samba>=4.0.0<4.9.3 denial-of-service https://www.samba.org/samba/security/CVE-2018-14629.html
|
|
samba>=4.3.0<4.9.3 double-free https://www.samba.org/samba/security/CVE-2018-16841.html
|
|
samba>=4.0.0<4.9.3 denial-of-service https://www.samba.org/samba/security/CVE-2018-16851.html
|
|
avahi-[0-9]* traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2018-1000845
|
|
nodejs<6.15.0 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2018-12116
|
|
nodejs>=8<8.14.0 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2018-12116
|
|
nodejs<6.15.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12120
|
|
nodejs<6.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121
|
|
nodejs>=8<8.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121
|
|
nodejs>=10<10.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121
|
|
nodejs<6.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122
|
|
nodejs>=8<8.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122
|
|
nodejs>=10<10.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122
|
|
nodejs<6.15.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123
|
|
nodejs>=8<8.14.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123
|
|
nodejs>=10<10.14.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123
|
|
samba>=4.9.0<4.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16852
|
|
samba>=4.9.0<4.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16853
|
|
samba>=4.9.0<4.9.3 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16857
|
|
qemu<4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19665
|
|
dcraw-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19655
|
|
wireshark<2.4.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19622
|
|
wireshark>=2.6.0<2.6.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19622
|
|
wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19623
|
|
wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19623
|
|
wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19624
|
|
wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19624
|
|
wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19625
|
|
wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19625
|
|
wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19626
|
|
wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19626
|
|
wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19627
|
|
wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19627
|
|
wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19628
|
|
lighttpd<1.4.20 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4359
|
|
lighttpd<1.4.20 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4360
|
|
seamonkey<2.4 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-41.html
|
|
seamonkey<2.4 information-disclosure https://www.mozilla.org/security/announce/2011/mfsa2011-45.html
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19661
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19662
|
|
libjpeg-turbo<2.0.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19664
|
|
freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8784
|
|
freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8785
|
|
freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8786
|
|
freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8787
|
|
freerdp<2.0.0rc4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-8788
|
|
freerdp<2.0.0rc4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-8789
|
|
perl<5.28.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18311
|
|
perl<5.28.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18312
|
|
perl<5.26.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18313
|
|
perl<5.26.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18314
|
|
sleuthkit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19497
|
|
nasm<2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19755
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19756
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19757
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19759
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19761
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19762
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19763
|
|
confuse<3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19760
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19758
|
|
mxml-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19764
|
|
mupdf-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19777
|
|
py{27,34,35,36,37,38}-lxml<4.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19787
|
|
libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19797
|
|
libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19827
|
|
gnutls<3.6.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-16868
|
|
nettle<3.4.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-16869
|
|
polkit-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19788
|
|
ruby1{8,9}-puppet<2.7.18 spoofing https://nvd.nist.gov/vuln/detail/CVE-2012-3408
|
|
nss<3.40.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12404
|
|
libsass<3.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19837
|
|
libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19838
|
|
libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19839
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19840
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19841
|
|
radare2<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19842
|
|
radare2<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19843
|
|
vault<1.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19786
|
|
qt5-qtbase<5.11.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19865
|
|
vlc<3.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19857
|
|
webkit-gtk<2.22.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19876
|
|
mbedtls<2.7.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-19608
|
|
mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19881
|
|
mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19882
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19886
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19887
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19888
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19889
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19890
|
|
faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19891
|
|
adobe-flash-player<32.0.0.101 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb18-42.html
|
|
php{53,54}-owncloud<5.0.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2013-2085
|
|
py{27,34,35,36,37,38}-httplib2-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-2037
|
|
jenkins-lts<2.138.4 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-12-05/
|
|
jenkins<2.154 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-12-05/
|
|
php-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
php-7.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html
|
|
xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-282.html
|
|
xenkernel411<4.11.1 denial-of-service https://xenbits.xen.org/xsa/advisory-282.html
|
|
binutils<2.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19931
|
|
binutils<2.32 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19932
|
|
php56-imap<5.6.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935
|
|
php70-imap<7.0.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935
|
|
php71-imap<7.1.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935
|
|
php72-imap<7.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935
|
|
libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5800
|
|
libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5801
|
|
libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5802
|
|
libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5804
|
|
libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5805
|
|
libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5806
|
|
libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5807
|
|
libraw<0.18.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5808
|
|
libraw<0.18.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5809
|
|
libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5810
|
|
libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5811
|
|
libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5812
|
|
consul<1.4.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19653
|
|
binutils<2.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20002
|
|
mxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20004
|
|
mxml-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-20005
|
|
php{56,70,71,72,73}-phpmyadmin<4.8.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-19968
|
|
php{56,70,71,72,73}-phpmyadmin<4.8.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-19969
|
|
php{56,70,71,72,73}-phpmyadmin<4.8.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19970
|
|
py{27,34,35,36,37,38}-urllib3<1.2.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-20060
|
|
firefox<64.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/
|
|
firefox60<60.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20096
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20097
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20098
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20099
|
|
haproxy<1.8.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20102
|
|
haproxy<1.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20103
|
|
inetutils-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-0469
|
|
grafana<4.6.5 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-19039
|
|
qemu<3.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-19364
|
|
qemu<3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19489
|
|
webkit-gtk<2.22.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0009.html
|
|
qemu<4.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-16872
|
|
go<1.10.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16873
|
|
go>=1.11<1.11.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16873
|
|
go<1.10.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16874
|
|
go>=1.11<1.11.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16874
|
|
go<1.10.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16875
|
|
go>=1.11<1.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16875
|
|
wordpress<5.0.1 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2018-20147
|
|
wordpress<5.0.1 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20148
|
|
wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20149
|
|
wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20150
|
|
wordpress<5.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20151
|
|
wordpress<5.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-20152
|
|
wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20153
|
|
sqlite3<3.25.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20346
|
|
couchdb<2.3.0 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-17188
|
|
nagios-base<4.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18245
|
|
icinga-base>=2<2.6.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-18246
|
|
icinga-base>=2<2.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18247
|
|
icinga-base>=2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18248
|
|
icinga-base>=2<2.6.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-18249
|
|
icinga-base>=2<2.6.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-18250
|
|
yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19974
|
|
yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19975
|
|
yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19976
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20123
|
|
GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20184
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20185
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20189
|
|
libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20190
|
|
libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5817
|
|
libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5818
|
|
libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5819
|
|
libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20030
|
|
faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20194
|
|
faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20195
|
|
faad2<2.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20196
|
|
faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20197
|
|
faad2<2.8.8nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20198
|
|
faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20199
|
|
ruby{193,200,21,22,23,24,25}-sprockets>=2.2<2.2.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-7819
|
|
ruby{193,200,21}-sprockets>=2.8<2.8.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-7819
|
|
libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6307
|
|
libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15126
|
|
libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15127
|
|
libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20019
|
|
libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20020
|
|
libVNCServer<0.9.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20021
|
|
libVNCServer<0.9.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20022
|
|
libVNCServer<0.9.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20023
|
|
libVNCServer<0.9.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20024
|
|
netatalk22<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160
|
|
netatalk30<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160
|
|
netatalk3<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160
|
|
grafana<5.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000816
|
|
freecol-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2018-1000825
|
|
zoneminder<1.32.3 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000832
|
|
zoneminder<1.32.3 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000833
|
|
freerdp-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000852
|
|
gnupg2<2.2.12 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-1000858
|
|
binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000876
|
|
libarchive>=3.1.0<3.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000877
|
|
libarchive>=3.1.0<3.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000878
|
|
libarchive>=3.3.0<3.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-1000879
|
|
libarchive>=3.2.0<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000880
|
|
mbedtls1-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000886
|
|
knc<1.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9732
|
|
elasticsearch>=6.4.0<6.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-17244
|
|
elasticsearch>=6.5.0<6.5.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2018-17247
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19134
|
|
ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19134
|
|
qemu<4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20124
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20125
|
|
qemu<4.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20126
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20191
|
|
qemu<4.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-20216
|
|
libjpeg-turbo<2.0.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20330
|
|
libraw<0.20.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20337
|
|
faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20357
|
|
faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20358
|
|
faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20359
|
|
faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20360
|
|
faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20361
|
|
faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20362
|
|
libraw<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20363
|
|
libraw<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20364
|
|
libraw<0.19.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20365
|
|
xchat-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python36<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20406
|
|
python37<3.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20406
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20425
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20426
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20427
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20428
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20429
|
|
libextractor<1.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20430
|
|
libextractor<1.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20431
|
|
radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20455
|
|
radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20456
|
|
radare2<3.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20457
|
|
radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20458
|
|
radare2<3.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20459
|
|
radare2<3.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20460
|
|
radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20461
|
|
ImageMagick<7.0.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20467
|
|
poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20481
|
|
gtar-base<1.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20482
|
|
wget<1.20.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20483
|
|
mit-krb5<1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20217
|
|
qt5-qtbase<5.11.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-15518
|
|
qt5-qtbase<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19870
|
|
qt5-qtbase<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19873
|
|
qt5-qtimageformats<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19871
|
|
qt5-qtsvg<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19869
|
|
wireshark<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12086
|
|
wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12086
|
|
py{27,34,35,36,37,38}-mezzanine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16632
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20535
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20538
|
|
libcaca-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2018-20544
|
|
libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20545
|
|
libcaca-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20546
|
|
libcaca-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20547
|
|
libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20548
|
|
libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20549
|
|
tcpreplay<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20552
|
|
tcpreplay<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20553
|
|
poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20551
|
|
jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20570
|
|
yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20573
|
|
yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20574
|
|
#jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20584 Disputed, see https://github.com/jasper-maint/jasper/issues/19
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20591
|
|
mxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20592
|
|
mxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20593
|
|
netbeans-ide<10.0 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17191
|
|
jasper<2.0.19 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20622
|
|
binutils<2.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-20623
|
|
binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20651
|
|
binutils-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20657
|
|
poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20650
|
|
ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19478
|
|
ghostscript-agpl<9.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19478
|
|
aria2<1.35.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3500
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3573
|
|
libsixel<1.8.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3574
|
|
ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3572
|
|
ansible<2.6.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16876
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20230
|
|
poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20662
|
|
py{27,34,35,36,37,38}-django<1.11.18 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498
|
|
py{34,35,36,37,38}-django>=2.0<2.0.10 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498
|
|
py{34,35,36,37,38}-django>=2.1<2.1.5 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498
|
|
py27-django-1.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{27,34,35,36}-django-1.8.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
uriparser<0.9.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20721
|
|
rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8791
|
|
rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8792
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8793
|
|
rdesktop<1.8.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-8794
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8795
|
|
rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8796
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8797
|
|
rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8798
|
|
rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8799
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8800
|
|
rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20174
|
|
rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20175
|
|
rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20176
|
|
rdesktop<1.8.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-20177
|
|
rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20178
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20179
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20180
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20181
|
|
rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20182
|
|
binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20671
|
|
binutils-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20673
|
|
qemu<3.1.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16867
|
|
wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5716
|
|
wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5717
|
|
wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5717
|
|
wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5718
|
|
wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5718
|
|
wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5719
|
|
wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5719
|
|
wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5721
|
|
mate-screensaver<1.20.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20681
|
|
gitolite<3.6.11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20683
|
|
irssi<1.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-5882
|
|
tiff<4.0.10nb1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-6128
|
|
mupdf<1.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6130
|
|
mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6131
|
|
openssh<8.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-20685
|
|
openssh<8.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-6109
|
|
openssh<8.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-6110
|
|
openssh<8.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6111
|
|
polkit-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6133
|
|
zeromq>=4.2.0<4.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6250
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20712
|
|
yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6285
|
|
yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6292
|
|
libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6283
|
|
libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6284
|
|
libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6286
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6290
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6291
|
|
flex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6293
|
|
php{56,70,71,72}-drupal>=8<8.3.7 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-004
|
|
php{56,70,71,72}-tiki6<17.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20719
|
|
mysql-server>=5.6<5.6.43 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.25 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL
|
|
mariadb-server>=5.5<5.5.63 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.202 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA
|
|
openjdk8<1.8.202 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA
|
|
bind>=9.9<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138
|
|
bind>=9.10<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138
|
|
bind>=9.11<9.11.0pl5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138
|
|
bind>=9.12<9.12.1pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5736
|
|
bind>=9.12<9.12.1pl2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5737
|
|
bind>=9.9<9.9.13pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740
|
|
bind>=9.10<9.10.8pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740
|
|
bind>=9.11<9.11.4pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740
|
|
bind>=9.12<9.12.2pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740
|
|
bind>=9.11<9.11.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-5741
|
|
bind>=9.12<9.12.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-5741
|
|
cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20723
|
|
cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20724
|
|
cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20725
|
|
cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20726
|
|
cairo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6461
|
|
cairo<1.16.0nb8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6462
|
|
py{27,34,35,36,37,38}-numpy-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6446
|
|
php{56,70,71,72}-drupal>=7<7.62 unspecified https://www.drupal.org/SA-CORE-2019-001
|
|
php{56,70,71,72}-drupal>=8<8.6.6 unspecified https://www.drupal.org/SA-CORE-2019-001
|
|
php{56,70,71,72}-drupal>=7<7.62 arbitrary-code-execution https://www.drupal.org/SA-CORE-2019-002
|
|
php{56,70,71,72}-drupal>=8<8.6.6 arbitrary-code-execution https://www.drupal.org/SA-CORE-2019-002
|
|
jenkins-lts<2.150.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-01-16/
|
|
jenkins<2.160 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-01-16/
|
|
mysql-client>=5.5<5.5.62nb1 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/
|
|
mysql-client>=5.6<5.6.42nb1 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/
|
|
mysql-client>=5.7<5.7.24nb2 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/
|
|
pdns-recursor>=4.1.0<4.1.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3806
|
|
pdns-recursor>=4.1.0<4.1.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3807
|
|
firefox<68.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt
|
|
cliqz<1.28.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt
|
|
firefox60-[0-9]* information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt
|
|
tor-browser<9.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt
|
|
apache>=2.4.17<2.4.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17189
|
|
apache>=2.4.37<2.4.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0190
|
|
apache>=2.4.0<2.4.38 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-17199
|
|
opensc<0.20.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-6502
|
|
ap{22,24}-subversion<1.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11803
|
|
lua53<5.3.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-6706
|
|
go110<1.10.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-6486
|
|
go111<1.11.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-6486
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6777
|
|
postgresql{10,94,95,96}-postgis2<2.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18359
|
|
mumble<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20743
|
|
faad2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-6956
|
|
php{56,70,71,72,73}-phpmyadmin<4.8.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-6798
|
|
php{56,70,71,72,73}-phpmyadmin<4.8.5 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-6799
|
|
gd<2.3.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977
|
|
php56-gd<5.6.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977
|
|
php71-gd<7.1.26 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977
|
|
php72-gd<7.2.14 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977
|
|
php73-gd<7.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6116
|
|
ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6116
|
|
py27-gnupg<0.4.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6690
|
|
gd<2.3.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-6978
|
|
openjpeg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6988
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6990
|
|
zoneminder-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6991
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6992
|
|
firefox<65.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/
|
|
firefox60<60.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/
|
|
nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-7147
|
|
thunderbird<60.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/
|
|
thunderbird<60.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/
|
|
libvncserver<0.9.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20748
|
|
libvncserver<0.9.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20749
|
|
libvncserver-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20750
|
|
rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1000018
|
|
rssh-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
npm<6.2.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16487
|
|
npm<6.4.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16492
|
|
poppler<0.74.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7310
|
|
php{56,70,71,72}-pear<1.10.7nb1 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2018-1000888
|
|
py{27,34,35,36,37,38}-buildbot<1.8.1 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-7313
|
|
libreoffice<6.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16858
|
|
rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3463
|
|
rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3464
|
|
podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20751
|
|
agg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6245
|
|
agg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6247
|
|
png<1.6.37 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-7317
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7325
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7326
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7327
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7328
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7329
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7330
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7331
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7332
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7333
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7334
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7335
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7336
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7337
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7338
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7339
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7340
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7341
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7342
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7343
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7344
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7345
|
|
zoneminder-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-7346
|
|
zoneminder-[0-9]* improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2019-7347
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7348
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7349
|
|
zoneminder-[0-9]* session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-7350
|
|
zoneminder-[0-9]* log-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7351
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7352
|
|
cvsweb<3.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000998
|
|
rebar3>3.7<3.8.0 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-1000014
|
|
ffmpeg4<4.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1000016
|
|
libarchive>=3.0.2<3.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1000019
|
|
libarchive>=2.8.0<3.4.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-1000020
|
|
ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7395
|
|
ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7395
|
|
ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7396
|
|
ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7396
|
|
ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7397
|
|
ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7397
|
|
ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7398
|
|
ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7398
|
|
dovecot<2.3.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3814
|
|
curl>=7.36.0<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16890
|
|
gnurl<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16890
|
|
curl>=7.36.0<7.64.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-3822
|
|
gnurl<7.64.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-3822
|
|
curl>=7.34.0<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3823
|
|
gnurl<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3823
|
|
gdm<3.31.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3825
|
|
cgiirc<0.5.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8920
|
|
gpac<0.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20760
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20761
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20762
|
|
gpac<0.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20763
|
|
py{27,34,35,36,37,38}-sqlalchemy<1.3.0b3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7548
|
|
ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-7581
|
|
ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-7582
|
|
SDL<1.2.15nb27 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7572
|
|
SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7572
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7573
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7573
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7574
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7574
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7575
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7575
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7576
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7576
|
|
SDL<1.2.15nb27 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7577
|
|
SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7577
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7578
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7578
|
|
ghostscript-gpl-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
guacamole-server<1.0.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-1340
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7635
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7635
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7636
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7636
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7637
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7637
|
|
SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7638
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7638
|
|
tiff<4.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7663
|
|
gsoap>=2.7<2.8.75 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7659
|
|
webkit-gtk<2.22.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0001.html
|
|
py{27,34,35,36,37,38}-django<1.11.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975
|
|
py{34,35,36,37,38}-django>=2.0<2.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975
|
|
py{34,35,36,37,38}-django>=2.1<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975
|
|
thunderbird-enigmail<2.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15586
|
|
seamonkey-enigmail<2.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15586
|
|
evolution<3.31.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15587
|
|
bitcoin>=0.12.0<0.17.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2018-20587
|
|
adobe-flash-player<32.0.0.142 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb19-06.html
|
|
gnome-keyring<3.27.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20781
|
|
firefox<65.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/
|
|
firefox60<60.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/
|
|
msmtp>=1.8.2<1.8.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-8337
|
|
thunderbird<60.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/
|
|
nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-8343
|
|
sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8354
|
|
sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8355
|
|
sox-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8356
|
|
sox-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-8357
|
|
hiawatha<10.8.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-8358
|
|
tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8376
|
|
tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8377
|
|
tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8381
|
|
advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8379
|
|
advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8383
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8396
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8397
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8398
|
|
zabbix<3.4.4rc1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2016-10742
|
|
zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8423
|
|
zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8424
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-8425
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-8426
|
|
zoneminder-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8427
|
|
zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8428
|
|
zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8429
|
|
file<5.36 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8904
|
|
file<5.36 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8905
|
|
file<5.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8906
|
|
file<5.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8907
|
|
qemu<4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3812
|
|
ansible<2.6.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-3828
|
|
liblive<20181017 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-4013
|
|
liblive<20181126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6256
|
|
wordpress<5.0.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8942
|
|
wordpress-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-8943
|
|
py{27,34,35,36,37,38}-sqlalchemy<1.3.0b3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7164
|
|
php{56,70,71,72,73}-drupal>=8<8.6.10 remote-code-execution https://www.drupal.org/SA-CORE-2019-003
|
|
php<5.6.39 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783
|
|
php>=7.0<7.0.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783
|
|
php>=7.1<7.1.25 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783
|
|
php>=7.2<7.2.13 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783
|
|
tor<0.3.5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8955
|
|
bind>=9.11<9.11.5pl4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5744
|
|
bind>=9.11<9.11.5pl4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5745
|
|
bind>=9.11<9.11.5pl4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6465
|
|
bind>=9.12<9.12.3pl4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5744
|
|
bind>=9.12<9.12.3pl4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5745
|
|
bind>=9.12<9.12.3pl4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6465
|
|
php56-xmlrpc<5.6.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020
|
|
php71-xmlrpc<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020
|
|
php72-xmlrpc<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020
|
|
php73-xmlrpc<7.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020
|
|
php>=5.6<5.6.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021
|
|
php>=7.1<7.1.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021
|
|
php>=7.2<7.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021
|
|
php>=7.3<7.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021
|
|
php>=7.1<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022
|
|
php>=7.2<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022
|
|
php>=7.3<7.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022
|
|
php56-mbstring<5.6.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023
|
|
php71-mbstring<7.1.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023
|
|
php72-mbstring<7.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023
|
|
php73-mbstring<7.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023
|
|
php56-xmlrpc<5.6.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024
|
|
php71-xmlrpc<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024
|
|
php72-xmlrpc<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024
|
|
php73-xmlrpc<7.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024
|
|
php73-mbstring<7.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9025
|
|
matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9026
|
|
matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9027
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9028
|
|
matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9029
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9030
|
|
matio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9031
|
|
matio-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9032
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9033
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9034
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9035
|
|
matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9036
|
|
matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9037
|
|
matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9038
|
|
binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9070
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9071
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9072
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9073
|
|
binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9074
|
|
binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9075
|
|
binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9076
|
|
binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9077
|
|
vim<8.1.0633 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20786
|
|
webkit-gtk<2.24.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8375
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9113
|
|
ming-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9114
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9143
|
|
exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9144
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9151
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9152
|
|
openssl<1.0.2r oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-1559
|
|
podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9199
|
|
poppler<0.75.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9200
|
|
podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20797
|
|
advancecomp-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9210
|
|
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9211
|
|
wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208
|
|
wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208
|
|
wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9209
|
|
wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9209
|
|
wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214
|
|
wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214
|
|
liblive<20190227 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9215
|
|
ikiwiki<3.20190228 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-9187
|
|
asterisk>=15.0<15.7.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html
|
|
asterisk>=16.0<16.2.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html
|
|
nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737
|
|
nodejs>=8<8.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737
|
|
nodejs>=10<10.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737
|
|
nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5739
|
|
poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9543
|
|
poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9545
|
|
python27<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1752
|
|
python27<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010
|
|
python34<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010
|
|
python35<3.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010
|
|
python36<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010
|
|
python37<3.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010
|
|
consul>=1.4<1.4.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-8336
|
|
openssl>=1.1.0<1.1.0k security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-1543
|
|
openssl>=1.1.1<1.1.1c security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-1543
|
|
samba>=4.1<4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3824
|
|
webmin-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9624
|
|
xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9587
|
|
xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9588
|
|
xpdf<4.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9589
|
|
xenkernel45-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html
|
|
xenkernel46-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html
|
|
xenkernel48-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html
|
|
xenkernel411<4.11.1nb1 memory-leak https://xenbits.xen.org/xsa/advisory-284.html
|
|
xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html
|
|
xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html
|
|
xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html
|
|
xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-287.html
|
|
xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html
|
|
xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html
|
|
xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html
|
|
xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-290.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html
|
|
xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-291.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html
|
|
xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-292.html
|
|
xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html
|
|
xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html
|
|
xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html
|
|
xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html
|
|
xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html
|
|
xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-294.html
|
|
xenkernel45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xenkernel46-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools46-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
trafficserver<7.1.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11783
|
|
gdk-pixbuf2<2.38.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12447
|
|
libjpeg-turbo<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14498
|
|
binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14038
|
|
go-dns<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17419
|
|
ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7175
|
|
ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7175
|
|
poppler<0.76.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9631
|
|
botan>=1.11.20<2.8.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-20187
|
|
glib2<2.59.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9633
|
|
python27<2.7.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636
|
|
python34<3.4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636
|
|
python35<3.5.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636
|
|
python36<3.6.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636
|
|
python37<3.7.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636
|
|
php>=7.1<7.1.27 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637
|
|
php>=7.2<7.2.16 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637
|
|
php>=7.3<7.3.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637
|
|
php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638
|
|
php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638
|
|
php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638
|
|
php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639
|
|
php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639
|
|
php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639
|
|
php71-exif<7.1.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640
|
|
php72-exif<7.2.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640
|
|
php73-exif<7.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640
|
|
php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641
|
|
php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641
|
|
php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641
|
|
ntp<4.2.8p13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8936
|
|
libofx-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9656
|
|
podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9687
|
|
vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9704
|
|
vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9705
|
|
vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9706
|
|
ruby24-base<2.4.5nb1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320
|
|
ruby25-base<2.5.3nb2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320
|
|
ruby26-base<2.6.1nb1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320
|
|
ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321
|
|
ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321
|
|
ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321
|
|
ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322
|
|
ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322
|
|
ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322
|
|
ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323
|
|
ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323
|
|
ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323
|
|
ruby24-base<2.4.5nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324
|
|
ruby25-base<2.5.3nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324
|
|
ruby26-base<2.6.1nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324
|
|
ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325
|
|
ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325
|
|
ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325
|
|
py{27,34,35,36,37}-notebook<5.7.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-9644
|
|
ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9718
|
|
ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9721
|
|
ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9718
|
|
ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9721
|
|
xmltooling<3.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9628
|
|
python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740
|
|
python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740
|
|
python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740
|
|
python36<3.6.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740
|
|
python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740
|
|
go111-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9741
|
|
gpsd>=2.90<3.18 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17937
|
|
wordpress<5.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-9787
|
|
liblive<20190203 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7314
|
|
qemu<4.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-9824
|
|
ruby{22,23,24,25,26}-actionpack42<4.2.11.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418
|
|
ruby{22,23,24,25,26}-actionpack51<5.1.6.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418
|
|
ruby{22,23,24,25,26}-actionpack52<5.2.2.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418
|
|
ruby{22,23,24,25,26}-actionpack42<4.2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419
|
|
ruby{22,23,24,25,26}-actionpack51<5.1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419
|
|
ruby{22,23,24,25,26}-actionpack52<5.2.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419
|
|
libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3855
|
|
libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3856
|
|
libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3857
|
|
libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3858
|
|
libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3859
|
|
libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3860
|
|
libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3861
|
|
libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3862
|
|
libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3863
|
|
firefox<66.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/
|
|
firefox60<60.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/
|
|
php{56,70,71,72,73}-drupal>=7<7.65 cross-site-scripting https://www.drupal.org/SA-CORE-2019-004
|
|
php{56,70,71,72,73}-drupal>=8<8.6.13 cross-site-scripting https://www.drupal.org/SA-CORE-2019-004
|
|
ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3835
|
|
ghostscript-agpl<9.27 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3835
|
|
ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3838
|
|
ghostscript-agpl<9.27 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3838
|
|
dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2659
|
|
p5-Email-Address-List<0.06 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18898
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19191
|
|
qt5-qtbase-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19872
|
|
haproxy<1.8.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20615
|
|
libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3832
|
|
qemu<4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6501
|
|
qemu<4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6778
|
|
qemu<4.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-8934
|
|
moodle>=3.5<3.5.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-6970
|
|
xpdf<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9877
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9878
|
|
putty<0.71 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9894
|
|
putty<0.71 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9895
|
|
putty<0.71 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9897
|
|
putty<0.71 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-9898
|
|
poppler<0.75.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9903
|
|
graphviz-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9904
|
|
powerdns<4.0.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3871
|
|
powerdns>=4.1.0<4.1.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3871
|
|
fuse-ntfs-3g-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-9755
|
|
gtar-base<1.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9923
|
|
bash<4.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9924
|
|
sqlite3<3.28.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9936
|
|
sqlite3<3.28.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9937
|
|
firefox<66.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/
|
|
firefox60<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/
|
|
python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
|
|
python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
|
|
python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
|
|
python36-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
|
|
python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947
|
|
python27<2.7.17 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
|
|
python34-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
|
|
python35-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
|
|
python36<3.6.9 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
|
|
python37<3.7.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948
|
|
ImageMagick6<6.9.10.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956
|
|
ImageMagick<7.0.8.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956
|
|
gitea-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-15192
|
|
ap24-auth-mellon<0.14.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-3877
|
|
ap24-auth-mellon<0.14.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3878
|
|
xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10018
|
|
xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10019
|
|
xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10020
|
|
xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10021
|
|
xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10022
|
|
xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10023
|
|
xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10024
|
|
xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10025
|
|
xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10026
|
|
moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3808
|
|
moodle<3.1.16 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-3809
|
|
moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3810
|
|
gvfs<1.39.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3827
|
|
elasticsearch<6.6.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-7611
|
|
thunderbird<60.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/
|
|
thunderbird<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-12/
|
|
prometheus<2.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3826
|
|
moodle<3.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3848
|
|
moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3849
|
|
moodle<3.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3850
|
|
moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3851
|
|
moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3852
|
|
consul<1.4.4 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9764
|
|
qemu<4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20815
|
|
gnutls>=3.5.8<3.6.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-3829
|
|
gnutls>=3.6.4<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3836
|
|
glpi<9.4.1.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10231
|
|
glpi<9.4.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10232
|
|
glpi<9.4.1.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2019-10233
|
|
libvirt<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3840
|
|
moodle<3.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3847
|
|
znc<1.7.3rc1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9917
|
|
jetty<9.4.12.20180830 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12545
|
|
jetty-7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
dovecot<2.3.5.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7524
|
|
py{27,34,35,36,37,38}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10255
|
|
ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10649
|
|
ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10649
|
|
ImageMagick6<6.9.10.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10650
|
|
ImageMagick<7.0.8.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10650
|
|
lzo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10654
|
|
bwa-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10269
|
|
apache>=2.4.17<2.4.39 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-0196
|
|
apache>=2.4.34<2.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0197
|
|
apache>=2.4.17<2.4.39 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-0211
|
|
apache>=2.4.27<2.4.39 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-0215
|
|
apache>=2.4<2.4.39 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-0217
|
|
apache>=2.4<2.4.39 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-0220
|
|
ImageMagick6<6.9.10.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-10714
|
|
ImageMagick<7.0.8.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-10714
|
|
sqlite3<3.25.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20505
|
|
sqlite3<3.25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20506
|
|
cups<2.2.10 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2018-4300
|
|
podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10723
|
|
py{27,34,35,36,37,38}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10856
|
|
libvirt>=4.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3886
|
|
py27-trytond<4.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10868
|
|
poppler<0.81.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10871
|
|
poppler<0.77.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10872
|
|
poppler<0.76.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10873
|
|
teeworlds<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10877
|
|
teeworlds<0.7.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-10878
|
|
teeworlds<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10879
|
|
roundup-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10904
|
|
py{27,34,35,36,37,38}-jinja2<2.8.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2016-10745
|
|
py{27,34,35,36,37,38}-jinja2<2.10.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10906
|
|
php{56,70,71,72,73}-roundcube-plugin-enigma-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10740
|
|
claws-mail-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10735
|
|
trojita-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10734
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896
|
|
wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10897
|
|
wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10898
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899
|
|
wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10900
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10902
|
|
wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903
|
|
wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903
|
|
wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11005
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11006
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11007
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11008
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11009
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11010
|
|
clamav>=0.101<0.101.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1785
|
|
clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1786
|
|
clamav<0.100.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1787
|
|
clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1787
|
|
clamav<0.100.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-1788
|
|
clamav>=0.101<0.101.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-1788
|
|
clamav<0.100.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1789
|
|
clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1789
|
|
clamav>=0.101<0.101.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-1798
|
|
graphviz-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-11023
|
|
libsixel<1.8.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-11024
|
|
cacti<1.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11025
|
|
poppler<0.76.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-11026
|
|
wget<1.20.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5953
|
|
samba>=4.9<4.10.2 information-disclosure https://www.samba.org/samba/security/CVE-2019-3870.html
|
|
samba>=3.2.0<4.10.2 symlink-attack https://www.samba.org/samba/security/CVE-2019-3880.html
|
|
php{56,70,71,72,73}-contao35<3.5.39 improper-session-handling https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10641
|
|
ruby22-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby23-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
adobe-flash-player<32.0.0.171 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb19-19.html
|
|
jenkins-lts<2.164.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-04-10/
|
|
jenkins<2.172 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-04-10/
|
|
gradle>=1.4<5.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-11065
|
|
wpa_supplicant<2.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-9494
|
|
wpa_supplicant<2.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-9495
|
|
wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9496
|
|
wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9497
|
|
wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9498
|
|
wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9499
|
|
apache-tomcat>=8.5.0<8.5.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0199
|
|
apache-tomcat>=9.0.0<9.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0199
|
|
webkit-gtk<2.24.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0002.html
|
|
libxslt<1.1.34 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2019-11068
|
|
lighttpd<1.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11072
|
|
magento<1.9.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7139
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11221
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11222
|
|
gitea<1.8.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-11228
|
|
gitea<1.8.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11229
|
|
py{27,34,35,36,37,38}-urllib3<1.25 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-11236
|
|
png<1.6.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14048
|
|
png<1.6.37 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14550
|
|
dovecot<2.3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10691
|
|
php{56,70,71,72,73}-contao35<3.5.37 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2018-20028
|
|
wpa_supplicant<2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11555
|
|
libvirt<1.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10746
|
|
php71-exif<7.1.28 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034
|
|
php72-exif<7.2.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034
|
|
php73-exif<7.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034
|
|
php71-exif<7.1.28 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035
|
|
php72-exif<7.2.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035
|
|
php73-exif<7.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035
|
|
py{27,34,35,36,37,38}-urllib3<1.24.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11324
|
|
ffmpeg2<2.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338
|
|
ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338
|
|
ffmpeg4<4.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338
|
|
ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11339
|
|
teamspeak-client<3.2.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11351
|
|
qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5008
|
|
libmediainfo<20.03 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11372
|
|
libmediainfo<20.03 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11373
|
|
php{56,70,71,72,73}-drupal>=8<8.6.15 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-005
|
|
php{56,70,71,72,73}-drupal>=7<7.66 cross-site-scripting https://www.drupal.org/SA-CORE-2019-006
|
|
php{56,70,71,72,73}-drupal>=8<8.6.15 cross-site-scripting https://www.drupal.org/SA-CORE-2019-006
|
|
ekiga<3.3.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-1830
|
|
freeradius<3.0.19 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-11234
|
|
freeradius<3.0.19 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11235
|
|
bwa-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11371
|
|
py27-mercurial<4.9 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3902
|
|
jetty<9.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10241
|
|
jetty<9.2.27.20190418 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10247
|
|
evince-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11459
|
|
gnome-desktop<3.30.2.2 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-11460
|
|
nautilus<3.30.6 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-11461
|
|
lepton-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20819
|
|
lepton-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20820
|
|
libsass<3.6.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20821
|
|
libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20822
|
|
ImageMagick<7.0.8.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11470
|
|
ImageMagick6<6.9.10.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11470
|
|
ImageMagick<7.0.8.41 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-11472
|
|
ImageMagick<6.9.10.41 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-11472
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11473
|
|
GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11474
|
|
mariadb-server>=5.5<5.5.64 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
|
|
mysql-server>=5.6<5.6.44 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.26 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.16 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.203 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
|
|
openjdk8<1.8.203 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11498
|
|
gst-plugins1-base<1.16.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9928
|
|
GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11505
|
|
GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11506
|
|
bind>=9.11<9.11.6pl1 denial-of-service https://kb.isc.org/docs/cve-2018-5743
|
|
bind>=9.12<9.12.4pl1 denial-of-service https://kb.isc.org/docs/cve-2018-5743
|
|
bind>=9.12<9.12.4pl1 denial-of-service https://kb.isc.org/docs/cve-2019-6467
|
|
firefox<58.0.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/
|
|
gitea<1.8.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11576
|
|
dhcpcd<7.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11577
|
|
dhcpcd<7.2.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2019-11578
|
|
dhcpcd<7.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11579
|
|
bind>=9.6<9.11.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
nss<3.39 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-12384
|
|
bugzilla<4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-5123
|
|
ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11597
|
|
ImageMagick6<6.9.10.42 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11597
|
|
ImageMagick<7.0.8.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11598
|
|
ImageMagick6<6.9.10.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11598
|
|
memcached<1.5.14 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-11596
|
|
filezilla<3.41.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-5429
|
|
dovecot<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11494
|
|
dovecot<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11499
|
|
npm<6.2.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-20834
|
|
ImageMagick<7.0.7.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10131
|
|
php71-exif<7.1.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036
|
|
php72-exif<7.2.18 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036
|
|
php73-exif<7.3.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036
|
|
u-boot<2019.07 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11690
|
|
php{56,70,71,72,73}-imagick<3.4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11037
|
|
dhcpcd<7.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11766
|
|
kauth<5.55 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-7443
|
|
mpg123<1.25.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12839
|
|
ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12805
|
|
ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12806
|
|
haproxy<1.9.7 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11323
|
|
go-crypto<0.0.20190320 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11840
|
|
libreoffice<6.2.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9847
|
|
postgresql94-server<9.4.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129
|
|
postgresql95-server<9.5.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129
|
|
postgresql96-server<9.6.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129
|
|
postgresql10-server<10.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129
|
|
postgresql11-server<11.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129
|
|
postgresql95-server<9.5.17 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130
|
|
postgresql96-server<9.6.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130
|
|
postgresql10-server<10.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130
|
|
postgresql11-server<11.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130
|
|
postgresql91-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
postgresql92-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
postgresql93-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
u-boot<2019.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11059
|
|
sqlite3<3.28.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-5018
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3839
|
|
ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3839
|
|
go-crypto<0.0.20190426 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-11841
|
|
rust>=1.34<1.34.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-12083
|
|
adobe-flash-player<32.0.0.192 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-26.html
|
|
xenkernel48-[0-9]* side-channel https://xenbits.xen.org/xsa/advisory-297.html
|
|
xenkernel411<4.11.2 side-channel https://xenbits.xen.org/xsa/advisory-297.html
|
|
samba>=4.0<4.10.3 invalid-validation https://www.samba.org/samba/security/CVE-2018-16860.html
|
|
php{56,70,71,72,73}-drupal>=7<7.67 path-traversal https://www.drupal.org/SA-CORE-2019-007
|
|
php{56,70,71,72,73}-drupal>=8<8.6.16 path-traversal https://www.drupal.org/SA-CORE-2019-007
|
|
intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12126
|
|
intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12127
|
|
intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12130
|
|
intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-11091
|
|
capstone<4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-7151
|
|
heimdal<7.6.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-16860
|
|
heimdal<7.6.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-12098
|
|
miniupnpd-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12107
|
|
miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12108
|
|
miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12109
|
|
miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12110
|
|
miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12111
|
|
rdesktop<1.8.5 multiple-vulnerabilities https://github.com/rdesktop/rdesktop/releases/tag/v1.8.5
|
|
webkit-gtk<2.24.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0003.html
|
|
freeimage-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12211
|
|
freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12212
|
|
freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12213
|
|
freeimage-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12214
|
|
SDL2_image<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12216
|
|
SDL2_image<2.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12217
|
|
SDL2_image<2.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12218
|
|
SDL2_image<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12219
|
|
SDL2_image<2.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12220
|
|
SDL2_image<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12221
|
|
SDL2_image<2.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12222
|
|
php-[0-9]* security-bypass https://seclists.org/bugtraq/2019/May/52
|
|
caff<2.10 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12222
|
|
qemu<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12155
|
|
thunderbird-enigmail<2.0.11 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12269
|
|
seamonkey-enigmail<2.0.11 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12269
|
|
curl>=7.62.0<7.65.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5435
|
|
gnurl>=7.62.0<7.65.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5435
|
|
curl>=7.19.4<7.65.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5436
|
|
gnurl>=7.19.4<7.65.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5436
|
|
firefox<67.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/
|
|
cliqz<1.27.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/
|
|
firefox60<60.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/
|
|
thunderbird<60.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/
|
|
wordpress-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-6514
|
|
gcc48-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886
|
|
gcc49-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886
|
|
gcc5-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886
|
|
gcc6-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886
|
|
gcc7-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886
|
|
gcc8-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886
|
|
gzip<1.3.9 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2003-0367
|
|
ghostscript-agpl<9.23 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15652
|
|
ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15652
|
|
zookeeper<3.4.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-0201
|
|
poppler<0.77.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12293
|
|
wireshark<2.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295
|
|
wireshark>=2.6<2.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295
|
|
wireshark>=3.0<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295
|
|
py{27,34,35,36,37,38}-buildbot<1.8.2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-12300
|
|
libwebp<0.5.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-9969
|
|
ampache-[0-9]* php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2017-18375
|
|
tor-browser<8.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12383
|
|
xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12360
|
|
horde-[0-9]* remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-9858
|
|
glib2>=2.15.0<2.60.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12450
|
|
gvfs>=1.29.4 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-12448
|
|
gvfs>=1.29.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12447
|
|
gvfs>=1.29.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12449
|
|
apache-roller>=5.1<5.2.2 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2018-17198
|
|
apache-tomcat>=7.0.0<7.0.94 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221
|
|
apache-tomcat>=8.5.0<8.5.40 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221
|
|
apache-tomcat>=9.0.0.M1<9.0.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221
|
|
sqlite3>=3.6.0<3.28.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457
|
|
gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12481
|
|
gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12482
|
|
gpac<0.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12483
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12493
|
|
gd<2.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038
|
|
php71-gd<7.1.30 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038
|
|
php72-gd<7.2.19 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038
|
|
php73-gd<7.3.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038
|
|
php71-iconv<7.1.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039
|
|
php72-iconv<7.2.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039
|
|
php73-iconv<7.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039
|
|
php71-exif<7.1.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040
|
|
php72-exif<7.2.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040
|
|
php73-exif<7.3.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040
|
|
R-RSQLite-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12515
|
|
py{27,34,35,36,37,38}-django<1.11.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308
|
|
py{34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308
|
|
py{34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358
|
|
ffmpeg2<2.8.16 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730
|
|
ffmpeg3<3.4.7 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730
|
|
ffmpeg4<4.1.4 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730
|
|
exim>=4.87<4.92 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10149
|
|
php{56,70,71,72,73}-phpmyadmin<4.9.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-11768
|
|
php{56,70,71,72,73}-phpmyadmin<4.9.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12616
|
|
vim<8.1.1365 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12735
|
|
mantis<2.13.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2018-9839
|
|
py{27,34,35,36,37,38}-parso-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12760
|
|
py{27,34,35,36,37,38}-xdg<0.26 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12761
|
|
python34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19800
|
|
aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19802
|
|
aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19801
|
|
bind>=9.12<9.13 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python27<2.7.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160
|
|
python35-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160
|
|
python36<3.6.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160
|
|
python37<3.7.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160
|
|
cyrus-imapd>=2.5<2.5.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11356
|
|
cyrus-imapd>=3.0<3.0.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11356
|
|
consul>=1.4<1.4.5 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-12291
|
|
consul>=1.5<1.5.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-12291
|
|
py{27,34,35,36,37,38}-twisted<19.2.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-12387
|
|
dbus<1.12.16 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12749
|
|
ruby{22,23,24,25,26}-ruby-openid-[0-9]* remote-unknown https://nvd.nist.gov/vuln/detail/CVE-2019-11027
|
|
radare2<3.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12790
|
|
adobe-flash-player<32.0.0.207 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-30.html
|
|
gvfs<1.40.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12795
|
|
mediawiki<1.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358
|
|
mediawiki<1.32.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-12466
|
|
mediawiki<1.32.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12467
|
|
mediawiki<1.32.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12468
|
|
mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12469
|
|
mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12470
|
|
mediawiki<1.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12471
|
|
mediawiki<1.32.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12472
|
|
mediawiki<1.32.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12473
|
|
mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12474
|
|
vlc<3.0.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5439
|
|
mupdf<1.15.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7321
|
|
mupdf<1.15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12798
|
|
radare2<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12802
|
|
radare2<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12829
|
|
radare2<3.6.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-12865
|
|
znc<1.7.3nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12816
|
|
php{56,71,72,73}-orangehrm<4.3.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12839
|
|
webmin-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12840
|
|
py{27,34,35,36,37,38}-twisted-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-12855
|
|
php{56,71}-concrete5<8.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19146
|
|
thunderbird<60.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/
|
|
vlc<3.0.7 multiple-vulnerabilities https://www.videolan.org/developers/vlc-branch/NEWS
|
|
bash<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2012-6711
|
|
vlc<3.0.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-12874
|
|
firefox<67.0.3 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
|
|
cliqz<1.27.3 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
|
|
firefox60<60.7.1 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
|
|
tor-browser<8.5.60.7.1 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
|
|
samba>=4.0<4.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12435
|
|
samba>=4.0<4.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12436
|
|
bind>=9.11<9.11.8 denial-of-service https://kb.isc.org/docs/cve-2019-6471
|
|
bind>=9.12<9.12.4pl2 denial-of-service https://kb.isc.org/docs/cve-2019-6471
|
|
bind>=9.14<9.14.3 denial-of-service https://kb.isc.org/docs/cve-2019-6471
|
|
bzip2<1.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12900
|
|
libgcrypt<1.8.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-12904
|
|
firefox<67.0.4 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
|
|
cliqz<1.27.4 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
|
|
firefox60<60.7.2 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
|
|
tor-browser<8.5.60.7.2 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
|
|
thunderbird<60.7.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/
|
|
mantis<2.17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16514
|
|
apache-tomcat>=8.5.0<8.5.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10072
|
|
apache-tomcat>=9.0.0.M1<9.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10072
|
|
postgresql10-server<10.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10164
|
|
postgresql11-server<11.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10164
|
|
libvirt>=0.9.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10161
|
|
libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10166
|
|
libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10167
|
|
libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10168
|
|
powerdns<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10162
|
|
powerdns>=4.1.0<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10162
|
|
powerdns<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10163
|
|
powerdns>=4.1.0<4.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10163
|
|
expat<2.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20843
|
|
xpdf>=4.0<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12957
|
|
xpdf>=4.0<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12958
|
|
binutils-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12972
|
|
openjpeg<2.3.1 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-20845
|
|
openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20847
|
|
moodle>=3.6<3.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133
|
|
moodle>=3.5<3.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133
|
|
moodle>=3.4<3.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133
|
|
moodle>=3.1<3.1.18 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133
|
|
openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20846
|
|
moodle>=3.6<3.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10154
|
|
ImageMagick<7.0.8.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12974
|
|
ImageMagick6<6.9.10.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12974
|
|
openjpeg<2.3.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12973
|
|
ImageMagick<7.0.8.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12975
|
|
ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12975
|
|
ImageMagick<7.0.8.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12976
|
|
ImageMagick6<6.9.10.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12976
|
|
ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12977
|
|
ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12977
|
|
moodle>=3.6<3.6.4 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134
|
|
moodle>=3.5<3.5.6 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134
|
|
moodle>=3.4<3.4.9 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134
|
|
moodle>=3.1<3.1.18 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134
|
|
ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12979
|
|
ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12979
|
|
ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12980
|
|
ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12981
|
|
ming-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12982
|
|
ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12978
|
|
ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12978
|
|
glib2<2.59.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13012
|
|
FlightCrew-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13032
|
|
irssi<1.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045
|
|
irssi>=1.1.0<1.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045
|
|
irssi>=1.2.0<1.2.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045
|
|
ap{22,24}-auth-mellon-[0-9]* open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-13038
|
|
zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13072
|
|
grafana<6.2.5 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2019-13068
|
|
tor-browser<9.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13075
|
|
matio<1.5.16 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13107
|
|
exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13109
|
|
exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13111
|
|
exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13112
|
|
exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13113
|
|
exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13110
|
|
libxslt<1.1.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13117
|
|
exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13114
|
|
libxslt<1.1.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13118
|
|
exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13108
|
|
dosbox<0.74.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7165
|
|
dosbox<0.74.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12594
|
|
py{27,34,35,36,37,38}-django>=1.11<1.11.22 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781
|
|
py{34,35,36,37,38}-django>=2.1<2.1.10 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781
|
|
py{34,35,36,37,38}-django>=2.2<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781
|
|
squirrelmail<1.4.23pre14832 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12970
|
|
libaudiofile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13147
|
|
ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13134
|
|
ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13133
|
|
ImageMagick<7.0.8.50 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-13135
|
|
ImageMagick6<6.9.10.50 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-13135
|
|
ImageMagick<7.0.8.50 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13136
|
|
ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13137
|
|
ImageMagick6<6.9.10.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13137
|
|
virt-manager>=2.2.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10183
|
|
qemu<4.1.0 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13164
|
|
SDL2_image<2.0.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5052
|
|
SDL2_image<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5051
|
|
nsd<4.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13207
|
|
intellij-ue-bin<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9872
|
|
intellij-ue-bin<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9873
|
|
intellij-idea-ce<2017.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9186
|
|
intellij-idea-ce<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9823
|
|
intellij-ue-bin<2017.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10104
|
|
glpi<9.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13239
|
|
FlightCrew<0.9.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-13241
|
|
xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13281
|
|
xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13282
|
|
xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13283
|
|
xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13286
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13287
|
|
xpdf<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13288
|
|
xpdf<4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13289
|
|
xpdf<4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13291
|
|
mupdf<1.15.0nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13290
|
|
unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13232
|
|
squid-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13345
|
|
ffmpeg4<4.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13312
|
|
ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13309
|
|
ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13309
|
|
ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13310
|
|
ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13310
|
|
ImageMagick<7.0.8.52 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13311
|
|
ImageMagick6<6.9.10.52 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13311
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13307
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13307
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13308
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13308
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13305
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13305
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13303
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13306
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13306
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13304
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13304
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13302
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13300
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13300
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13298
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13299
|
|
ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13301
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13297
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13297
|
|
ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13296
|
|
ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13295
|
|
ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13295
|
|
ffmpeg3<3.4.7 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13390
|
|
ffmpeg4<4.2.1 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13390
|
|
ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13391
|
|
ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13391
|
|
libtomcrypt<1.18.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-0739
|
|
gnupg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13050
|
|
gnupg2<2.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13050
|
|
ImageMagick<7.0.8.54 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13454
|
|
ImageMagick6<6.9.10.54 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13454
|
|
php{56,70,71,72}-contao44<4.4.39 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-11512
|
|
zeromq<4.3.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13132
|
|
firefox<68.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/
|
|
cliqz<1.28.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/
|
|
firefox60<60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
|
|
tor-browser<8.5.60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
|
|
php<7.0.18 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-7189
|
|
png<1.6.32 unspecified https://nvd.nist.gov/vuln/detail/CVE-2017-12652
|
|
oniguruma<6.9.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13224
|
|
oniguruma<6.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13225
|
|
glpi<9.4.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13240
|
|
exiv2<0.27.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13504
|
|
asterisk>=13.0<13.27.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html
|
|
asterisk>=15.0<15.7.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html
|
|
asterisk>=16.0<16.4.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html
|
|
asterisk>=13.0<13.27.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html
|
|
asterisk>=15.0<15.7.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html
|
|
asterisk>=16.0<16.4.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html
|
|
apache-roller<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0234
|
|
slurm-wlm<18.08.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12838
|
|
kafka>=0.11.0.0<2.1.1 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-17196
|
|
redis<5.0.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10192
|
|
redis<5.0.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10193
|
|
gitea<1.7.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010314
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010315
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010317
|
|
wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010319
|
|
squid<4.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-12525
|
|
squid<4.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12527
|
|
squid<4.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12529
|
|
glpi<9.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010310
|
|
python27<2.7.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852
|
|
python34<3.4.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852
|
|
python35<3.5.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852
|
|
python36<3.6.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852
|
|
python37<3.7.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852
|
|
sox-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13590
|
|
sox-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010004
|
|
evince<3.28.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010006
|
|
vlc<3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13602
|
|
libmspack<0.10alpha buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010305
|
|
thunderbird<60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/
|
|
ruby{22,23,24,25,26}-mini-magick<4.9.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13574
|
|
rust<1.30.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-1010299
|
|
jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010301
|
|
jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010302
|
|
glpi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010307
|
|
cfitsio<3.43 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010060
|
|
libssh2<1.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13115
|
|
libebml<1.3.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13615
|
|
SDL<1.2.15nb31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13616
|
|
SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13616
|
|
gpac<0.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13618
|
|
libreoffice<6.2.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9848
|
|
libreoffice<6.2.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9849
|
|
jenkins-lts<2.176.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-07-17/
|
|
jenkins<2.186 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-07-17/
|
|
nfdump<1.6.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010057
|
|
py{27,34,35,36,37,38}-flask<1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010083
|
|
SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13626
|
|
wireshark<2.4.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619
|
|
wireshark>=2.6<2.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619
|
|
wireshark>=3.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619
|
|
patch-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-13636
|
|
sleuthkit<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010065
|
|
abcm2ps<8.13.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010069
|
|
gitea<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010261
|
|
salt<2019.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-1010259
|
|
vlc<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13962
|
|
mongodb<3.0.7 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2015-7882
|
|
scapy<2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010142
|
|
pango<1.42.4nb5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1010238
|
|
proftpd<1.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12815
|
|
oracle-{jdk,jre}8<8.0.213 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA
|
|
openjdk8<1.8.213 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA
|
|
poppler<0.79.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9959
|
|
haproxy>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14241
|
|
haproxy>=1.9<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14241
|
|
binutils>=2.21<2.32 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010204
|
|
tcpdump-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010220
|
|
cherokee-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010218
|
|
nasm<2.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14248
|
|
binutils-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14250
|
|
libdwarf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14249
|
|
mpg321-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-14247
|
|
mgetty<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010189
|
|
mgetty<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010190
|
|
mysql-server>=5.6<5.6.45 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.27 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.17 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
|
|
zstd<1.3.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11922
|
|
exim>=4.85<4.92.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13917
|
|
mcpp-[0-9]* multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-14274
|
|
fig2dev-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14275
|
|
openldap-server<2.4.48 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-13057
|
|
openldap-server<2.4.48 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-13565
|
|
patch-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-13638
|
|
upx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14296
|
|
upx-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14295
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14293
|
|
xpdf<4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14294
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14292
|
|
xpdf<4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14288
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14291
|
|
xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14290
|
|
xpdf<4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14289
|
|
exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14368
|
|
exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14369
|
|
exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14370
|
|
ioquake3-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010043
|
|
ruby{22,23,24,25,26}-yard<0.9.20 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-1020001
|
|
u-boot<2019.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13103
|
|
jabberd<=2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
freetype2<2.6.1 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2015-9290
|
|
cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-14318
|
|
libopenmpt<0.4.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14381
|
|
binutils<2.33 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14444
|
|
openssl<1.0.2t multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt
|
|
openssl>=1.1.0<1.1.0l multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt
|
|
openssl>=1.1.1<1.1.1d multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt
|
|
ansible>=2.0<2.6.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156
|
|
ansible>=2.7<2.7.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156
|
|
ansible>=2.8<2.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156
|
|
libopenmpt<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14382
|
|
libopenmpt<0.3.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20861
|
|
libopenmpt<0.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14380
|
|
libopenmpt<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14383
|
|
Sigil<0.9.16 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-14452
|
|
yarn<1.17.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-5448
|
|
php{56,70,71,72}-nextcloud<15.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-5449
|
|
vlc<3.0.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-5460
|
|
vlc<3.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-5459
|
|
u-boot<2019.10 multiple-vulnerabilities https://blog.semmle.com/uboot-rce-nfs-vulnerability/
|
|
yara<3.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5020
|
|
SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5057
|
|
SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5058
|
|
SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5059
|
|
SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5060
|
|
pixman<0.32.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5297
|
|
moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10187
|
|
moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10188
|
|
moodle<3.7.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-10186
|
|
moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10189
|
|
schismtracker<20190805 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14465
|
|
nfdump<1.6.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14459
|
|
milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14464
|
|
libopenmpt<0.3.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20860
|
|
gdb-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010180
|
|
gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14486
|
|
opencv<3.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14491
|
|
opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14491
|
|
poppler<0.79.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14494
|
|
3proxy<0.8.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-14495
|
|
gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14468
|
|
opencv<3.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14492
|
|
opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14492
|
|
opencv<3.4.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14493
|
|
opencv>=4.0<4.1.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14493
|
|
milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14496
|
|
milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14497
|
|
dnsmasq<2.76 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14513
|
|
py{27,34,35,36,37,38}-django>=1.11<1.11.23 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
|
|
py{34,35,36,37,38}-django>=2.1<2.1.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
|
|
py{34,35,36,37,38}-django>=2.2<2.2.4 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
|
|
gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14528
|
|
sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14531
|
|
sleuthkit-[0-9]* off-by-one https://nvd.nist.gov/vuln/detail/CVE-2019-14532
|
|
schismtracker<20190805 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2019-14523
|
|
schismtracker<20190805 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14524
|
|
gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14541
|
|
seamonkey-enigmail<2.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-14664
|
|
thunderbird-enigmail<2.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-14664
|
|
magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
|
|
magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
|
|
magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
|
|
magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13
|
|
magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23
|
|
magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23
|
|
magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23
|
|
magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23
|
|
magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
|
|
magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
|
|
magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
|
|
magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33
|
|
brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14662
|
|
brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14663
|
|
brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14665
|
|
subversion-base<1.12.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2019-0203
|
|
subversion-base<1.12.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2018-11782
|
|
elasticsearch<6.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7614
|
|
elasticsearch>=7.0.0<7.2.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7614
|
|
mariadb-server>=5.5<5.5.65 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
|
|
mongodb<3.4.22 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-2386
|
|
mongodb>=4<4.0.9 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-2386
|
|
u-boot<2019.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13104
|
|
u-boot<2019.07 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-13105
|
|
u-boot<2019.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13106
|
|
adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14690
|
|
adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14691
|
|
adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14692
|
|
adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14732
|
|
adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14733
|
|
adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14734
|
|
kconfig<5.61.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-14744
|
|
radare2<3.7.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14745
|
|
postgresql94-server<9.4.24 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208
|
|
postgresql95-server<9.5.19 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208
|
|
postgresql96-server<9.6.15 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208
|
|
postgresql10-server<10.10 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208
|
|
postgresql11-server<11.5 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208
|
|
postgresql11-server<11.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10209
|
|
php71-exif<7.1.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041
|
|
php72-exif<7.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041
|
|
php73-exif<7.3.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041
|
|
php71-exif<7.1.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042
|
|
php72-exif<7.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042
|
|
php73-exif<7.3.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042
|
|
ruby{22,23,24,25,26}-nokogiri<1.10.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-5477
|
|
exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14982
|
|
ImageMagick6<6.9.10.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14980
|
|
ImageMagick<7.0.8.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14980
|
|
ImageMagick6<6.9.10.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14981
|
|
ImageMagick<7.0.8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14981
|
|
ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10216
|
|
ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10216
|
|
go111<1.11.13 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14809
|
|
go112<1.12.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14809
|
|
nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516
|
|
nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516
|
|
nghttp2<1.39.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
nghttp2<1.39.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
go111<1.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
go111<1.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
go112<1.12.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
go112<1.12.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515
|
|
libexosip<5.0.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2014-10375
|
|
tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14973
|
|
mupdf<1.16.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14975
|
|
apache>=2.4<2.4.41 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517
|
|
apache>=2.4<2.4.41 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10081
|
|
apache>=2.4<2.4.41 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10082
|
|
apache>=2.4<2.4.41 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10092
|
|
apache>=2.4<2.4.41 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10097
|
|
apache>=2.4<2.4.41 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10098
|
|
gradle<5.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15052
|
|
firefox<68.0.2 sensitive-information-disclosure https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/
|
|
cliqz<1.28.2 sensitive-information-disclosure https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/
|
|
squid>=4<4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12854
|
|
wpa_supplicant<2.9 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-13377
|
|
patch-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20969
|
|
webmin>=1.882<1.930 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15107
|
|
libreoffice<6.2.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9850
|
|
libreoffice<6.2.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9851
|
|
libreoffice<6.2.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-9852
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517
|
|
nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518
|
|
nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518
|
|
nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518
|
|
nodejs-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
cups-base<2.2.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8675
|
|
cups-base<2.2.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8696
|
|
zabbix-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-15132
|
|
giflib<5.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15133
|
|
ImageMagick<7.0.8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15139
|
|
ImageMagick6<6.9.10.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15139
|
|
ImageMagick<7.0.8.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15140
|
|
ImageMagick6<6.9.10.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15140
|
|
ImageMagick<7.0.8.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15141
|
|
ImageMagick6<6.9.10.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15141
|
|
djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15142
|
|
djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15143
|
|
djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15144
|
|
djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15145
|
|
adplug<2.3.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-15151
|
|
ruby{22,23,24,25,26}-rest-client>=1.6.10<1.6.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15224
|
|
webmin<1.930 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15231
|
|
php{56,70,71,72,73}-roundcube-[0-9]* homograph-attack https://nvd.nist.gov/vuln/detail/CVE-2019-15237
|
|
faad2<2.8.8nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15296
|
|
vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14437
|
|
vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14438
|
|
vlc<3.0.8 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14498
|
|
vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14533
|
|
vlc<3.0.8 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14534
|
|
vlc<3.0.8 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14535
|
|
vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14776
|
|
vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14777
|
|
vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14778
|
|
vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14970
|
|
sphinxsearch-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14511
|
|
mantis<2.21.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15074
|
|
py{27,34,35,36,37,38}-nltk<3.4.5 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-14751
|
|
ampache<4.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12386
|
|
ampache<4.0.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12385
|
|
php{56,71,72,73}-tiki6-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15314
|
|
py{27,34,35,36,37,38}-httpie<1.0.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-10751
|
|
libextractor<1.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15531
|
|
trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511
|
|
trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512
|
|
trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513
|
|
trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514
|
|
trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515
|
|
trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515
|
|
trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516
|
|
trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517
|
|
trafficserver>=6.0.0<7.1.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518
|
|
trafficserver>=8.0.0<8.0.5 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518
|
|
trafficserver>=6.0.0<7.1.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-10079
|
|
trafficserver>=8.0.0<8.0.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-10079
|
|
qemu<4.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14378
|
|
webkit-gtk<2.24.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0004.html
|
|
irssi>=1.2.0<1.2.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-15717
|
|
inspircd>=3.0.0<3.1.0 use-after-free https://docs.inspircd.org/security/2019-01/
|
|
inspircd<2.0.28 null-pointer-dereference https://docs.inspircd.org/security/2019-02/
|
|
inspircd>=3.0.0<3.3.0 null-pointer-dereference https://docs.inspircd.org/security/2019-02/
|
|
grafana<6.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15043
|
|
php{56,70,71,72,73}-contao35-3.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
jasper<2.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14232
|
|
webmin-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15641
|
|
webmin<1.930 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15642
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13451
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13452
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13273
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13455
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13274
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13486
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13484
|
|
xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13485
|
|
jenkins-lts<2.176.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-08-28/
|
|
jenkins<2.191 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-08-28/
|
|
nmap<7.80 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18594
|
|
gnuchess-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15767
|
|
dovecot<2.3.7.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11500
|
|
dovecot-pigeonhole<0.5.7.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11500
|
|
teamspeak-client<3.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15502
|
|
memcached<1.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15026
|
|
gcc7-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-15847
|
|
gcc8-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-15847
|
|
freetype2<2.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9381
|
|
freetype2<2.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9382
|
|
freetype2<2.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9383
|
|
samba>=4.9<4.10.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-10197
|
|
ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14811
|
|
ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14811
|
|
ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14817
|
|
ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14817
|
|
xpdf>=2.0<3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15860
|
|
varnish<6.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15892
|
|
expat<2.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15903
|
|
poppler<0.66.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-21009
|
|
seamonkey<2.49.5 multiple-vulnerabilities http://www.seamonkey-project.org/releases/seamonkey2.49.5/
|
|
firefox<69.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/
|
|
cliqz<1.29.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/
|
|
firefox68<68.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/
|
|
firefox60<60.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/
|
|
tor-browser<8.5.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/
|
|
asterisk>=15.0<15.7.4 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-004.html
|
|
asterisk>=16.0<16.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-004.html
|
|
asterisk>=13.0<13.28.0 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-005.html
|
|
asterisk>=16.0<16.5.0 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-005.html
|
|
ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14813
|
|
ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14813
|
|
openjpeg<2.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-21010
|
|
exim<4.92.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15846
|
|
qemu<5.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-15890
|
|
opencv<3.4.8 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-15939
|
|
ffmpeg4<4.2.1 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-15942
|
|
opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15945
|
|
opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15946
|
|
bitcoin<0.20.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15947
|
|
php56-http<2.6.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-7398
|
|
php{70,71,72,73}-http>=3.0.0<3.1.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-7398
|
|
python27<2.7.17 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056
|
|
python35-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056
|
|
python36<3.6.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056
|
|
python37<3.7.5 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056
|
|
xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16088
|
|
libreoffice<6.3.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-9854
|
|
libreoffice<6.3.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9855
|
|
kilo-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16096
|
|
imapfilter-[0-9]* ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-10937
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16115
|
|
bird>=1.6.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159
|
|
bird6>=1.6.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159
|
|
bird>=2.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159
|
|
bird6>=2.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159
|
|
oniguruma<6.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16163
|
|
cflow-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-16165
|
|
cflow-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16166
|
|
sqlite3>=3.8.5<3.30.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-16168
|
|
ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14812
|
|
ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14812
|
|
openssl<1.0.2t multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt
|
|
openssl>=1.1.0<1.1.0l multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt
|
|
openssl>=1.1.1<1.1.1d multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt
|
|
wpa_supplicant<2.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16275
|
|
curl>=7.52.0<7.66.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-5481
|
|
curl>=7.19.4<7.66.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5482
|
|
ruby{22,23,24,25,26,27,30}-padrino-contrib<0.2.0nb1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16145
|
|
py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16224
|
|
py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16225
|
|
py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16226
|
|
py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16227
|
|
py{27,34,35,36,37,38}-lmbd-[0-9]* divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-16228
|
|
wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16217
|
|
wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16218
|
|
wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16219
|
|
wordpress<5.2.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-16220
|
|
wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16221
|
|
wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16222
|
|
wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16223
|
|
opencv>=4.0<4.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16249
|
|
opendmarc-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-16378
|
|
thunderbird<60.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/
|
|
ibus<1.5.21 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14822
|
|
php{56,70,71,72,73}-phpmyadmin<4.9.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-12922
|
|
php{56,70,71,72,73}-piwigo<2.10.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-13363
|
|
php{56,70,71,72,73}-piwigo<2.10.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-13364
|
|
adobe-flash-player<32.0.0.255 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-46.html
|
|
picoc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16277
|
|
asterisk>=14<15 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wireshark<2.6.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-16319
|
|
wireshark>=3.0<3.0.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-16319
|
|
gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21015
|
|
gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21016
|
|
gpac<0.8.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-21017
|
|
gradle<6.0 weak-hash https://nvd.nist.gov/vuln/detail/CVE-2019-16370
|
|
openconnect<8.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16239
|
|
gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16395
|
|
gnucobol-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-16396
|
|
mosquitto>=1.6.0<1.6.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-11778
|
|
mosquitto>=1.5.0<1.5.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11779
|
|
mosquitto>=1.6.0<1.6.6 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11779
|
|
grafana-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15635
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16705
|
|
ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16708
|
|
ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16708
|
|
ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16709
|
|
ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16709
|
|
ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16710
|
|
ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16710
|
|
ImageMagick<7.0.8.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16711
|
|
ImageMagick6<6.9.10.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16711
|
|
ImageMagick<7.0.8.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16712
|
|
ImageMagick6<6.9.10.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16712
|
|
ImageMagick<7.0.8.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16713
|
|
hunspell<1.7.0nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16707
|
|
radare2<3.9.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16718
|
|
cacti<1.2.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-16723
|
|
go112<1.12.10 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16276
|
|
thunderbird<68.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-30/
|
|
firefox<69.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/
|
|
cliqz<1.29.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/
|
|
thunderbird<68.1.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-32/
|
|
jenkins-lts<2.176.4 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-09-25/
|
|
jenkins<2.197 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-09-25/
|
|
unbound<1.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16866
|
|
qemu<4.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-12068
|
|
e2fsprogs<1.45.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5094
|
|
libgcrypt<1.8.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13627
|
|
glpi<9.4.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14666
|
|
ruby{22,24,25,26}-zip<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16892
|
|
mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-16738
|
|
mbedtls<2.19.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-16910
|
|
libreoffice<6.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9853
|
|
exim>=4.92<4.92.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16928
|
|
py{27,34,35,36,37,38}-flower-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16925
|
|
py{27,34,35,36,37,38}-flower-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16926
|
|
xpdf<4.02 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16927
|
|
xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17064
|
|
python27<2.7.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935
|
|
python36<3.6.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935
|
|
python37<3.7.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935
|
|
rust<1.26.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16760
|
|
putty<0.73 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-17068
|
|
putty<0.73 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17069
|
|
pycharm-bin<2019.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14958
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10103
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10105
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14461
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14462
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14463
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14464
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14465
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14466
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14467
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14468
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14469
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14470
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14879
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14880
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14881
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14882
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16227
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16228
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16229
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16230
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16300
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16301
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16451
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16452
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15166
|
|
tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15167
|
|
libpcap<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15161
|
|
libpcap<1.9.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-15162
|
|
libpcap<1.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15163
|
|
libpcap<1.9.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-15164
|
|
libpcap<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15165
|
|
libopenmpt<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17113
|
|
freerdp-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-17177
|
|
py{27,34,35,36,37}-Pillow<6.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16865
|
|
libsoup<2.68.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17266
|
|
p5-libapreq2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12412
|
|
libtomcrypt-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17362
|
|
gif2png<3.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-17371
|
|
zabbix-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17382
|
|
exiv2<0.27.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17402
|
|
mantis<2.22.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15715
|
|
ruby{22,24,25,26}-netaddr<2.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-17383
|
|
ruby{22,24,25,26}-redmine<3.4.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17427
|
|
binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17450
|
|
binutils<2.34 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17451
|
|
libntlm<1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17455
|
|
matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17533
|
|
py{27,34,35,36,37,38}-graphite-web-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-18638
|
|
ImageMagick<7.0.8.54 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17540
|
|
ImageMagick<7.0.8.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17541
|
|
ImageMagick6<6.9.10.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17541
|
|
ImageMagick<7.0.8.62 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17547
|
|
ffmpeg3<3.4.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17539
|
|
ffmpeg4<4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17539
|
|
ffmpeg2<2.8.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542
|
|
ffmpeg3<3.4.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542
|
|
ffmpeg4<4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542
|
|
lz4<1.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17543
|
|
aspell<0.60.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17544
|
|
gdal-lib<3.0.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-17545
|
|
tiff<4.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17546
|
|
sudo<1.8.28 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-14287
|
|
nostromo<1.9.6nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16278
|
|
nostromo<1.9.6nb2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16279
|
|
ncurses<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17594
|
|
ncursesw<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17594
|
|
ncurses<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17595
|
|
ncursesw<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17595
|
|
ruby{22,24,25,26}-haml<5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1002201
|
|
rabbitmq<3.7.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11281
|
|
py{27,36,37,38}-reportlab<3.5.27 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-17626
|
|
oracle-{jdk,jre}8<8.0.232 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA
|
|
openjdk8<1.8.232 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA
|
|
openjdk11<1.11.0.5 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA
|
|
mysql-server>=5.6<5.6.46 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.28 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.18 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
|
|
bind>=9.14<9.14.7 security-bypass https://kb.isc.org/docs/cve-2019-6475
|
|
bind>=9.14<9.14.7 denial-of-service https://kb.isc.org/docs/cve-2019-6476
|
|
wordpress<5.2.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17669
|
|
wordpress<5.2.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17670
|
|
wordpress<5.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17671
|
|
wordpress<5.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17672
|
|
wordpress<5.2.4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2019-17673
|
|
wordpress<5.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17674
|
|
wordpress<5.2.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17675
|
|
ansible<2.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14846
|
|
doas<6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15900
|
|
doas<6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15901
|
|
libxslt<1.1.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-18197
|
|
proftpd<1.3.6b remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18217
|
|
t1lib-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox68<68.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/
|
|
tor-browser<9.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/
|
|
firefox<70.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/
|
|
cliqz<1.30.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/
|
|
thunderbird<68.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-296.html
|
|
xenkernel411<4.11.2nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-296.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-298.html
|
|
xenkernel411<4.11.2nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-298.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-299.html
|
|
xenkernel411<4.11.2nb2 privilege-escalation https://xenbits.xen.org/xsa/advisory-299.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-302.html
|
|
xenkernel411<4.11.2nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-302.html
|
|
ikiwiki<3.20101112 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2010-1673
|
|
ikiwiki<3.20110122 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-0428
|
|
ikiwiki<3.20110608 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-1408
|
|
chicken<4.8.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6122
|
|
chicken<4.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-6123
|
|
chicken<4.8.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2012-6124
|
|
chicken<4.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6125
|
|
chicken<4.9.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2024
|
|
chicken<4.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-2075
|
|
webkit-gtk<2.26.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0005.html
|
|
elasticsearch<6.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7619
|
|
file-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-18218
|
|
freetds<1.1.20 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13508
|
|
go112<1.12.11 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17596
|
|
haproxy<2.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-18277
|
|
isc-dhcpd<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6470
|
|
libarchive<3.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-18408
|
|
libidn2<2.2.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12290
|
|
libidn2<2.1.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18224
|
|
libssh2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17498
|
|
libvncserver-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15681
|
|
magento<1.9.4.1 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update
|
|
magento>=2.1<2.1.17 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update
|
|
magento>=2.2<2.2.8 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update
|
|
magento>=2.3<2.3.1 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18359
|
|
openafs<1.6.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18601
|
|
openafs>=1.7<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18601
|
|
openafs<1.6.24 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18602
|
|
openafs>=1.7<1.8.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18602
|
|
openafs<1.6.24 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18603
|
|
openafs>=1.7<1.8.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18603
|
|
php71-fpm<7.1.33 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043
|
|
php72-fpm<7.2.24 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043
|
|
php73-fpm<7.3.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043
|
|
py{27,34,35,36,37,38}-notebook<5.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-21030
|
|
python27<2.7.18 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348
|
|
python36<3.6.11 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348
|
|
python37<3.7.8 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348
|
|
python38<3.8.3 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348
|
|
qt5-qtbase<5.12.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-18281
|
|
ruby{22,23,24,25,26}-loofah<2.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15587
|
|
thrift<0.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0205
|
|
thrift<0.13.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-0210
|
|
tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8287
|
|
tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15678
|
|
tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15679
|
|
tightvnc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15680
|
|
unoconv<0.9 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17400
|
|
mediawiki<1.18.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0046
|
|
mediawiki<1.20.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1951
|
|
magento<1.9.4.3 multiple-vulnerabilities https://magento.com/security/patches/supee-11219
|
|
MesaLib<19.2.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-5068
|
|
clamav<0.101.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12625
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18797
|
|
libsass<3.6.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-18798
|
|
libsass<3.6.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18799
|
|
samba>=4.0<4.10.10 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-10218
|
|
samba>=4.0<4.10.10 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2019-14833
|
|
samba>=4.0<4.10.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14847
|
|
mantis<1.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1930
|
|
mantis<1.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1931
|
|
mantis<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1932
|
|
mantis<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1934
|
|
zoo-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2005-2349
|
|
snoopy<2.0.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2002-2444
|
|
py{24,25,26,27,31}-keyring<0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-5577
|
|
libytnef-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2009-3887
|
|
mapserver<5.6.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2010-1678
|
|
py{26,27,34,35,36}-mercurial<1.6.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2010-4237
|
|
bitlbee<3.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-1187
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0206
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0207
|
|
transmission<1.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0748
|
|
transmission<1.92 unspecified https://nvd.nist.gov/vuln/detail/CVE-2010-0749
|
|
icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5331
|
|
icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5332
|
|
icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5333
|
|
nsd<3.2.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-2979
|
|
miniupnpd<1.8.20130607 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-2600
|
|
evince<3.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-3718
|
|
minidlna<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2738
|
|
minidlna<1.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-2739
|
|
archivemail<0.7.0 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2006-4245
|
|
clamav<0.100.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2007-0899
|
|
gdm-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-1000002
|
|
konversation<1.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2009-5050
|
|
mutt<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-2351
|
|
php{56,70,71,72,73}-gettext<1.0.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8980
|
|
py{25,26,27,31,32}-pip<1.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-5123
|
|
py{26,27,32,33}-scipy<0.12.1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2013-4251
|
|
ruby{193,200}-nokogiri<1.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6460
|
|
ruby{193,200}-nokogiri<1.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6461
|
|
slim<1.3.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2013-4412
|
|
smokeping<2.6.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4168
|
|
sudo<1.7.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2005-4890
|
|
xlockmore-[0-9]* unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2006-0061
|
|
xlockmore<5.24 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2006-0062
|
|
openttd<1.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0049
|
|
tahoe-lafs<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-0051
|
|
djvulibre-lib-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18804
|
|
viewvc-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2007-5743
|
|
clamav<0.91.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2007-6745
|
|
gri<2.12.18 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2008-7291
|
|
gource-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2010-2449
|
|
shibboleth-sp<2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2010-2450
|
|
mantis<1.2.13 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2013-1811
|
|
fribidi<1.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18397
|
|
webkit-gtk<2.26.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0006.html
|
|
magento>=2.2<2.2.10 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update
|
|
magento>=2.3<2.3.3 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update
|
|
mantis<1.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2009-2802
|
|
tnef<1.4.18 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-18849
|
|
ImageMagick<7.0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18853
|
|
libjpeg-turbo<2.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-2201
|
|
py{27,36,37,38}-psutil-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2019-18874
|
|
py{26,27,32,33}-twisted<14.0.1 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2014-7143
|
|
ghostscript-agpl<9.50nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-14869
|
|
ettercap<0.7.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-3844
|
|
offlineimap<6.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2010-4532
|
|
offlineimap<6.3.4 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2010-4533
|
|
poppler<0.16.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2010-4654
|
|
poppler<0.16.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-4653
|
|
consolekit<0.4.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2010-4664
|
|
intel-microcode-netbsd<20191115 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-11135
|
|
intel-microcode-netbsd<20191115 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11139
|
|
cyrus-imapd>=2.5<2.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18928
|
|
cyrus-imapd>=3.0<3.0.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18928
|
|
oniguruma>=6.0<6.9.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19012
|
|
jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19035
|
|
xfce4-thunar<1.3.1 format-string https://nvd.nist.gov/vuln/detail/CVE-2011-1588
|
|
rsyslog<5.7.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2011-1488
|
|
rsyslog<5.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-1489
|
|
rsyslog<5.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-1490
|
|
php{56,70,71,72,73}-drupal>=7<7.5 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-2726
|
|
chrony<1.29.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0021
|
|
perdition<2.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2013-4584
|
|
unixodbc<2.2.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2011-1145
|
|
sniffit-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-5439
|
|
unbound<1.9.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-18934
|
|
foomatic-rip<4.0.0 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2923
|
|
foomatic-rip<4.0.10 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2924
|
|
php{56,71,72,73}-tiki6<8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4454
|
|
php{56,71,72,73}-tiki6<8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4455
|
|
ansible<2.6.19 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10206
|
|
ansible<2.9.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10217
|
|
ansible<2.6.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14856
|
|
asterisk>=13.0<13.29.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html
|
|
asterisk>=16.0<16.6.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html
|
|
asterisk>=17.0<17.0.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html
|
|
asterisk>=13.0<13.29.2 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html
|
|
asterisk>=16.0<16.6.2 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html
|
|
asterisk>=17.0<17.0.1 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html
|
|
asterisk>=13.0<13.29.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-008.html
|
|
bind>=9.11<9.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6477
|
|
bind>=9.14<9.14.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6477
|
|
gnome-font-viewer-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19308
|
|
haproxy<2.0.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19330
|
|
jetty>=9.4.23.20191118<9.4.24.20191120 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17632
|
|
libarchive<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19221
|
|
oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19203
|
|
oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19204
|
|
oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19246
|
|
phpmyadmin<4.9.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-18622
|
|
powerdns<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10203
|
|
powerdns>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10203
|
|
proftpd<1.3.6c verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19270
|
|
proftpd<1.3.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19271
|
|
proftpd<1.3.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19272
|
|
py{27,36,37,38}-ecdsa<0.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14853
|
|
py{36,37,38}-typed-ast<1.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19274
|
|
py{36,37,38}-typed-ast<1.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19275
|
|
rabbitmq<3.7.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11287
|
|
rabbitmq<3.7.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11291
|
|
ruby24-base<2.4.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845
|
|
ruby25-base<2.5.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845
|
|
ruby26-base<2.6.5 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845
|
|
ruby24-base<2.4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201
|
|
ruby25-base<2.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201
|
|
ruby26-base<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201
|
|
ruby24-base<2.4.8 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254
|
|
ruby25-base<2.5.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254
|
|
ruby26-base<2.6.5 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254
|
|
ruby24-base<2.4.8 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255
|
|
ruby25-base<2.5.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255
|
|
ruby26-base<2.6.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255
|
|
ruby{22,24,25,26}-redmine<3.3.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-18890
|
|
sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19242
|
|
sqlite3<3.31.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-19244
|
|
squid<4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12523
|
|
squid<4.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12526
|
|
squid<4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-18676
|
|
squid<4.9 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-18677
|
|
squid<4.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-18678
|
|
squid<4.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18679
|
|
9base-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-1935
|
|
chicken<4.9.0.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-6310
|
|
claws-mail-vcalendar<2.0.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-5527
|
|
evolution-data-server<3.2.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-3355
|
|
gnupg2<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1606
|
|
gnupg<1.4.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1607
|
|
gnupg2<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1607
|
|
ikiwiki<3.20150329 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-2793
|
|
lilo>=23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2011-1934
|
|
mediawiki<1.20.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1816
|
|
mediawiki<1.20.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-1817
|
|
moodle<2.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1155
|
|
moodle<2.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1156
|
|
moodle<2.2.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-1168
|
|
nss<3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5285
|
|
patch<2.7.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-1396
|
|
php{53,54}-owncloud<4.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-0203
|
|
phpldapadmin<0.9.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-4082
|
|
py{24,25,26,27,31}-keyring<0.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-5578
|
|
py{26,27,32,33,34}-rply<0.7.4 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-1938
|
|
py27-trytond<2.4.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-2238
|
|
py27-xml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0877
|
|
python27<2.7.13 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110
|
|
python34<3.4.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110
|
|
python35<3.5.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110
|
|
python36<3.6.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110
|
|
quagga-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5521
|
|
ruby{22,24,25,26}-net-ldap<0.16.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2014-0083
|
|
tahoe-lafs<1.8.3 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2011-3617
|
|
thttpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5640
|
|
vsftpd<2.3.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2011-2523
|
|
wide-dhcpv6-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2011-2717
|
|
xscreensaver<5.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-2187
|
|
yaws<1.92 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2011-4350
|
|
libvpx<1.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9232
|
|
libvpx<1.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9325
|
|
libvpx<1.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9371
|
|
libvpx<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9433
|
|
libpurple-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1257
|
|
py{34,35,36,37,38}-django>=2.1<2.1.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118
|
|
py{34,35,36,37,38}-django>=2.2<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118
|
|
clamav<0.102.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15961
|
|
firefox<71.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/
|
|
cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/
|
|
firefox68<68.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/
|
|
tor-browser<9.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/
|
|
php{56,71,72,73}-davical<1.1.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-18345
|
|
php{56,71,72,73}-davical<1.1.9 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-18346
|
|
php{56,71,72,73}-davical<1.1.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-18347
|
|
dia<0.97.3nb21 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-19451
|
|
fig2dev-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19555
|
|
freeradius>=3.0.0<3.0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13456
|
|
opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19479
|
|
opensc<0.20.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19480
|
|
opensc<0.20.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19481
|
|
proftpd<1.3.6c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19269
|
|
rabbitmq-c<0.10.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18609
|
|
zabbix-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2013-7484
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-304.html
|
|
xenkernel411<4.11.2nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-304.html
|
|
xenkernel48-[0-9]* side-channel https://xenbits.xen.org/xsa/advisory-305.html
|
|
xenkernel411<4.11.2nb1 side-channel https://xenbits.xen.org/xsa/advisory-305.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-306.html
|
|
xenkernel411<4.11.2nb3 privilege-escalation https://xenbits.xen.org/xsa/advisory-306.html
|
|
wireshark<2.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19553
|
|
wireshark>=3.0.0<3.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19553
|
|
radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19590
|
|
py{27,36,37,38}-validators<0.12.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-19588
|
|
minidlna<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2745
|
|
ap{22,24}-fcgid-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000104
|
|
sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19317
|
|
phpmyadmin<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-19617
|
|
ruby{22,24,25,26}-puma<3.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16770
|
|
openssl<1.0.2u integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1551
|
|
openssl>=1.1.0<1.1.1e integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1551
|
|
opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19624
|
|
openslp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5544
|
|
htmldoc-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19630
|
|
libsixel<1.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19635
|
|
libsixel<1.8.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19636
|
|
libsixel<1.8.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19637
|
|
libsixel<1.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19638
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19647
|
|
yara-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19648
|
|
ruby{22,24,25,26}-base-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2011-3624
|
|
sqlite3<3.31.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19603
|
|
sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19645
|
|
sqlite3<3.31.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19646
|
|
samba>=4.0<4.10.11 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14861
|
|
samba>=4.0<4.10.11 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14870
|
|
php-7.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
libssh<0.8.8 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14889
|
|
libssh>=0.9<0.9.3 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14889
|
|
git-base<2.23.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19604
|
|
git-base>=2.24<2.24.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19604
|
|
yabasic<2.86.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19720
|
|
yabasic<2.86.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19796
|
|
libxslt<1.1.34 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2019-5815
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-307.html
|
|
xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-307.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-308.html
|
|
xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-308.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-309.html
|
|
xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-309.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-310.html
|
|
xenkernel411<4.11.3nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-310.html
|
|
xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-311.html
|
|
xenkernel411<4.11.3nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-311.html
|
|
fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19746
|
|
cacti<1.2.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-17358
|
|
spamassassin<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12420
|
|
npm<6.13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16775
|
|
npm<6.13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16776
|
|
npm<6.13.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16777
|
|
libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19777
|
|
libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19778
|
|
atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19785
|
|
atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19786
|
|
atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19787
|
|
dovecot2<2.3.9.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19722
|
|
samurai<1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19795
|
|
bash<5.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18276
|
|
cyrus-imapd<2.5.15 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-19783
|
|
cyrus-imapd>=3.0<3.0.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-19783
|
|
cyrus-sasl<2.1.27nb1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19906
|
|
fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19797
|
|
git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1348
|
|
git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1348
|
|
git-base<2.23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1349
|
|
git-base>=2.24<2.24.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1349
|
|
git-base<2.23.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1350
|
|
git-base>=2.24<2.24.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1350
|
|
git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351
|
|
git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351
|
|
libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351
|
|
git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352
|
|
git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352
|
|
libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352
|
|
git-base<2.23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353
|
|
git-base>=2.24<2.24.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353
|
|
libgit2<0.99 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353
|
|
git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354
|
|
git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354
|
|
libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354
|
|
git-base<2.23.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1387
|
|
git-base>=2.24<2.24.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1387
|
|
go-dns<1.1.25 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-19794
|
|
knot<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19331
|
|
libspiro-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19847
|
|
mediawiki-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19709
|
|
nethack-lib<3.6.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19905
|
|
py{27,34,35,36,37,38}-django>=1.11<1.11.27 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844
|
|
py{34,35,36,37,38}-django>=2.1<2.1.15 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844
|
|
py{34,35,36,37,38}-django>=2.2<2.2.9 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844
|
|
ruby{22,24,25,26}-rack16<1.6.12 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2019-16782
|
|
ruby{22,24,25,26}-rack<2.0.8 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2019-16782
|
|
sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19880
|
|
sudo<1.8.30beta2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19232
|
|
sudo<1.8.30beta2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19234
|
|
php{56,71,72,73}-typo3<8.7.30 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-19848
|
|
php{56,71,72,73}-typo3<8.7.30 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19849
|
|
php{56,71,72,73}-typo3<8.7.30 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-19850
|
|
yarn<1.21.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-10773
|
|
thunderbird<68.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/
|
|
nss<3.47.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11745
|
|
nss<3.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17007
|
|
py{27,36,37,38}-ecdsa<0.13.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14859
|
|
spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11805
|
|
ImageMagick6<6.8.8.9 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2014-8561
|
|
duplicity<0.6.21 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2014-3495
|
|
erlang-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2016-1000107
|
|
kde-workspace4<4.10.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2013-4133
|
|
mcollective-[0-9]* insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2014-0175
|
|
mediawiki<1.21.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4303
|
|
orca-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-4245
|
|
p5-DBD-PgPP<0.06 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2014-7257
|
|
p5-Data-UUID-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2013-4184
|
|
p5-Module-Signature<0.74 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-3406
|
|
pen<0.22.1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-2387
|
|
ruby{22,24,25,26}-puppet>=6<6.4.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2018-11751
|
|
smokeping<2.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4158
|
|
xerces-c-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1311
|
|
yaws<2.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2016-1000108
|
|
php56-typo3<8.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
lout-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19917
|
|
lout-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19918
|
|
py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16785
|
|
py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16786
|
|
libgnome-keyring<3.10.0 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2012-6111
|
|
gnutls<3.2.0 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2015-8313
|
|
libreoffice-[0-9]* remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2012-5639
|
|
php{56,70,71,72,73,74}-drupal>=8.7.4<8.7.5 access-bypass https://www.drupal.org/SA-CORE-2019-008
|
|
php{56,70,71,72,73,74}-drupal>=8<8.7.11 denial-of-service https://www.drupal.org/SA-CORE-2019-009
|
|
php{56,70,71,72,73,74}-drupal>=8<8.7.11 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-010
|
|
php{56,70,71,72,73,74}-drupal>=8<8.7.11 access-bypass https://www.drupal.org/SA-CORE-2019-011
|
|
php{56,70,71,72,73,74}-drupal>=7<7.69 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-012
|
|
php{56,70,71,72,73,74}-drupal>=8<8.7.11 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-012
|
|
php>=7.2<7.2.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044
|
|
php>=7.3<7.3.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044
|
|
php>=7.4<7.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044
|
|
php>=7.2<7.2.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045
|
|
php>=7.3<7.3.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045
|
|
php>=7.4<7.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045
|
|
php>=7.3<7.3.13 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-11049
|
|
php>=7.4<7.4.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-11049
|
|
php72-bcmath<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046
|
|
php73-bcmath<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046
|
|
php74-bcmath<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046
|
|
php72-exif<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047
|
|
php73-exif<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047
|
|
php74-exif<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047
|
|
php72-exif<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050
|
|
php73-exif<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050
|
|
php74-exif<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050
|
|
sqlite3<3.31.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19926
|
|
apache-tomcat>=7.0.0<7.0.99 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418
|
|
apache-tomcat>=8.5.0<8.5.49 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418
|
|
apache-tomcat>=9.0.0<9.0.29 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418
|
|
apache-tomcat>=7.0.0<7.0.99 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563
|
|
apache-tomcat>=8.5.0<8.5.49 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563
|
|
apache-tomcat>=9.0.0<9.0.29 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563
|
|
apache-tomcat-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
apache-tomcat-8.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
GraphicsMagick<1.3.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19950
|
|
GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19951
|
|
GraphicsMagick<1.3.34 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19953
|
|
ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19948
|
|
ImageMagick6<6.9.10.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19948
|
|
ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19949
|
|
ImageMagick6<6.9.10.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19949
|
|
ImageMagick<7.0.9.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19952
|
|
libxml2<2.9.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-19956
|
|
sqlite3<3.31.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19923
|
|
sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19924
|
|
sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19925
|
|
tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15691
|
|
tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15692
|
|
tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15693
|
|
tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15694
|
|
tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15695
|
|
wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16780
|
|
wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16781
|
|
wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20041
|
|
wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20042
|
|
wordpress<5.3.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-20043
|
|
libesmtp-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19977
|
|
py{27,36,37,38}-waitress<1.4.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16789
|
|
ezxml-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20005
|
|
ezxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20006
|
|
ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20007
|
|
libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20022
|
|
libsixel<1.8.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20023
|
|
libsixel<1.8.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20024
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20017
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20018
|
|
matio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20019
|
|
matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20020
|
|
upx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20021
|
|
thttpd-[0-9]* buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2007-0158
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20051
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20053
|
|
libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20056
|
|
libsixel<1.8.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20094
|
|
podofo<0.9.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20093
|
|
vim<8.1.2136 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20079
|
|
libsixel<1.8.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20140
|
|
qemu<1.5.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2013-2016
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20159
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20160
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20161
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20162
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20163
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20164
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20165
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20166
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20167
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20168
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20169
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20170
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20171
|
|
pure-ftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20176
|
|
ezxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20198
|
|
ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20199
|
|
ezxml-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20200
|
|
ezxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20201
|
|
ezxml-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2019-20202
|
|
tiff<3.7.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2004-0804
|
|
cups-base<2.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-2228
|
|
ansible>=2.9<2.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864
|
|
ansible>=2.8<2.8.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864
|
|
ansible>=2.7<2.7.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864
|
|
libsixel<1.8.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20205
|
|
gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20208
|
|
sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-20218
|
|
opencv>=4.0<4.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5063
|
|
opencv>=4.0<4.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5064
|
|
py{27,36,37,38}-Pillow<6.2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5310
|
|
py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5311
|
|
py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5312
|
|
py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5313
|
|
tigervnc<1.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-0011
|
|
qemu<2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-4532
|
|
sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19959
|
|
nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20334
|
|
fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5496
|
|
fontforge-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-5395
|
|
py{27,36,37,38}-Pillow<6.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19911
|
|
firefox<72.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/
|
|
cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/
|
|
firefox68<68.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/
|
|
tor-browser<9.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/
|
|
firefox<72.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
|
|
cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
|
|
firefox68<68.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
|
|
tor-browser<9.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
|
|
gnutls<3.6 signature-forgery https://mail.gnome.org/archives/desktop-devel-list/2020-January/msg00002.html
|
|
gnupg-[0-9]* signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-14855
|
|
gnupg2<2.2.18 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-14855
|
|
thunderbird<68.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/
|
|
#KeePass-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-20184
|
|
ansible<1.5.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2686
|
|
bftpd<5.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6162
|
|
bftpd<5.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6835
|
|
curl<7.68.0 remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2019-15601
|
|
dnsmasq<2.81 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14834
|
|
e2fsprogs<1.45.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5188
|
|
ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20378
|
|
ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20379
|
|
gcpio<2.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-14866
|
|
glib2>=2.60<2.63.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-6750
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6630
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6631
|
|
cacti<1.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-7106
|
|
delegate-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2015-7556
|
|
firefox36<3.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-2670
|
|
fwknop<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-4434
|
|
hiredis<0.14.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7105
|
|
isc-dhcpd<4.2.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-2748
|
|
isc-dhcpd<4.2.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-2749
|
|
jhead-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6624
|
|
jhead-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6625
|
|
kafka<2.0.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12399
|
|
libmysofa<0.9.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-20016
|
|
libmysofa<0.8 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-20063
|
|
libmysofa<1.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6860
|
|
libraw<0.17.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8366
|
|
libraw<0.17.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8367
|
|
ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6628
|
|
ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6629
|
|
moodle<2.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-0797
|
|
moodle<3.7.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14879
|
|
mysql-client<5.6.47 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
|
|
mysql-client>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
|
|
mysql-server<5.6.47 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
|
|
openjdk8<1.8.232 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA
|
|
openjdk11<1.11.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA
|
|
nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20352
|
|
nginx<1.16.1nb2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-20372
|
|
nginx>=1.17<1.17.7 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-20372
|
|
ntp-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-5209
|
|
openjpeg<2.3.1nb3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-6851
|
|
pcre<8.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2325
|
|
pcre<8.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2326
|
|
php{56,70,71}-concrete5<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-3183
|
|
php{56,71,72,73}-tiki6<6.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4336
|
|
phpmyadmin<4.9.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-5504
|
|
poppler<0.21.4 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2012-2142
|
|
qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7039
|
|
salt<2019.2.3 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-17361
|
|
slurm-wlm<18.08.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-19727
|
|
slurm-wlm<18.08.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19728
|
|
spamdyke<4.2.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0070
|
|
wireshark>=3.2.0<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7044
|
|
wireshark>=3.0.0<3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7045
|
|
wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16773
|
|
wordpress<5.3.1 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-16788
|
|
p5-Template-Toolkit<3.004 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19781
|
|
mariadb-server>=5.5<5.5.66 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2974
|
|
mariadb-client>=5.5<5.5.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-2574
|
|
cacti<1.2.9 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7237
|
|
cacti<1.2.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-17357
|
|
samba>=4.9<4.11.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19344
|
|
samba>=4.0<4.11.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14907
|
|
samba>=4.0<4.11.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2019-14902
|
|
libxml2<2.9.10nb1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20388
|
|
libxml2<2.9.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7595
|
|
webkit-gtk<2.26.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0001.html
|
|
vault>=0.11.0<1.3.2 operation-on-expired-resource https://nvd.nist.gov/vuln/detail/CVE-2020-7220
|
|
py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16792
|
|
webkit-gtk<2.14.0 multiple-vulnerabilities https://www.webkitgtk.org/security/WSA-2016-0006.html
|
|
freeciv-server<2.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6083
|
|
qemu<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5239
|
|
qemu<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5745
|
|
qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278
|
|
libressl<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5334
|
|
libressl<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5333
|
|
slurm-wlm<18.08.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6438
|
|
jenkins-lts<2.204.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2020-01-29/
|
|
jenkins<2.219 multiple-vulnerabilities https://jenkins.io/security/advisory/2020-01-29/
|
|
aspell>=0.60<0.60.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20433
|
|
consul<1.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7219
|
|
consul<1.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7955
|
|
exiv2<0.27.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20421
|
|
magento<1.9.4.4 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-02.html
|
|
mbedtls<2.16.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-18222
|
|
nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5209
|
|
nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5210
|
|
nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5211
|
|
nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5212
|
|
nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5213
|
|
nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5214
|
|
openjpeg<2.3.1nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8112
|
|
py{27,36,37,38}-feedgen<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-5227
|
|
python27<2.7.18nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492
|
|
python36<3.6.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492
|
|
python37<3.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492
|
|
python38<3.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492
|
|
spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1930
|
|
spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1931
|
|
sudo<1.8.26 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18634
|
|
u-boot<2020.04 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-8432
|
|
opensmtpd<6.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7247
|
|
php{53,54,55}-owncloud<5.0.15 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2014-2050
|
|
php{53,54,55}-owncloud>=6<6.0.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2014-2050
|
|
php{56,71,72,73,74}-tiki6-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-4558
|
|
vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9625
|
|
vlc<2.1.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2014-9626
|
|
vlc<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9627
|
|
vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9628
|
|
vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9629
|
|
vlc<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9630
|
|
lldpd<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-8011
|
|
lldpd<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8012
|
|
opensc-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2013-1866
|
|
p5-File-Temp-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-4116
|
|
perl-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-4116
|
|
p5-Module-Metadata<1.000015 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-1437
|
|
pwgen-[0-9]* weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2013-4441
|
|
py{26,27,33,34}-tornado<3.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9720
|
|
qt5-qtbase-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9541
|
|
librsvg<2.40.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20446
|
|
librsvg>=2.41<2.46.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20446
|
|
qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-1711
|
|
py{27,34,35,36,37,38}-django>=1.11<1.11.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471
|
|
py{34,35,36,37,38}-django>=2.2<2.2.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471
|
|
py{27,36,37,38}-waitress>=1.4.2<1.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-5236
|
|
pppd>=2.4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8597
|
|
qt5-qtbase<5.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-0569
|
|
qt5-qtbase<5.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-0570
|
|
mariadb-server>=10.4.7<10.4.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7221
|
|
ImageMagick<6.9.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7523
|
|
ImageMagick<7.0.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7523
|
|
ImageMagick<6.9.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7524
|
|
ImageMagick<7.0.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7524
|
|
clamav<0.102.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3123
|
|
evolution-data-server<3.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-4166
|
|
ipmitool<1.8.19 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-5208
|
|
libvncserver<0.9.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2010-5304
|
|
mcabber<1.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-9928
|
|
nghttp2<1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-1544
|
|
nodejs<10.19.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604
|
|
nodejs>=12<12.15.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604
|
|
nodejs>=13<13.8.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604
|
|
nodejs<10.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605
|
|
nodejs>=12<12.15.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605
|
|
nodejs>=13<13.8.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605
|
|
nodejs<10.19.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606
|
|
nodejs>=12<12.15.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606
|
|
nodejs>=13<13.8.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606
|
|
npm-[0-9]* modification-of-assumed-immutable-data https://nvd.nist.gov/vuln/detail/CVE-2020-8116
|
|
phppgadmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-10784
|
|
#python27-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs
|
|
#python36-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs
|
|
#python37-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs
|
|
qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8608
|
|
squid<4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12528
|
|
squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8449
|
|
squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8450
|
|
squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8517
|
|
zabbix-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2013-3628
|
|
php{56,72,73,74}-nextcloud<15.0.3 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-15612
|
|
php{56,72,73,74}-nextcloud<17.0.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15613
|
|
php{56,72,73,74}-nextcloud<17.0.0 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-15616
|
|
php{56,72,73,74}-nextcloud<17.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2019-15617
|
|
php{56,72,73,74}-nextcloud<15.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15618
|
|
php{56,72,73,74}-nextcloud<16.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15619
|
|
php{56,72,73,74}-nextcloud<16.0.2 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-15621
|
|
php{56,72,73,74}-nextcloud<16.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15623
|
|
php{56,72,73,74}-nextcloud<15.0.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15624
|
|
php{56,72,73,74}-nextcloud<14.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8117
|
|
php{56,72,73,74}-nextcloud<16.0.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8118
|
|
php{56,72,73,74}-nextcloud<17.0.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8119
|
|
php{56,72,73,74}-nextcloud<15.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8121
|
|
php{56,72,73,74}-nextcloud<15.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8122
|
|
nodejs-8.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
go112<1.12.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7919
|
|
go113<1.13.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7919
|
|
moodle<3.7.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14880
|
|
moodle>=3.7<3.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14881
|
|
moodle<3.7.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14882
|
|
moodle<3.7.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14883
|
|
moodle<3.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14884
|
|
moodle>=3.8<3.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-1691
|
|
php>=7.2<7.2.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059
|
|
php>=7.3<7.3.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059
|
|
php>=7.4<7.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059
|
|
php>=7.2<7.2.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060
|
|
php>=7.3<7.3.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060
|
|
php>=7.4<7.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060
|
|
ansible<2.9.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14904
|
|
ansible<2.9.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14905
|
|
libexif<0.6.21nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9278
|
|
php56-orangehrm-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1353
|
|
php{56,72,73,74}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8089
|
|
gd<2.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-14553
|
|
dovecot2<2.3.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7046
|
|
dovecot2<2.3.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7957
|
|
weechat<2.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8955
|
|
adobe-flash-player<32.0.0.255 type-confusion https://helpx.adobe.com/security/products/flash-player/apsb20-06.html
|
|
echoping-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-4448
|
|
lvm2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8991
|
|
pcre2<10.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20454
|
|
firefox<73.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/
|
|
cliqz<1.33.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/
|
|
tor-browser<9.0.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/
|
|
firefox68<68.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/
|
|
thunderbird<68.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/
|
|
postgresql96-server<9.6.17 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720
|
|
postgresql10-server<10.12 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720
|
|
postgresql11-server<11.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720
|
|
postgresql12-server<12.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720
|
|
postgresql94-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
webkit-gtk<2.26.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0002.html
|
|
moodle<3.7.2 information-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-1692
|
|
horde-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8518
|
|
zabbix<2.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-3738
|
|
php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6022
|
|
kdeplasma-addons4-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2013-2213
|
|
kdeplasma-addons4<4.10.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2013-2120
|
|
libarchive<3.4.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-9308
|
|
tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8128
|
|
cacti<1.2.10 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-8813
|
|
go-crypto<0.0.20200221 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9283
|
|
proftpd<1.3.6c out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-9272
|
|
proftpd<1.3.6c remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9273
|
|
ruby{22,24,25,26}-puppet>=6<6.13.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7942
|
|
py{27,36,37,38}-yaml>=5.1<5.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20477
|
|
py{27,36,37,38}-ruamel-yaml-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20478
|
|
sqlite3<3.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9327
|
|
ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4658
|
|
ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4659
|
|
ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4660
|
|
ansible<1.6.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4966
|
|
ansible<1.6.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4967
|
|
curl<7.49.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-4606
|
|
jasper<1.900.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-8751
|
|
libaudiofile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7747
|
|
netsurf<2.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0844
|
|
openjpeg<2.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3182
|
|
php{53,54,55}-owncloud<5.0.15 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-2052
|
|
php{53,54,55}-owncloud>=6<6.0.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-2052
|
|
php{54,55,56}-owncloud<8.0.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2015-4715
|
|
php>=5.6<5.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3622
|
|
python27<2.7.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-4650
|
|
rrdtool<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-6262
|
|
ruby{193,200}-nokogiri<1.5.4 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2012-6685
|
|
varnish<3.0.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2013-4090
|
|
apache-tomcat>=7.0.98<7.0.100 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569
|
|
apache-tomcat>=8.5.48<8.5.51 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569
|
|
apache-tomcat>=9.0.28<9.0.31 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569
|
|
apache-tomcat>=7.0.0<7.0.100 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935
|
|
apache-tomcat>=8.5.0<8.5.51 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935
|
|
apache-tomcat>=9.0.28<9.0.31 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935
|
|
pure-ftpd-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-9365
|
|
screen>=4.2.0<4.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-9366
|
|
sympa>=6.2.38<6.2.54 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9369
|
|
yarn<1.22.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8131
|
|
zsh<5.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-20044
|
|
opensmtpd<6.6.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-8793
|
|
opensmtpd<6.6.4 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-8794
|
|
pam-radius-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-9542
|
|
pure-ftpd-[0-9]* uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-9274
|
|
gd<2.2.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-6363
|
|
apache-tomcat>=7.0.0<7.0.100 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938
|
|
apache-tomcat>=8.5.0<8.5.51 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938
|
|
apache-tomcat>=9.0.28<9.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938
|
|
php>=7.3<7.3.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7061
|
|
php>=7.4<7.4.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7061
|
|
php>=7.2<7.2.28 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062
|
|
php>=7.3<7.3.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062
|
|
php>=7.4<7.4.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062
|
|
php>=7.2<7.2.28 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063
|
|
php>=7.3<7.3.15 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063
|
|
php>=7.4<7.4.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063
|
|
ruby{22,24,25,26}-puma<4.3.2 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-5247
|
|
wireshark<2.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428
|
|
wireshark>=3.0.0<3.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428
|
|
wireshark>=3.2.0<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428
|
|
wireshark>=3.2.0<3.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-9429
|
|
wireshark<2.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430
|
|
wireshark>=3.0.0<3.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430
|
|
wireshark>=3.2.0<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430
|
|
wireshark<2.6.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431
|
|
wireshark>=3.0.0<3.0.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431
|
|
wireshark>=3.2.0<3.2.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431
|
|
qt5-qtwebsockets-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21035
|
|
ruby{22,24,25,26}-puma<4.3.3 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-5249
|
|
webkit-gtk<2.28.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-10018
|
|
ansible-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1734
|
|
py{27,34,35,36,37,38}-django>=1.11<1.11.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402
|
|
py{34,35,36,37,38}-django>=2.2<2.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402
|
|
py{34,35,36,37,38}-django>=3.0<3.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402
|
|
qemu<4.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20382
|
|
py{27,34,35,36,37,38}-urllib3>=1.25.2<1.25.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7212
|
|
sleuthkit-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10232
|
|
sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10233
|
|
ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1737
|
|
firefox<74.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/
|
|
cliqz<1.34.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/
|
|
firefox68<68.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/
|
|
tor-browser<9.0.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/
|
|
thunderbird<68.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/
|
|
ImageMagick6<6.9.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10251
|
|
ImageMagick<7.0.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10251
|
|
ansible<2.9.7 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2020-1733
|
|
ansible-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1735
|
|
ansible<2.9.12 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-1736
|
|
ansible-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1738
|
|
ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1739
|
|
ansible<2.9.7 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2020-1740
|
|
ansible-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1753
|
|
bitcoin<0.17.1 log-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20586
|
|
icu<67.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10531
|
|
nethack-lib<3.6.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-5253
|
|
nethack-lib>=3.6.1<3.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-5254
|
|
gthumb<3.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20326
|
|
nagios-nrpe<4.0.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-6581
|
|
nagios-nrpe<4.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6582
|
|
npm<6.14.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7598
|
|
npm-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7608
|
|
ruby{22,24,25,26,27}-puppet<6.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7943
|
|
py{27,34,35,36,37}-twisted<16.3.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000111
|
|
py{27,36,37,38}-twisted<20.3.0rc1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-10108
|
|
py{27,36,37,38}-twisted<20.3.0rc1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-10109
|
|
python27<2.7.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1753
|
|
qemu<4.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15034
|
|
tcpdump-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-19325
|
|
yarn<1.19.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15608
|
|
tor<0.4.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10592
|
|
tor<0.4.2.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-10593
|
|
GraphicsMagick<1.3.32 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-12921
|
|
libvirt<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20485
|
|
u-boot<2018.03 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10648
|
|
mantis<2.21.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15539
|
|
squid<4.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-18860
|
|
freeradius>=3.0<3.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17185
|
|
php{56,72,73,74}-nextcloud<17.0.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8138
|
|
php{56,72,73,74}-nextcloud<18.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8139
|
|
phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10802
|
|
phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10803
|
|
phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10804
|
|
hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10809
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10810
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10811
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10812
|
|
vault>=0.9.0<1.3.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-10660
|
|
vault>=0.11<1.3.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-10661
|
|
weechat>=0.4.0<2.7.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9759
|
|
weechat>=0.3.4<2.7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-9760
|
|
trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17559
|
|
trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17559
|
|
trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17565
|
|
trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17565
|
|
trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1944
|
|
trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1944
|
|
py{27,36,37,38}-zim-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10870
|
|
horde-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8866
|
|
horde-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8865
|
|
memcached>=1.6.0<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10931
|
|
ansible-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10684
|
|
py{27,36,37,38}-yaml<5.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1747
|
|
GraphicsMagick<1.3.35 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10938
|
|
okular<20.04.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9359
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20629
|
|
gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20630
|
|
gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20631
|
|
gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20632
|
|
gpac<0.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20628
|
|
mbedtls<2.6.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10941
|
|
py{27,36,37,38}-bleach<3.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-6802
|
|
py{27,36,37,38}-bleach<3.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-6816
|
|
patch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20633
|
|
php{56,72,73,74}-piwigo<2.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-9467
|
|
jenkins<2.204.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-2160
|
|
jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2161
|
|
jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2162
|
|
jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2163
|
|
gst-rtsp-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6095
|
|
netbeans-ide<11.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17560
|
|
netbeans-ide<11.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-17561
|
|
pam-krb5<4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10595
|
|
php72-exif<7.2.29 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064
|
|
php73-exif<7.3.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064
|
|
php74-exif<7.4.4 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064
|
|
php>=7.3<7.3.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7065
|
|
php>=7.4<7.4.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7065
|
|
php>=7.2<7.2.29 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066
|
|
php>=7.3<7.3.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066
|
|
php>=7.4<7.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066
|
|
#phpmyadmin-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-11441 Disputed, see https://github.com/phpmyadmin/phpmyadmin/issues/16056
|
|
elasticsearch<6.8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7009
|
|
elasticsearch>=7.0.0<7.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7009
|
|
apache>=2.4.0<2.4.42 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-1934
|
|
apache>=2.4.0<2.4.42 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-1927
|
|
php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8966
|
|
ast-ksh-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-14868
|
|
haproxy<2.1.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11100
|
|
viewvc>=1.2<1.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-5283
|
|
viewvc<1.1.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-5283
|
|
firefox<74.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
|
|
cliqz<1.34.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
|
|
firefox68<68.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
|
|
tor-browser<9.0.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
|
|
mediawiki<1.34.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10960
|
|
gnutls>=3.6.3<3.6.13 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-11501
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-11558
|
|
qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11102
|
|
p5-Convert-ASN1<0.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2013-7488
|
|
codeblocks-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10814
|
|
sqlite3<3.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11655
|
|
sqlite3<3.32.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-11656
|
|
varnish>=5.0<6.0.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-20637
|
|
varnish>=6.0<6.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11653
|
|
libssh<0.9.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1730
|
|
firefox<75.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/
|
|
cliqz<1.35.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/
|
|
firefox68<68.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/
|
|
tor-browser<9.0.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/
|
|
wireshark<2.6.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647
|
|
wireshark>=3.0.0<3.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647
|
|
wireshark>=3.2.0<3.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647
|
|
wolfssl<4.4.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-11713
|
|
libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11721
|
|
git-base<2.25.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5260
|
|
git-base>=2.26<2.26.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5260
|
|
xenkernel411<4.11.3nb2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-313.html
|
|
xenkernel48-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-313.html
|
|
xenkernel411<4.11.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-318.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-318.html
|
|
xenkernel411<4.11.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-316.html
|
|
xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-316.html
|
|
webkit-gtk<2.28.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11793
|
|
openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11758
|
|
openexr<2.4.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11759
|
|
openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11760
|
|
openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11761
|
|
openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11762
|
|
openexr<2.4.1 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-11763
|
|
openexr<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11764
|
|
openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11765
|
|
squid-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12519
|
|
squid-[0-9]* cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2019-12520
|
|
squid-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12521
|
|
squid-[0-9]* bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2019-12522
|
|
squid-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12524
|
|
mbedtls<2.16.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10932
|
|
oracle-{jdk,jre}8<8.0.242 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA
|
|
openjdk7<1.7.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA
|
|
openjdk8<1.8.242 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA
|
|
openjdk11<1.11.0.7 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA
|
|
evolution<3.35.91 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-11879
|
|
mysql-server<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
mysql-server>=8<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
mysql-client<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
mysql-client>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
mysql-cluster<7.4.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
|
|
ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11894
|
|
ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11895
|
|
rclone-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-12907
|
|
py{27,36,37,38}-markdown2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11888
|
|
re2c>=1.2<2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11958
|
|
openssl>=1.1.1d<1.1.1g denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1967
|
|
teeworlds<0.7.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20787
|
|
teeworlds>=0.7<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12066
|
|
git-base<2.25.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11008
|
|
git-base>=2.26<2.26.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11008
|
|
openconnect<8.09 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-12105
|
|
ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11940
|
|
squid<4.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11945
|
|
ndpi-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11939
|
|
libvncserver-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20788
|
|
grafana<6.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12245
|
|
thunderbird<68.7.0 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/
|
|
mailman<2.1.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12137
|
|
qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1983
|
|
webkit-gtk<2.28.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0005.html
|
|
grafana<6.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12052
|
|
jbig2dec<0.18 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12268
|
|
libgit2<0.99.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12278
|
|
libgit2<0.99.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12279
|
|
opendmarc-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-20790
|
|
opendmarc-[0-9]* spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-12272
|
|
openvpn<2.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11810
|
|
qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11869
|
|
php>=7.2<7.2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067
|
|
php>=7.3<7.3.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067
|
|
php>=7.4<7.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067
|
|
ffmpeg4<4.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12284
|
|
libvirt<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-12430
|
|
opensc<0.20.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-20792
|
|
openldap-server<2.4.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12243
|
|
ruby{22,24,25,26,27}-json<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10663
|
|
qt5-qtbase<5.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-12267
|
|
re2c<3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-21232
|
|
ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-10691
|
|
salt<2019.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11651
|
|
salt<2019.2.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-11652
|
|
wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11025
|
|
wordpress<5.4.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11026
|
|
wordpress<5.4.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-11027
|
|
wordpress<5.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11028
|
|
wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11029
|
|
wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11030
|
|
cups-base<2.3.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-8842
|
|
cups-base<2.3.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-3898
|
|
php{56,72,73,74}-roundcube<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12625
|
|
php{56,72,73,74}-roundcube<1.4.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-12626
|
|
samba>=4.0<4.12.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10700
|
|
php{56,72,73,74}-roundcube<1.4.4 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2020-12640
|
|
php{56,72,73,74}-roundcube<1.4.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12641
|
|
ruby25-base<2.5.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933
|
|
ruby26-base<2.6.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933
|
|
ruby27-base<2.7.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933
|
|
qemu>=5.0.0<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10717
|
|
firefox<76.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/
|
|
cliqz<1.36.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/
|
|
firefox68<68.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/
|
|
tor-browser<9.0.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/
|
|
thunderbird<68.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/
|
|
ruby24-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
glpi<9.4.6 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-11034
|
|
glpi<9.4.6 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2020-11035
|
|
glpi>=9.1<9.4.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11033
|
|
glpi<9.4.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-11032
|
|
glpi<9.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11036
|
|
GraphicsMagick<1.3.36 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12672
|
|
samba>=4.0<4.11.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10704
|
|
samba>=4.12<4.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10704
|
|
mailman<2.1.31 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-12108
|
|
mongodb<3.6.18 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7921
|
|
mongodb>=4.0.0<4.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7921
|
|
ntp-[0-9]* timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-8956
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11046
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11048
|
|
freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11042
|
|
freerdp>1.2.0<2.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-11044
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11045
|
|
freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11047
|
|
freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11049
|
|
#py{27,36,37,38}-pip<21.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20225
|
|
tcpreplay<4.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12740
|
|
imlib2<1.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12761
|
|
json-c<0.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-12762
|
|
libexif<0.6.22 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-12767
|
|
ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10685
|
|
exim-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12783
|
|
php{56,72,73,74}-nextcloud<18.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8154
|
|
php{56,72,73,74}-nextcloud<18.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8155
|
|
openconnect<8.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12823
|
|
libcroco-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12825
|
|
glpi<9.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5248
|
|
glpi<9.4.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11060
|
|
freerdp>=1.1<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11058
|
|
glpi>=0.68.1<9.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11062
|
|
ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1746
|
|
clamav<0.102.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3327
|
|
clamav>=0.101<0.102.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3341
|
|
apache-ant>=1.1<1.9.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1945
|
|
apache-ant>=1.10<1.10.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1945
|
|
libexif<0.6.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-0093
|
|
transmission<3.00 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10756
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11521
|
|
ansible-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10744
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11522
|
|
freerdp>1.0.0<2.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11523
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11524
|
|
freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11525
|
|
freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11526
|
|
vlc<3.0.9 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2019-19721
|
|
yaws-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12872
|
|
cherokee-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20798
|
|
cherokee-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20799
|
|
cherokee-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-20800
|
|
dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10957
|
|
dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10958
|
|
dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10967
|
|
libreoffice<6.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-12801
|
|
prboom-plus<2.6.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20797
|
|
unbound<1.10.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-12662
|
|
unbound<1.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12663
|
|
knot<5.1.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-12667
|
|
bind>=9.11<9.11.19 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-8616
|
|
bind>=9.14<9.14.12 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-8616
|
|
bind>=9.11<9.11.19 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8617
|
|
bind>=9.14<9.14.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8617
|
|
couchdb>=3.0.0<3.0.1 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-1955
|
|
powerdns-recursor<4.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10030
|
|
powerdns-recursor<4.3.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-10995
|
|
powerdns-recursor<4.3.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12244
|
|
wireshark<2.6.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164
|
|
wireshark>=3.0<3.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164
|
|
wireshark>=3.2<3.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164
|
|
apache-tomcat>=7.0.0<7.0.104 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484
|
|
apache-tomcat>=8.5.0<8.5.55 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484
|
|
apache-tomcat>=9.0.0<9.0.35 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484
|
|
py{27,36,37,38}-httplib2<0.18.0 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-11078
|
|
zabbix<3.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11800
|
|
qmail-run<20200519 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513
|
|
adplug<2.3.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-17825
|
|
amarok-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13152
|
|
cacti<1.2.11 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13230
|
|
cacti<1.2.11 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2020-13231
|
|
freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13396
|
|
freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13397
|
|
freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13398
|
|
gitea<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13246
|
|
libexif<0.6.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13112
|
|
libexif<0.6.22 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13113
|
|
libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13114
|
|
mariadb-connector-c<3.1.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-13249
|
|
moodle<3.8.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-10738
|
|
php>=7.2<7.2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048
|
|
php>=7.3<7.3.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048
|
|
php>=7.4<7.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048
|
|
py{27,36,37,38}-meinheld<1.0.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-7658
|
|
ruby{24,25,26,27}-puma<4.3.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-11076
|
|
ruby{24,25,26,27}-puma<4.3.5 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-11077
|
|
slurm-wlm<19.05.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12693
|
|
qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1514
|
|
qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1515
|
|
grafana<7.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13430
|
|
sqlite3<3.32.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13434
|
|
sqlite3<3.32.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13435
|
|
ruby{22,24,25,26,27}-em-http-request-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13482
|
|
qore<0.9.4.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13615
|
|
qemu<5.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13253
|
|
sqlite<3.32.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13630
|
|
sqlite<3.32.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13631
|
|
sqlite<3.32.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-13632
|
|
sympa<6.2.56 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-10936
|
|
vim<8.1.0881 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20807
|
|
qemu<4.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-13361
|
|
qemu<4.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13362
|
|
glib-networking<2.64.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13645
|
|
balsa<2.6.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13645
|
|
php{56,70,71,72,73,74}-drupal>=8.7.4<8.7.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6342
|
|
freerdp<2.1.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-11017
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11018
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11019
|
|
freerdp<2.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11038
|
|
freerdp<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11039
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11040
|
|
freerdp<2.1.0 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11041
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11043
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11085
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11086
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11087
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11088
|
|
freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11089
|
|
firefox<77.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/
|
|
cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/
|
|
firefox68<68.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/
|
|
tor-browser<9.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/
|
|
thunderbird<68.9.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/
|
|
fossil<2.11.1 command-injection https://fossil-scm.org/forum/forumpost/0e1a0540fd
|
|
qt5-qtbase>=5.12.2<5.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13962
|
|
php{56,72,73,74}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13964
|
|
php{56,72,73,74}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13965
|
|
vlc<3.0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13428
|
|
nagios-base<4.4.6 url-injection https://nvd.nist.gov/vuln/detail/CVE-2020-13977
|
|
qemu>=4.2<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10761
|
|
vault<1.4.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12757
|
|
vault<1.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13223
|
|
libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-0182
|
|
libexif<0.6.23 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-0198
|
|
consul>=1.6.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12758
|
|
consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12797
|
|
consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13170
|
|
consul>=1.2.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13250
|
|
adobe-flash-player<32.0.0.387 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-30.html
|
|
wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4046
|
|
wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4047
|
|
wordpress<5.4.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-4048
|
|
wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4049
|
|
wordpress<5.4.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-4050
|
|
upx<3.96 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20805
|
|
sane-backends<1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12867
|
|
py{27,36,37,38}-rsa<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13757
|
|
grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18624
|
|
grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18625
|
|
grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18623
|
|
libvirt>=3.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10703
|
|
mediawiki<1.35 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10959
|
|
qemu<4.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13659
|
|
qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13754
|
|
znc>=1.8.0<1.8.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13775
|
|
ruby{22,24,25,26,27}-websocket-extensions<0.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7663
|
|
py{34,35,36,37,38}-django>=2.2<2.2.13 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254
|
|
py{34,35,36,37,38}-django>=3.0<3.0.7 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254
|
|
py{34,35,36,37,38}-django>=2.2<2.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596
|
|
py{34,35,36,37,38}-django>=3.0<3.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596
|
|
nghttp2<1.41.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11080
|
|
grafana>=3.0.1<7.0.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-13379
|
|
libjpeg-turbo<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13790
|
|
elasticsearch<6.8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7014
|
|
elasticsearch>=7.0.0<7.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7014
|
|
gnutls>=3.6.4<3.6.14 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-13777
|
|
qemu<5.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13765
|
|
qemu<5.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13791
|
|
qemu<5.1.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-13800
|
|
ntp<4.2.8p14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13817
|
|
ntp>=4.3<4.3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13817
|
|
qemu<5.0.0 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2020-10702
|
|
libupnp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13848
|
|
perl<5.30.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10543
|
|
perl<5.30.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12723
|
|
perl<5.30.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10878
|
|
sqlite3<3.32.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13871
|
|
pam-tacplus-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13881
|
|
ffmpeg2<2.8.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904
|
|
ffmpeg3<3.4.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904
|
|
ffmpeg4<4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904
|
|
ImageMagick-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13902
|
|
dbus>=1.3.0<1.12.18 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12049
|
|
libreoffice<6.4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-12802
|
|
libreoffice<6.4.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12803
|
|
xawtv<3.107 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-13696
|
|
nodejs>=12.0.0<12.18.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8172
|
|
nodejs>=14.0.0<14.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8172
|
|
sane-backends<1.0.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12861
|
|
sane-backends<1.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12862
|
|
sane-backends<1.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12863
|
|
sane-backends<1.0.30 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-12864
|
|
sane-backends<1.0.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12865
|
|
sane-backends<1.0.30 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12866
|
|
bison<3.5.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14150
|
|
caddy<0.10.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-21246
|
|
jpeg<9d unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14151
|
|
jpeg<9d denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14152
|
|
jpeg<9d out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14153
|
|
mutt<1.14.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14093
|
|
mutt<1.14.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14154
|
|
npm<6.14.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2017-18869
|
|
pcre<8.43 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20838
|
|
pcre<8.44 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14155
|
|
pound<2.8 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2018-21245
|
|
redis<6.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14147
|
|
ffmpeg4<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14212
|
|
libvncserver<0.9.13 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-21247
|
|
libvncserver<0.9.13 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20839
|
|
libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20840
|
|
libvncserver<0.9.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-14396
|
|
libvncserver<0.9.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-14397
|
|
libvncserver<0.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14398
|
|
libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14399
|
|
libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14400
|
|
libvncserver<0.9.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14401
|
|
libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14402
|
|
libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14403
|
|
libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14404
|
|
libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14405
|
|
cacti-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14295
|
|
bind>=9.16<9.16.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8618
|
|
bind>=9.11.14<9.11.20 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8619
|
|
bind>=9.14.9<9.16.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8619
|
|
adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9103
|
|
adns<1.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9104
|
|
adns<1.5.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9105
|
|
adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9106
|
|
adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9107
|
|
adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9108
|
|
adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9109
|
|
python35-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422
|
|
python36<3.6.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422
|
|
python37<3.7.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422
|
|
python38<3.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422
|
|
ruby{22,24,25,26,27}-rails42-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-rails51-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-rails52<5.2.4.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-rails60<6.0.3.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-actionpack42-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-actionpack51-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-actionpack52<5.2.4.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-actionpack60<6.0.3.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164
|
|
ruby{22,24,25,26,27}-rails42-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-rails51-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-rails52<5.2.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-rails60<6.0.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-actionpack42-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-actionpack51-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-actionpack52<5.2.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-actionpack60<6.0.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162
|
|
ruby{22,24,25,26,27}-rails42-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-rails51-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-rails52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-rails60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-actionview42-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-actionview51-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-actionview52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-actionview60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167
|
|
ruby{22,24,25,26,27}-rails42-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165
|
|
ruby{22,24,25,26,27}-rails51-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165
|
|
ruby{22,24,25,26,27}-rails52<5.2.4.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165
|
|
ruby{22,24,25,26,27}-rails60<6.0.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165
|
|
ruby{22,24,25,26,27}-rack<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184
|
|
ruby{22,24,25,26,27}-rack14-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184
|
|
ruby{22,24,25,26,27}-rack16-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184
|
|
go{19,110,113,114}-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040
|
|
go-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040
|
|
alpine<2.23 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14929
|
|
squirrelmail-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14933
|
|
squirrelmail-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14932
|
|
mutt<1.14.4 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14954
|
|
neomutt<20200619 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14954
|
|
php{56,70,71,72}-concrete5<8.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14961
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11095
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11096
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11099
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11098
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11097
|
|
chocolate-doom<3.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14983
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-4030
|
|
freerdp<2.1.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-4032
|
|
freerdp<2.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-4031
|
|
freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-4033
|
|
mailman<2.1.33 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15011
|
|
trafficserver<7.1.11 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9494
|
|
mediawiki<1.34.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-15005
|
|
ntp<4.2.8p15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15025
|
|
ntp>4.3<4.3.101 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15025
|
|
wolfssl<4.4.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-11735
|
|
net-snmp<5.8.1pre1 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-20892
|
|
trojita<0.8 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-15047
|
|
py{27,36,37,38}-Pillow<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10994
|
|
py{27,36,37,38}-Pillow<6.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10379
|
|
py{27,36,37,38}-Pillow<6.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10378
|
|
py{27,36,37,38}-Pillow<7.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11538
|
|
py{27,36,37,38}-Pillow<6.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10177
|
|
openexr<2.5.2 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2020-15304
|
|
openexr<2.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15306
|
|
openexr<2.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15305
|
|
apache-tomcat>=9.0.0<9.0.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11996
|
|
apache-tomcat>=8.5.0<8.5.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11996
|
|
magento<1.9.4.5 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-22.html
|
|
sqlite3<3.32.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15358
|
|
libraw<0.20.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-15365
|
|
firefox<78.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/
|
|
cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/
|
|
firefox68<68.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/
|
|
tor-browser<9.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/
|
|
thunderbird<68.10.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/
|
|
guacamole-server<1.2.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-9497
|
|
guacamole-server<1.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9498
|
|
hylafax-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15396
|
|
hylafax-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15397
|
|
libraw<0.19.5nb1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-15503
|
|
libvncserver<0.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18922
|
|
libmediainfo<20.03nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15395
|
|
ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15471
|
|
ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15472
|
|
ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15473
|
|
ndpi-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15474
|
|
ndpi-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15475
|
|
ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15476
|
|
openjpeg<2.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15389
|
|
openssh-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14145
|
|
putty>=0.68<0.74 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14002
|
|
powerdns-recursor<4.3.2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14196
|
|
qemu<5.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-15469
|
|
ruby{25,26,27}-rack<2.2.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-8161
|
|
ruby{25,26,27}-rack16-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-8161
|
|
ruby{25,26,27}-actionpack52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8166
|
|
ruby{25,26,27}-actionpack60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8166
|
|
ruby{25,26,27}-actionpack60<6.0.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8185
|
|
squid<4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14058
|
|
squid<4.12 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-15049
|
|
wireshark>=3.2.0<3.2.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-15466
|
|
milkytracker<1.03.00 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15569
|
|
php{56,72,73,74}-roundcube<1.4.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15562
|
|
samba<4.12.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10730
|
|
samba<4.12.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10745
|
|
samba<4.12.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10760
|
|
samba<4.12.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14303
|
|
webkit-gtk<2.28.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0006.html
|
|
xenkernel411<4.11.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-317.html
|
|
xenkernel413<4.13.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-317.html
|
|
xenkernel411<4.11.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-319.html
|
|
xenkernel413<4.13.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-319.html
|
|
xenkernel411<4.11.3nb3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-321.html
|
|
xenkernel413<4.13.1nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-321.html
|
|
xenkernel411<4.11.3nb3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-328.html
|
|
xenkernel413<4.13.1nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-328.html
|
|
xenkernel48-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xentools48-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
npm<6.14.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15095
|
|
apache-tomcat>=8.5.0<8.5.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11994
|
|
apache-tomcat>=7.0.0<7.0.76 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11994
|
|
qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10756
|
|
jetty>=9.4.27.20200227<9.4.30.20200611 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638
|
|
python27<2.7.18nb3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907
|
|
python35-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907
|
|
python36<3.6.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907
|
|
python37<3.7.9 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907
|
|
python38<3.8.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907
|
|
mysql-server<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
|
|
mysql-client<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
|
|
mysql-client>=8.0<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
|
|
oracle-{jdk,jre}8<8.0.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA
|
|
openjdk7<1.7.262 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA
|
|
openjdk8<1.8.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA
|
|
openjdk11<1.11.0.8 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA
|
|
apache-tomcat>=8.5<8.5.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13934
|
|
apache-tomcat>=9.0<9.0.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13934
|
|
apache-tomcat>=8.5<8.5.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13935
|
|
apache-tomcat>=9.0<9.0.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13935
|
|
openldap<2.4.50 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-15719
|
|
synergy<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15117
|
|
jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2220
|
|
jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2220
|
|
jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2221
|
|
jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2221
|
|
jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2222
|
|
jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2222
|
|
jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2223
|
|
jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2223
|
|
ruby{25,26,27}-kramdown<2.3.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-14001
|
|
glpi<9.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15108
|
|
zabbix>=4.0<4.0.22rc1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15803
|
|
go113<1.13.13 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14039
|
|
go114<1.14.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14039
|
|
go113<1.13.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15586
|
|
go114<1.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15586
|
|
evolution-data-server<3.36.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14928
|
|
radare2<4.5.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15121
|
|
clamav<0.102.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3481
|
|
clamav<0.102.4 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2020-3350
|
|
qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15859
|
|
qemu<5.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15863
|
|
lua54<5.4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15888
|
|
lua54<5.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15889
|
|
LuaJIT2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15890
|
|
magento<1.9.4.6 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-41.html
|
|
magento<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python27-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
claws-mail<3.17.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-15917
|
|
lua54<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15945
|
|
nodejs>=10<10.21.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174
|
|
nodejs>=12<12.18.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174
|
|
nodejs>=14<14.18.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174
|
|
openssh-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15778
|
|
grafana<6.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11110
|
|
libetpan-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-15953
|
|
py{27,36,37,38}-uvicorn<0.11.7 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7694
|
|
py{27,36,37,38}-uvicorn<0.11.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-7695
|
|
firefox<78.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/
|
|
cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/
|
|
thunderbird<78.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-29/
|
|
firefox<79.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-30/
|
|
cliqz-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-30/
|
|
firefox68<68.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/
|
|
tor-browser<9.5.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/
|
|
firefox78<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/
|
|
mozjs78<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/
|
|
thunderbird<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/
|
|
webkit-gtk<2.28.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0007.html
|
|
opendmarc>=1.3.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12460
|
|
cherokee>=0.4.27<1.2.104 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-12845
|
|
freerdp<2.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15103
|
|
ghostscript-agpl<9.53.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-15900
|
|
libX11<1.6.10 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-14344
|
|
fehqlibs<0.9.15 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513
|
|
claws-mail-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16094
|
|
freeDiameter-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6098
|
|
php{56,72,73,74}-typo3<10.4.6 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-15098
|
|
php{56,72,73,74}-typo3<10.4.6 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-15098
|
|
php{56,72,73,74}-concrete5<8.5.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11476
|
|
magento<2.3.5.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-9690
|
|
magento<2.3.5.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-9692
|
|
magento<2.3.5.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-9689
|
|
magento<2.3.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-9691
|
|
grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14308
|
|
grub2<2.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14309
|
|
grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14310
|
|
grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14311
|
|
grub2<2.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-15705
|
|
grub2<2.0.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15706
|
|
grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15707
|
|
grub2<2.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10713
|
|
balsa<2.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16118
|
|
libssh-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16135
|
|
evolution-data-server<3.35.91 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16117
|
|
ruby{25,26,27}-faye-websocket<0.11.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-15133
|
|
php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8966
|
|
radare2-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-16269
|
|
ark<20.04.1nb3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-16116
|
|
php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16131
|
|
modular-xorg-server<1.20.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-14347
|
|
lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-17353
|
|
go113<1.13.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-16845
|
|
go114<1.14.7 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-16845
|
|
apache<2.4.46 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11984
|
|
apache<2.4.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9490
|
|
apache<2.4.46 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-11993
|
|
apache<2.4.24 spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-11985
|
|
thunderbird<68.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/
|
|
qemu<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16092
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17487
|
|
jenkins-lts<2.235.4 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2020-08-12/
|
|
jenkins<2.252 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2020-08-12/
|
|
dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12100
|
|
dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12673
|
|
dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12674
|
|
mantis<2.24.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16266
|
|
py{27,36,37,38}-asyncpg<0.21.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-17446
|
|
php{56,72,73,74}-roundcube<1.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16145
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16287
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16288
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16289
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16290
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16291
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16292
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16293
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16294
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16295
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16296
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16297
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16298
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16299
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16300
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16301
|
|
ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16302
|
|
ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16303
|
|
ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16304
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16305
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16306
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16307
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16308
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16309
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16310
|
|
ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17538
|
|
qt5-qtbase<5.15.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-17507
|
|
wireshark>=3.2.0<3.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17498
|
|
lua54<5.4.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24342
|
|
nim-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15692
|
|
nim-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-15693
|
|
nim-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-15694
|
|
snmptt<1.4.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24361
|
|
jenkins-lts<2.235.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638
|
|
jenkins<2.243 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638
|
|
lua54<5.4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-24369
|
|
lua54<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24370
|
|
lua54<5.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-24371
|
|
LuaJIT2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24372
|
|
elasticsearch<6.8.12 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7019
|
|
elasticsearch>=7.0.0<7.9.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7019
|
|
curl>=7.29.0<7.72.0 expired-pointer-dereference https://curl.haxx.se/docs/CVE-2020-8231.html
|
|
fossil<2.12.1 remote-code-execution https://fossil-scm.org/forum/forumpost/9e114feec0
|
|
net-snmp<5.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15861
|
|
net-snmp<5.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15862
|
|
wolfssl<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12457
|
|
wolfssl<4.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15309
|
|
wolfssl<4.5.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-24585
|
|
apache-solr<8.6.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13941
|
|
mongodb>=4.5.0<4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923
|
|
mongodb>=4.4.0<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923
|
|
mongodb>=4.2.0<4.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923
|
|
mongodb>=4.0.0<4.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923
|
|
bind>=9.15.6<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8620
|
|
bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8620
|
|
bind>=9.14<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8621
|
|
bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8621
|
|
bind>=9.0<9.11.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622
|
|
bind>=9.12<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622
|
|
bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622
|
|
bind>=9.10<9.11.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623
|
|
bind>=9.12<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623
|
|
bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623
|
|
bind>=9.9.12<9.11.22 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624
|
|
bind>=9.12.1<9.16.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624
|
|
bind>=9.17<9.17.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624
|
|
postgresql10-server<10.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349
|
|
postgresql11-server<11.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349
|
|
postgresql12-server<12.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349
|
|
postgresql95-server<9.5.23 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350
|
|
postgresql96-server<9.6.19 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350
|
|
postgresql10-server<10.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350
|
|
postgresql11-server<11.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350
|
|
postgresql12-server<12.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350
|
|
chrony<3.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14367
|
|
firefox<80.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/
|
|
cliqz-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/
|
|
firefox68<68.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/
|
|
tor-browser<9.5.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/
|
|
firefox78<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/
|
|
mozjs78<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/
|
|
bison<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24240
|
|
nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24241
|
|
nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24242
|
|
squid<4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24606
|
|
wolfssl<4.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-24613
|
|
vault<1.2.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16251
|
|
vault<1.2.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16250
|
|
grafana<6.4.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-19499
|
|
php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15159
|
|
php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15155
|
|
php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15154
|
|
py{27,34,35,36,37,38}-flask-cors<3.0.9 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-25032
|
|
fossil<2.10.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24614
|
|
fossil>=2.12<2.12.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24614
|
|
rabbitmq<3.8.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-5419
|
|
qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14415
|
|
qemu<5.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12829
|
|
bind>=9.14<9.16 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{37,38}-django>=2.2<2.2.16 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24583
|
|
py{37,38}-django>=3.0<3.0.10 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24583
|
|
py{37,38}-django>=2.2<2.2.16 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24584
|
|
py{37,38}-django>=3.0<3.0.10 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24584
|
|
qemu<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-14364
|
|
apache-cassandra<2.2.18 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-13946
|
|
apache-cassandra>=3<3.11.8 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-13946
|
|
ark<20.04.1nb3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-24654
|
|
go114<1.14.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24553
|
|
go115<1.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24553
|
|
mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-16150
|
|
miller>=5.9.0<5.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15167
|
|
rebar3<3.14.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-13802
|
|
squid<4.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-15810
|
|
squid<4.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-15811
|
|
gnupg2>=2.2.21<2.2.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25125
|
|
bison<3.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24979
|
|
bison<3.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24980
|
|
ghostscript-agpl<9.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14373
|
|
gnutls<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24659
|
|
libxml2<2.9.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24977
|
|
nasm<2.15.05 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-24978
|
|
php{56,72,73,74}-concrete5<8.5.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-24986
|
|
py{27,36,37,38}-pip<19.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-20916
|
|
ruby{25,26,27}-bundler1-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-3881
|
|
ruby{25,26,27}-bundler<2.1.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-3881
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24996
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24999
|
|
netbeans-ide-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11986
|
|
openssl<1.1.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-1968
|
|
yaws<2.0.8 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-24916
|
|
yaws<2.0.8 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-24379
|
|
libproxy<0.4.15nb1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25219
|
|
php>=7.2<7.2.33 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068
|
|
php>=7.3<7.3.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068
|
|
php>=7.4<7.4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068
|
|
bitcoin>=0.16.0<0.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17145
|
|
bitcoin>=0.20.0<0.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14198
|
|
yarn-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15168
|
|
zeromq<4.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15166
|
|
p5-DBI<1.632 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7490
|
|
p5-DBI<1.628 stack-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7491
|
|
p5-DBI<1.632 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-10401
|
|
ansible<2.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14332
|
|
ansible<2.11.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14330
|
|
libX11<1.6.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14363
|
|
python35-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wordpress<5.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25286
|
|
modular-xorg-server<1.20.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14345
|
|
brotli<1.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8927
|
|
modular-xorg-server<1.20.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14346
|
|
modular-xorg-server<1.20.9 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2020-14361
|
|
modular-xorg-server<1.20.9 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2020-14362
|
|
p5-DBI<1.643nb3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-10402
|
|
p5-DBI<1.643 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-14392
|
|
p5-DBI<1.643 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-14393
|
|
libraw<0.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24890
|
|
libraw<0.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24889
|
|
gnuplot<5.2.8nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25412
|
|
gnuplot<5.2.8nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25559
|
|
p5-DBI<1.643 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20919
|
|
php{56,72,73,74}-soycms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15183
|
|
zoneminder<1.34.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25729
|
|
yed<3.20.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-25215
|
|
php{56,72,73,74}-soycms<3.0.2.328 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15188
|
|
php{56,72,73,74}-soycms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15189
|
|
nodejs>=12<12.18.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8201
|
|
nodejs>=14<14.11.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8201
|
|
nodejs>=14<14.11.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8251
|
|
nodejs<10.22.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252
|
|
nodejs>=12<12.18.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252
|
|
nodejs>=14<14.9.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252
|
|
php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25787
|
|
php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25789
|
|
php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25788
|
|
bsdiff-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14315
|
|
ansible<2.9.13 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14365
|
|
glpi<9.5.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-11031
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25595
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25595
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25596
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25596
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25597
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25597
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25598
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25598
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25599
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25599
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25600
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25600
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25601
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25601
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25602
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25602
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25603
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25603
|
|
xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25604
|
|
xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25604
|
|
python27<2.7.18nb3 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116
|
|
python35<3.5.10 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116
|
|
python36<3.6.12 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116
|
|
python37<3.7.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116
|
|
python38<3.8.5 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116
|
|
qemu<5.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25084
|
|
qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25085
|
|
qemu<5.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-25625
|
|
ruby-oauth-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2016-11086
|
|
tigervnc<1.11.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2020-26117
|
|
mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25812
|
|
mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25813
|
|
mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25814
|
|
mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25815
|
|
mediawiki<1.34.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25827
|
|
mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25828
|
|
mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25869
|
|
mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26120
|
|
mediawiki<1.34.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-26121
|
|
py{27,36,37,38}-rpyc>=4.1.0<4.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16328
|
|
py{27,36,37,38}-djangorestframework<3.12.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25626
|
|
grafana-[0-9]* signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-15216
|
|
vault>=1.5.0<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816
|
|
vault>=1.4.0<1.4.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816
|
|
mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25288
|
|
mantis<2.24.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25781
|
|
mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25830
|
|
py{27,36,37,38}-urllib3<1.25.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26137
|
|
go-jwt-go<4.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-26160
|
|
libproxy<0.4.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26154
|
|
oniguruma<6.9.6rc1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26159
|
|
apache-ant-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11979
|
|
powerdns<4.3.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-17482
|
|
powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24697
|
|
powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24698
|
|
powerdns<4.4.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-24696
|
|
thunderbird<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-41/
|
|
firefox<81 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/
|
|
cliqz-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
firefox78<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/
|
|
mozjs78<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/
|
|
tor-browser<10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/
|
|
thunderbird<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/
|
|
erlang>=22.3<22.3.4.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-25623
|
|
erlang>=23<23.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-25623
|
|
qemu-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25741
|
|
mupdf<1.18.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26519
|
|
php>=7.2<7.2.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069
|
|
php>=7.3<7.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069
|
|
php>=7.4<7.4.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069
|
|
php>=7.2<7.2.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070
|
|
php>=7.3<7.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070
|
|
php>=7.4<7.4.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070
|
|
thunderbird<68.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/
|
|
php{56,72,73,74}-nextcloud>=19<19.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223
|
|
php{56,72,73,74}-nextcloud>=18<18.0.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223
|
|
php{56,72,73,74}-nextcloud<17.0.8 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223
|
|
opensc<0.21.0rc1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26570
|
|
opensc<0.21.0rc1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26572
|
|
opensc<0.21.0rc1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26571
|
|
wireshark>=2.6<2.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862
|
|
wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862
|
|
wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862
|
|
wireshark>=2.6<2.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863
|
|
wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863
|
|
wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863
|
|
wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26575
|
|
spice-server<0.14.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14355
|
|
spice-gtk<0.14.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14355
|
|
qemu<5.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25742
|
|
qemu<5.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25743
|
|
glpi<9.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15176
|
|
glpi<9.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15175
|
|
glpi<9.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15217
|
|
glpi<9.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15226
|
|
glpi<9.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15177
|
|
sympa-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-26880
|
|
wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25866
|
|
wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25866
|
|
php{56,70,71,72,73,74}-phpmyadmin<4.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26934
|
|
php{56,70,71,72,73,74}-phpmyadmin<4.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26935
|
|
apache-tomcat>=9.0<9.0.38 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13943
|
|
apache-tomcat>=8.5<8.5.58 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13943
|
|
webmin<1.950 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12670
|
|
webmin<1.950 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8820
|
|
webmin<1.950 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8821
|
|
adobe-flash-player<32.0.0.445 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-58.html
|
|
ruby{25,26,27}-nexpose<6.6.49 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7383
|
|
gitea<1.13.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-14144
|
|
libass<0.15.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26682
|
|
magento<2.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24408
|
|
powerdns-recursor<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25829
|
|
py{27,36,37,38,39}-libtaxii<1.1.118 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-27197
|
|
qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24352
|
|
matrix-synapse<1.21.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26891
|
|
freetype2<2.10.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
|
|
suse{,32}_freetype2-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
|
|
tcpreplay<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24265
|
|
tcpreplay<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24266
|
|
nss<3.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25648
|
|
nss<3.46 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17006
|
|
nss<3.36.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18508
|
|
pam-tacplus-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-27743
|
|
firefox<82 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/
|
|
firefox78<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/
|
|
mozjs78<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/
|
|
tor-browser<10.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/
|
|
thunderbird<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/
|
|
grafana<7.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24303
|
|
samba<4.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14323
|
|
php{56,72,73,74}-basercms<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15273
|
|
php{56,72,73,74}-basercms<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15276
|
|
php{56,72,73,74}-basercms<4.4.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15277
|
|
tmux<3.1c buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27347
|
|
openjdk8<1.8.262 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA
|
|
openjdk11<1.11.0.9 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA
|
|
mysql-server<5.6.50 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.22 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL
|
|
mysql-cluster<7.4.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL
|
|
ImageMagick<7.0.10.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27560
|
|
ImageMagick6<6.9.11.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27560
|
|
asterisk>=13.0<13.37.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html
|
|
asterisk>=16.0<16.14.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html
|
|
asterisk>=17.0<17.8.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html
|
|
asterisk>=13.0<13.37.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html
|
|
asterisk>=16.0<16.14.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html
|
|
asterisk>=17.0<17.8.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html
|
|
cacti<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25706
|
|
consul<1.7.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25201
|
|
jetty<9.4.32.20200930 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-27216
|
|
libmaxminddb<1.4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28241
|
|
mit-krb5<1.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28196
|
|
packagekit<1.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-16121
|
|
packagekit<1.2.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16122
|
|
php{56,72,73,74}-nextcloud<19.0.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8133
|
|
php{56,72,73,74}-nextcloud<19.0.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-8150
|
|
php{56,72,73,74}-nextcloud<20.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8152
|
|
php{56,72,73,74}-nextcloud<19.0.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-8173
|
|
php{56,72,73,74}-nextcloud<19.0.1 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-8183
|
|
php{56,72,73,74}-nextcloud<19.0.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8236
|
|
php{56,72,73,74}-nextcloud<20.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8259
|
|
postgresql95-server<9.5.24 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694
|
|
postgresql96-server<9.6.20 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694
|
|
postgresql10-server<10.15 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694
|
|
postgresql11-server<11.10 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694
|
|
postgresql12-server<12.5 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694
|
|
postgresql13-server<13.1 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694
|
|
postgresql95-server<9.5.24 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695
|
|
postgresql96-server<9.6.20 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695
|
|
postgresql10-server<10.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695
|
|
postgresql11-server<11.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695
|
|
postgresql12-server<12.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695
|
|
postgresql13-server<13.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695
|
|
py{27,36,37,38,39}-moin<1.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15275
|
|
py{27,36,37,38,39}-moin<1.9.11 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-25074
|
|
py{27,36,37,38,39}-rsa<4.7 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-25658
|
|
python27<2.7.18nb4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619
|
|
python36<3.6.13 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619
|
|
python37<3.7.10 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619
|
|
python38<3.8.7rc1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619
|
|
python39<3.9.1rc1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619
|
|
qemu<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27616
|
|
qemu<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27617
|
|
raptor-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18926
|
|
raptor2<2.0.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18926
|
|
salt<2019.2.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-16846
|
|
salt<2019.2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17490
|
|
salt<2019.2.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25592
|
|
tcpdump<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8036
|
|
tcpdump<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8037
|
|
wireshark>=3.2.0<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28030
|
|
wordpress<5.5.2 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28032
|
|
wordpress<5.5.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-28033
|
|
wordpress<5.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-28034
|
|
wordpress<5.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28035
|
|
wordpress<5.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28036
|
|
wordpress<5.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28037
|
|
wordpress<5.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-28038
|
|
wordpress<5.5.2 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2020-28039
|
|
wordpress<5.5.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-28040
|
|
xenkernel411<4.11.4nb4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-28368
|
|
xenkernel413<4.13.2nb1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-28368
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217
|
|
firefox<82.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/
|
|
firefox78<78.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/
|
|
mozjs78<78.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/
|
|
tor-browser<10.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/
|
|
thunderbird<78.4.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/
|
|
firefox<83 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/
|
|
firefox78<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/
|
|
mozjs78<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/
|
|
tor-browser<10.0.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/
|
|
thunderbird<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/
|
|
go114<1.14.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28366
|
|
go115<1.15.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28366
|
|
go114<1.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28362
|
|
go115<1.15.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28362
|
|
go114<1.14.12 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28367
|
|
go115<1.15.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28367
|
|
py{27,33,34,35,36,37,38}-werkzeug<0.11.6 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-28724
|
|
influxdb<1.7.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-20933
|
|
py{27,34,35,36,37,38}-notebook<6.1.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-26215
|
|
rclone<1.53.3 weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2020-28924
|
|
mutt<2.0.2 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-28896
|
|
php{56,72,73,74}-pear<1.10.12nb2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2020-28948
|
|
php{56,72,73,74}-pear<1.10.12nb2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2020-28949
|
|
nodejs>=15<15.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277
|
|
nodejs>=14<14.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277
|
|
nodejs>=12<12.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277
|
|
moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698
|
|
moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698
|
|
moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698
|
|
moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698
|
|
moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700
|
|
moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700
|
|
moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700
|
|
moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700
|
|
moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701
|
|
moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701
|
|
moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701
|
|
moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701
|
|
moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699
|
|
moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699
|
|
moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699
|
|
moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699
|
|
moodle<3.5.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703
|
|
moodle>=3.7<3.7.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703
|
|
moodle>=3.8<3.8.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703
|
|
moodle>=3.9<3.9.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703
|
|
moodle>=3.9<3.9.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25702
|
|
libsixel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-19668
|
|
ImageMagick6<6.9.11.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19667
|
|
ImageMagick<7.0.10.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19667
|
|
php{56,70,71,72,73,74}-drupal>=7<7.74 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671
|
|
php{56,70,71,72,73,74}-drupal>=8.8<8.8.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671
|
|
php{56,70,71,72,73,74}-drupal>=8.9<8.9.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671
|
|
xpdf-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25725
|
|
webkit-gtk<2.30.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0008.html
|
|
webkit-gtk<2.30.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0009.html
|
|
blosc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-29367
|
|
consul<1.6.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-28053
|
|
gitea<1.12.6 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28991
|
|
jetty<9.4.35.20201120 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-27218
|
|
libslirp<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29129
|
|
qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29129
|
|
libslirp<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29130
|
|
qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29130
|
|
libvncserver<0.9.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25708
|
|
matrix-synapse<1.20.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26890
|
|
minidlna<1.3.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28926
|
|
mongodb<3.6.9 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20802
|
|
mongodb>=4.0<4.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20802
|
|
mongodb<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20803
|
|
mongodb>=4.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20803
|
|
mongodb<3.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20804
|
|
mongodb>=4.0<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20804
|
|
mongodb<3.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20805
|
|
mongodb>=4.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20805
|
|
mongodb<3.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2392
|
|
mongodb>=4<4.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2392
|
|
mongodb<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2393
|
|
mongodb>=4<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2393
|
|
mongodb>=4.0<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20923
|
|
mongodb>=4.2<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20924
|
|
mongodb<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20925
|
|
mongodb>=4<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20925
|
|
mongodb>=4<4.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7925
|
|
mongodb>=4.4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7926
|
|
mongodb<3.6.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7928
|
|
mongodb>=4<4.2.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7928
|
|
glpi<9.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27662
|
|
glpi<9.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27663
|
|
postgresql95-server<9.5.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696
|
|
postgresql96-server<9.6.20 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696
|
|
postgresql10-server<10.15 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696
|
|
postgresql11-server<11.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696
|
|
postgresql12-server<12.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696
|
|
postgresql13-server<13.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696
|
|
qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25624
|
|
slurm-wlm<19.05.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27745
|
|
slurm-wlm<19.05.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27746
|
|
php{56,72,73,74}-typo3<10.4.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26227
|
|
php{56,72,73,74}-typo3<10.4.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26228
|
|
php{56,72,73,74}-typo3<10.4.10 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-26229
|
|
x11vnc-[0-9]* improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-29074
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29040
|
|
ImageMagick6<6.9.11.40 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29599
|
|
ImageMagick<7.0.10.40 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29599
|
|
awstats<7.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29600
|
|
moodle<3.8.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25628
|
|
moodle>=3.9<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25628
|
|
moodle<3.8.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-25629
|
|
moodle>=3.9<3.9.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-25629
|
|
moodle<3.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25630
|
|
moodle>=3.9<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25630
|
|
moodle<3.8.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25631
|
|
moodle>=3.9<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25631
|
|
openldap-server<2.4.55 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25692
|
|
pngcheck-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27818
|
|
nsd<4.3.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28935
|
|
unbound<1.13.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28935
|
|
openssl<1.1.1i null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-1971
|
|
thunderbird<78.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/
|
|
ImageMagick<7.0.9.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25663
|
|
ImageMagick6<6.9.10.68 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25664
|
|
ImageMagick<7.0.8.68 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25664
|
|
ImageMagick6<6.9.10.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25665
|
|
ImageMagick<7.0.8.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25665
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25666
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25666
|
|
ImageMagick6<6.9.10.69 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25667
|
|
ImageMagick<7.0.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25667
|
|
ImageMagick6<6.9.10.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25674
|
|
ImageMagick<7.0.8.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25674
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25675
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25675
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25676
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25676
|
|
ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27750
|
|
ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27750
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27751
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27751
|
|
ImageMagick6<6.9.11.47 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27752
|
|
ImageMagick<7.0.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27752
|
|
ImageMagick6<6.9.10.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27753
|
|
ImageMagick<7.0.9.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27753
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27754
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27754
|
|
ImageMagick6<6.9.10.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27755
|
|
ImageMagick<7.0.9.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27755
|
|
ImageMagick6<6.9.10.69 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27756
|
|
ImageMagick<7.0.9.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27756
|
|
ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27757
|
|
ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27757
|
|
ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27758
|
|
ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27758
|
|
binutils<2.35 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-16590
|
|
binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16591
|
|
binutils<2.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-16592
|
|
binutils<2.35 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16593
|
|
binutils<2.35.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16598
|
|
binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16599
|
|
jasper<2.0.23 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27828
|
|
matrix-synapse<1.23.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26257
|
|
moodle<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25627
|
|
mupdf<1.17.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-16600
|
|
openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-16587
|
|
openexr<2.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16588
|
|
openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-16589
|
|
password-store-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-28086
|
|
phpldapadmin<1.2.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35132
|
|
py{27,36,37,38,39}-py-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29651
|
|
qemu<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27821
|
|
sympa<6.2.60 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29668
|
|
npm<7.1.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-7788
|
|
php{56,71,72,73,74}-tiki6-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-29254
|
|
awstats-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-35176
|
|
wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26418
|
|
wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26418
|
|
wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26419
|
|
wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26420
|
|
wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26420
|
|
wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26421
|
|
wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26421
|
|
ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27759
|
|
ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27759
|
|
ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27760
|
|
ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27760
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27761
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27761
|
|
ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27762
|
|
ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27762
|
|
ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27763
|
|
ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27763
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27764
|
|
ImageMagick<7.0.8.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27764
|
|
ImageMagick6<6.9.10.69 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27765
|
|
ImageMagick<7.0.9.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27765
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27766
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27767
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27767
|
|
ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27770
|
|
ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27770
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27771
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27771
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27772
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27772
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27773
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27773
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27774
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27774
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27775
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27775
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27776
|
|
php-7.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
apache-tomcat<8.5.60 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17527
|
|
apache-tomcat>=9.0<9.0.40 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17527
|
|
audacity-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11867
|
|
libvirt<6.6.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14339
|
|
libxls<1.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2910
|
|
poppler-utils<0.76.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27778
|
|
py{27,36,37,38,39}-lxml<4.6.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-27783
|
|
qemu<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25723
|
|
qemu<5.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-28916
|
|
samba<4.12.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14318
|
|
samba<4.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14383
|
|
curl<7.71.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8169
|
|
curl<7.71.0 local-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8177
|
|
curl<7.74.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8284
|
|
curl<7.74.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8285
|
|
curl<7.74.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8286
|
|
go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29509
|
|
go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29509
|
|
go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29510
|
|
go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29510
|
|
go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29511
|
|
go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29511
|
|
firefox<84 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/
|
|
firefox78<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/
|
|
mozjs78<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/
|
|
tor-browser<10.0.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/
|
|
thunderbird<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/
|
|
go-hugo<0.79.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-26284
|
|
kitty<0.19.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35605
|
|
webmin-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35606
|
|
nagios-base-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-35269
|
|
opensmtpd<6.8.0p1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35679
|
|
opensmtpd<6.8.0p1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35680
|
|
gdk-pixbuf2<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29385
|
|
gobby-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35450
|
|
libvorbis<1.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20412
|
|
pure-ftpd-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35359
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35376
|
|
openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27841
|
|
openjpeg<2.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-27842
|
|
openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27843
|
|
openjpeg<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27844
|
|
openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27845
|
|
php{56,71,72,73,74}-orangehrm<4.6.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29437
|
|
binutils<2.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35448
|
|
binutils<2.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35493
|
|
binutils<2.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35494
|
|
binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35495
|
|
binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35496
|
|
binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35507
|
|
dovecot<2.3.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-24386
|
|
dovecot<2.3.13 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25275
|
|
dropbear<2019.77 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-12953
|
|
ffmpeg4<4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35964
|
|
ffmpeg4<4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35965
|
|
gdm<3.38.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-27837
|
|
go-text-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28851
|
|
go-text-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28852
|
|
icinga-base>=2<2.12.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-29663
|
|
mantis<2.24.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28413
|
|
mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35849
|
|
mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35474
|
|
mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35475
|
|
mediawiki<1.35.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35477
|
|
mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35478
|
|
mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35479
|
|
mediawiki<1.35.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35480
|
|
modular-xorg-server<1.20.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25712
|
|
opendkim-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-35766
|
|
p11-kit<0.23.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-29361
|
|
p11-kit<0.23.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29362
|
|
p11-kit<0.23.22 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-29363
|
|
postsrsd<1.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35573
|
|
py{27,36,37,38,39}-autobahn<20.12.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-35678
|
|
py{27,36,37,38,39}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-26275
|
|
qemu<4.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20808
|
|
qemu<5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11947
|
|
php{56,72,73,74}-roundcube<1.4.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35730
|
|
ruby{25,26,27}-nokogiri<1.11.0 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-26247
|
|
vault<1.6.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2020-35177
|
|
vault<1.6.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35453
|
|
wavpack<5.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35738
|
|
wireshark>=3.4<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26422
|
|
xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29479
|
|
xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29479
|
|
xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29480
|
|
xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29480
|
|
xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29481
|
|
xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29481
|
|
xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29482
|
|
xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29482
|
|
xentools411<4.11.4nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-29483
|
|
xentools413<4.13.2nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-29483
|
|
xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29485
|
|
xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29485
|
|
xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29486
|
|
xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29486
|
|
xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29566
|
|
xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29566
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29568
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29568
|
|
xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29570
|
|
xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29570
|
|
xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29571
|
|
xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29571
|
|
xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29484
|
|
xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29484
|
|
xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29487
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29487
|
|
nodejs>=10<10.23.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265
|
|
nodejs>=12<12.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265
|
|
nodejs>=14<14.15.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265
|
|
nodejs>=10<10.23.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287
|
|
nodejs>=12<12.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287
|
|
nodejs>=14<14.15.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287
|
|
py{27,36,37,38,39}-cairosvg<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21236
|
|
ruby{25,26,27}-actionpack60>=6.0.0<6.0.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8264
|
|
wolfssl<4.6.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36177
|
|
php{56,72,73,74,80}-concrete5<8.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3111
|
|
vlc<3.0.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26664
|
|
cacti<1.2.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35701
|
|
py{27,36,37,38,39}-cryptography<3.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25659
|
|
jenkins<2.263.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-21602
|
|
jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21603
|
|
jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21604
|
|
jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21605
|
|
jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21606
|
|
jenkins<2.263.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21607
|
|
jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21608
|
|
jenkins<2.263.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21609
|
|
jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21610
|
|
jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21611
|
|
R<4.0.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-27637
|
|
py{27,36,37,38,39}-Pillow<8.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35653
|
|
py{27,36,37,38,39}-Pillow<8.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35654
|
|
py{27,36,37,38,39}-Pillow<8.1.0 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2020-35655
|
|
py{27,36,37,38,39}-m2crypto-[0-9]* timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25657
|
|
ruby{25,26,27}-redcarpet<3.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26298
|
|
sudo<1.9.5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-23239
|
|
sudo<1.9.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-23240
|
|
apache-tomcat<7.0.107 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122
|
|
apache-tomcat>=8.5<8.5.60 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122
|
|
apache-tomcat>=9.0<9.0.40 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122
|
|
elasticsearch>=7.7.0<7.10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22132
|
|
erlang>=23.2<23.2.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-35733
|
|
php{56,72,73,74}-owncloud<10.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16255
|
|
mysql-client<5.6.51 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
|
|
mysql-client>=5.7<5.7.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
|
|
mysql-client>=8.0<8.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
|
|
mysql-server<5.6.51 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
|
|
dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25681
|
|
dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25682
|
|
dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25683
|
|
dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25684
|
|
dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25685
|
|
dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25686
|
|
dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25687
|
|
mutt<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3181
|
|
SDL2<2.0.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14409
|
|
SDL2<2.0.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14410
|
|
guacamole-server<1.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11997
|
|
modular-xorg-server<1.20.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-14360
|
|
php{56,72,73,74}-pear<1.10.12nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-36193
|
|
py{27,36,37,38,39}-bottle<0.12.19 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-28473
|
|
py{27,36,37,38,39}-tornado-[0-9]* cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-28476
|
|
python27<2.7.18nb4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177
|
|
python36<3.6.13 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177
|
|
python37<3.7.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177
|
|
python38<3.8.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177
|
|
python39<3.9.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177
|
|
firefox<84.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/
|
|
firefox78<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/
|
|
mozjs78<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/
|
|
tor-browser<10.0.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/
|
|
thunderbird<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-02/
|
|
firefox<85 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/
|
|
firefox78<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
|
|
mozjs78<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
|
|
tor-browser<10.0.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
|
|
moodle<3.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20183
|
|
moodle<3.10.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20184
|
|
moodle<3.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20185
|
|
moodle<3.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20186
|
|
moodle<3.10.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-20187
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36221
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36222
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36223
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36224
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36225
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36226
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36227
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36228
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36229
|
|
openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36230
|
|
asterisk>=13.0<13.38.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-003.html
|
|
asterisk>=16.0<16.15.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-003.html
|
|
asterisk>=13.0<13.38.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-004.html
|
|
asterisk>=16.0<16.15.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-004.html
|
|
bitcoin-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3195
|
|
go114<1.14.14 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3114
|
|
go115<1.15.7 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3114
|
|
go114<1.14.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3115
|
|
go115<1.15.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3115
|
|
gst-plugins1-bad<1.16.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3185
|
|
jasper<2.0.25 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3272
|
|
jenkins<2.263.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21615
|
|
libgcrypt<1.9.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3345
|
|
mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29603
|
|
mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29604
|
|
mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29605
|
|
ImageMagick<7.0.10.62 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20176
|
|
ImageMagick6<6.99.11.62 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20176
|
|
apache-cassandra<2.2.20 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-17516
|
|
apache-cassandra>=3<3.11.24 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-17516
|
|
bitcoin<0.19.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3401
|
|
gitea<1.13.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3382
|
|
gnome-autoar-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-36241
|
|
mit-krb5-appl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-25017
|
|
mit-krb5-appl-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-25018
|
|
nim<1.2.6 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-15690
|
|
opendoas>=6.6<6.8.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25016
|
|
openjpeg<2.4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27814
|
|
php{56,72,73,74}-nextcloud<20.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8293
|
|
php{56,72,73,74}-nextcloud<20.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8294
|
|
php{56,72,73,74}-nextcloud<20.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8295
|
|
py{36,37,38,39}-django>=2.2<2.2.18 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281
|
|
py{36,37,38,39}-django>=3.1<3.1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281
|
|
py{27,36,37,38,39}-jinja2<2.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28493
|
|
qemu<5.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-17380
|
|
qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29443
|
|
vault<1.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25594
|
|
vault<1.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3024
|
|
ruby{25,26,27}-mechanize<2.7.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-21289
|
|
sudo<1.9.5p2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-3156
|
|
wolfssl-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3336
|
|
xenkernel413<4.13.2nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3308
|
|
ruby{25,26,27}-activerecord52<5.2.4.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22880
|
|
ruby{25,26,27}-activerecord60<6.0.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22880
|
|
ruby{25,26,27}-actionpack60<6.0.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22881
|
|
asterisk<13.38.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35776
|
|
asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35776
|
|
asterisk<13.82.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26712
|
|
asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26712
|
|
asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26713
|
|
asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26717
|
|
asterisk<13.38.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26906
|
|
asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26906
|
|
ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27768
|
|
ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27768
|
|
autotrace-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19004
|
|
autotrace-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2019-19005
|
|
bind<9.11.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8625
|
|
bind>=9.12<9.16.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8625
|
|
botan<2.17.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24115
|
|
dbus<1.12.20 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35512
|
|
elasticsearch<6.8.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7021
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26220
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26221
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26222
|
|
fluent-bit-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27186
|
|
fontforge<20200314 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25690
|
|
glib2<2.66.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-27218
|
|
glib2<2.66.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-27219
|
|
gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13574
|
|
gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13575
|
|
gsoap<2.8.111 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13576
|
|
gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13577
|
|
gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13578
|
|
isync<1.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20247
|
|
jasper<2.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26926
|
|
jasper<2.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26927
|
|
libcaca-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3410
|
|
libebml<1.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3405
|
|
libmysofa<1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36148
|
|
libmysofa<1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36149
|
|
libmysofa<1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36150
|
|
libmysofa<1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36151
|
|
libmysofa<1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36152
|
|
libxls<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27819
|
|
libzip<1.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17582
|
|
mantis<2.25.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35571
|
|
mumble<1.3.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-27229
|
|
mupdf<1.19.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-3407
|
|
openscad<2021.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28599
|
|
openssl<1.0.2y protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2021-23839
|
|
openssl<1.1.1j integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23840
|
|
openssl<1.1.1j denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-23841
|
|
opnldap-server<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27212
|
|
php>=7.3<7.3.26 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7071
|
|
php>=7.4<7.4.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7071
|
|
php{56,72,73,74}-owncloud<10.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-10252
|
|
php{56,72,73,74}-owncloud<10.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10254
|
|
php{56,72,73,74}-owncloud<10.6 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-28644
|
|
php{56,72,73,74}-owncloud<10.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-28645
|
|
php{56,72,73,74}-owncloud<10.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36251
|
|
php{56,72,73,74}-owncloud<10.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36252
|
|
php73-soap<7.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21702
|
|
php74-soap<7.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21702
|
|
postgresql95-server<9.5.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql96-server<9.6.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql10-server<10.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql11-server<11.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql12-server<12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql13-server<13.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql95-server<9.5.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229
|
|
postgresql96-server<9.6.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229
|
|
postgresql10-server<10.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229
|
|
postgresql11-server<11.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229
|
|
postgresql12-server<12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229
|
|
postgresql13-server<13.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229
|
|
py{27,36,37,38,39}-channels<3.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35681
|
|
py{27,36,37,38,39}-cryptography<3.3.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36242
|
|
python27<2.7.18nb4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336
|
|
python36<3.6.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336
|
|
python37<3.7.10 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336
|
|
python38<3.8.8 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336
|
|
python39<3.9.2 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336
|
|
py{27,36,37,38,39}-yaml<5.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-14343
|
|
py{27,36,37,38,39}-httplib2<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21240
|
|
thunderbird<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/
|
|
firefox<85.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/
|
|
firefox78<78.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/
|
|
mozjs78<78.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/
|
|
firefox<86 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/
|
|
firefox78<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/
|
|
mozjs78<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/
|
|
tor-browser<10.0.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/
|
|
thunderbird<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/
|
|
apache-tomcat>=8.5<8.5.63 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25122
|
|
apache-tomcat>=9.0<9.0.43 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25122
|
|
apache-tomcat>=7.0<7.0.108 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329
|
|
apache-tomcat>=8.5<8.5.63 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329
|
|
apache-tomcat>=9.0<9.0.43 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28601
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28636
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35628
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35636
|
|
dropbear<2020.79 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-36254
|
|
grub2<2.06 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14372
|
|
grub2<2.06 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25632
|
|
grub2<2.06 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25647
|
|
grub2<2.06 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27749
|
|
grub2<2.06 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-27779
|
|
grub2<2.06 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20225
|
|
grub2<2.06 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20233
|
|
jetty<9.4.36.20210219 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27223
|
|
libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3403
|
|
libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3404
|
|
mantis<2.24.5 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2009-20001
|
|
matrix-synapse<1.25.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21273
|
|
matrix-synapse<1.25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21274
|
|
mongodb<3.6.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25004
|
|
mongodb>=4.0<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25004
|
|
mongodb<3.6.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7929
|
|
mongodb>=4.0<4.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7929
|
|
nats-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28466
|
|
nodejs>=10<10.24.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883
|
|
nodejs>=12<12.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883
|
|
nodejs>=14<14.16.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883
|
|
nodejs>=10<10.24.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884
|
|
nodejs>=12<12.21.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884
|
|
nodejs>=14<14.16.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884
|
|
openssh<8.5 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-28041
|
|
owncloudclient<2.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28646
|
|
webkit-gtk<2.30.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0001.html
|
|
glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21255
|
|
glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21258
|
|
glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21312
|
|
glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21313
|
|
glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21314
|
|
php{56,72,73,74,80}-nextcloud<20.0.0 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-8296
|
|
php{56,72,73,74,80}-nextcloud<20.0.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2021-22877
|
|
php{56,72,73,74,80}-nextcloud<20.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-22878
|
|
py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27921
|
|
py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27922
|
|
py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27923
|
|
py{27,36,37,38,39}-aiohttp<3.7.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21330
|
|
py{27,36,37,38,39}-markdown2<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26813
|
|
qemu<6.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20203
|
|
redis<6.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21309
|
|
php{56,72,73,74,80}-roundcube<1.4.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-26925
|
|
salt<3002.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28243
|
|
salt<3002.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-28972
|
|
salt<3002.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35662
|
|
salt<3002.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25281
|
|
salt<3002.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25282
|
|
salt<3002.5 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-25283
|
|
salt<3002.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25284
|
|
salt<3002.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3144
|
|
salt<3002.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3148
|
|
salt<3002.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3197
|
|
screen<4.8.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26937
|
|
steghide-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-27211
|
|
stunnel<5.57 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20230
|
|
u-boot<2021.04 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-27097
|
|
u-boot<2021.04 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-27138
|
|
wireshark<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22173
|
|
wireshark<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22174
|
|
wpa_supplicant<2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27803
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27379
|
|
xterm<366 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27135
|
|
zabbix<4.0.28 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-27927
|
|
zstd<1.4.1 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-24031
|
|
zstd<1.4.9 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-24032
|
|
ap24-subversion<1.14.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17525
|
|
cairo<1.16.0nb4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35492
|
|
gitea<1.13.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28378
|
|
gnome-autoar<0.3.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28650
|
|
grafana<7.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27358
|
|
grub2<2.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3418
|
|
libmediainfo<20.03nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26797
|
|
mariadb-server<10.4.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-27928
|
|
moodle<3.7.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-14828
|
|
moodle<3.7.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-14829
|
|
moodle<3.7.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14830
|
|
moodle<3.7.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14831
|
|
moodle<3.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20279
|
|
moodle<3.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20280
|
|
moodle<3.10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20281
|
|
moodle<3.10.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20282
|
|
moodle<3.10.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20283
|
|
nats-server<2.2.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2021-3127
|
|
php{56,72,73,74,80}-concrete5<8.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28145
|
|
py{27,36,37,38,39}-Pillow<8.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25289
|
|
py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25290
|
|
py{27,36,37,38,39}-Pillow<8.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25291
|
|
py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25292
|
|
py{27,36,37,38,39}-Pillow<8.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25293
|
|
py{27,36,37,38,39}-pygments<2.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27291
|
|
py{27,36,37,38,39}-urllib3<1.26.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-28363
|
|
qemu<5.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3416
|
|
ruby{25,26,27,30}-kramdown<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-28834
|
|
squid4<4.14 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-25097
|
|
tor<0.4.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28089
|
|
tor<0.4.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28090
|
|
wireshark<3.4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22191
|
|
ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20241
|
|
ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20241
|
|
ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20243
|
|
ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20244
|
|
ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20245
|
|
ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20245
|
|
ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20246
|
|
ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20246
|
|
elasticsearch>=7.6.0<7.11.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22134
|
|
git-base<2.30.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-21300
|
|
glib2<2.66.8 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-28153
|
|
gnutls<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-20231
|
|
gnutls<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-20232
|
|
webkit-gtk<2.30.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0002.html
|
|
spamassassin<3.4.5 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1946
|
|
webkit-gtk<2.32.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0003.html
|
|
ImageMagick<7.0.10.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27829
|
|
binutils-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20197
|
|
binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20284
|
|
go115<1.15.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27918
|
|
go116<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27918
|
|
go116<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27919
|
|
gsoap-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21783
|
|
gtar-base<1.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20193
|
|
ircII<20210314 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29376
|
|
jasper<2.0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3443
|
|
jasper<2.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3467
|
|
leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36277
|
|
leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36278
|
|
leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36279
|
|
leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36280
|
|
leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36281
|
|
libass<0.15.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-24994
|
|
libjpeg-turbo<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20205
|
|
libmicrohttpd<0.9.71 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3466
|
|
matrix-synapse<1.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21332
|
|
matrix-synapse<1.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21333
|
|
firefox<87 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/
|
|
firefox78<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/
|
|
mozjs78<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/
|
|
tor-browser<10.0.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/
|
|
thunderbird<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3474
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3475
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3476
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3477
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3478
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3479
|
|
openssl<1.1.1k remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3449
|
|
openssl<1.1.1k improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3450
|
|
php{56,73,74,80}-basercms<4.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20681
|
|
php{56,73,74,80}-basercms<4.4.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-20682
|
|
php{56,73,74,80}-basercms<4.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20683
|
|
glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21324
|
|
glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21325
|
|
glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21326
|
|
glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21327
|
|
privoxy<3.0.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35502
|
|
privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20210
|
|
privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20211
|
|
privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20212
|
|
privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20213
|
|
privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20214
|
|
privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20215
|
|
privoxy<3.0.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20216
|
|
privoxy<3.0.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20217
|
|
privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20272
|
|
privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20273
|
|
privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20274
|
|
privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20275
|
|
privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20276
|
|
py{27,36,37,38,39}-lxml<4.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28957
|
|
py{27,36,37,38,39}-pygments<2.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20270
|
|
p5-Data-Validate-IP<0.30 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-29662
|
|
qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20255
|
|
qemu>=2.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3392
|
|
qemu<6.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3409
|
|
redis<6.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3470
|
|
rpm<4.16.1.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-20271
|
|
curl<7.76.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22876
|
|
curl<7.76.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-22890
|
|
jetty<9.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28165
|
|
jetty<9.4.39 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28163
|
|
jetty<9.4.39 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28164
|
|
openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20296
|
|
php{56,72,73,74,80}-piwigo<11.4.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-27973
|
|
postgresql95-server<9.5.25 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql96-server<9.6.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql10-server<10.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql11-server<11.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql12-server<12.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
postgresql13-server<13.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393
|
|
py{27,36,37,38,39}-django-registration<3.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21416
|
|
ruby{25,26,27,30}-redmine41<4.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29274
|
|
shibboleth-sp<3.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28963
|
|
squid4-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28116
|
|
tiff<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35521
|
|
tiff<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35522
|
|
tiff<4.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35523
|
|
tiff<4.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35524
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20285
|
|
wpa_supplicant<2.10 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-30004
|
|
zeromq<4.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20234
|
|
zeromq<4.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20235
|
|
php{56,72,73,74,80}-typo3<10.4.14 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21338
|
|
php{56,72,73,74,80}-typo3<10.4.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21339
|
|
php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21340
|
|
php{56,72,73,74,80}-typo3<10.4.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-21355
|
|
php{56,72,73,74,80}-typo3<10.4.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-21357
|
|
php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21358
|
|
php{56,72,73,74,80}-typo3<10.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21359
|
|
php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21370
|
|
ffmpeg3<3.4.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24995
|
|
htmldoc-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20308
|
|
libpano13-[0-9]* format-string https://nvd.nist.gov/vuln/detail/CVE-2021-20307
|
|
nettle<3.7.2 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2021-20305
|
|
ruby{25,26,27,30}-redmine41<4.1.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30164
|
|
ruby{25,26,27,30}-redmine40<4.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30164
|
|
ruby{25,26,27,30}-redmine41<4.1.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30163
|
|
ruby{25,26,27,30}-redmine40<4.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30163
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30158
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30157
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30154
|
|
p5-Net-Netmask<2.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29424
|
|
py{36,37,38,39}-django>=2.2<2.2.20 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658
|
|
py{36,37,38,39}-django>=3<3.0.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658
|
|
py{36,37,38,39}-django>=3.1<3.1.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658
|
|
ruby{25,26,27,30}-redmine41<4.1.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36308
|
|
ruby{25,26,27,30}-redmine40<4.0.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36308
|
|
ruby{25,26,27,30}-redmine41<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36307
|
|
ruby{25,26,27,30}-redmine40<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36307
|
|
ruby{25,26,27,30}-redmine41<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36306
|
|
ruby{25,26,27,30}-redmine40<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36306
|
|
ruby{25,26,27,30}-redmine<3.4.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-25026
|
|
ruby{25,26,27,30}-redmine40>=4<4.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-25026
|
|
syncthing<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21404
|
|
gnuchess-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30184
|
|
jenkins<2.287 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21640
|
|
jenkins-lts<2.277.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21640
|
|
jenkins<2.287 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21639
|
|
jenkins-lts<2.277.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21639
|
|
file-roller<3.39.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-36314
|
|
ffmpeg4<4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30123
|
|
mosquitto>=2<2.0.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-28166
|
|
clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1405
|
|
clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1404
|
|
clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1252
|
|
exiv2<0.27.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3482
|
|
dnsmasq<2.85 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-3448
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30159
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30155
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30152
|
|
mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30156
|
|
ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30485
|
|
rust<1.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28879
|
|
rust<1.53 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28878
|
|
rust<1.51.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28877
|
|
rust<1.50.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28875
|
|
rust<1.49.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-36318
|
|
rust<1.52.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28876
|
|
rust<1.49.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-36317
|
|
rust<1.2.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-20001
|
|
py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26272
|
|
py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26271
|
|
py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21254
|
|
ampache<4.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21399
|
|
binutils<2.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3487
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31229
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31347
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31348
|
|
fluidsynth<2.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-28421
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-28300
|
|
gradle<7.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29427
|
|
gradle<7.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-29428
|
|
gradle<7.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29429
|
|
libexif<0.6.23 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27815
|
|
libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36120
|
|
matrix-synapse<1.28.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21392
|
|
matrix-synapse<1.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21393
|
|
matrix-synapse<1.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21394
|
|
mongodb<3.6.21 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7924
|
|
mongodb>=4.0<4.2.11 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7924
|
|
openjpeg<2.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29338
|
|
rust<1.19.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2017-20004
|
|
rust<1.29.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-25008
|
|
rust<1.50.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36323
|
|
rust<1.53.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-31162
|
|
wordpress<5.7.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-29447
|
|
wordpress<5.7.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29450
|
|
gstreamer1<1.18.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3498
|
|
gstreamer1<1.18.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3497
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31262
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-31261
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31260
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31259
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31257
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31258
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-31256
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31255
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31254
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30199
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30020
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30022
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30014
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30019
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30015
|
|
exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29458
|
|
exiv2<0.27.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29457
|
|
py{36,37,38,39}-wagtail<2.12.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29434
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29279
|
|
php{56,72,73,74,80}-composer<2.0.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-29472
|
|
mysql-server>=5.7<5.7.34 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.24 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL
|
|
ampache<4.2.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15153
|
|
ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20228
|
|
apache-maven<3.8.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-26291
|
|
authelia<4.28.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-29456
|
|
bind<9.11.31 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25214
|
|
bind>=9.12<9.16.15 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25214
|
|
bind<9.11.31 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25215
|
|
bind>=9.12<9.16.15 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25215
|
|
bind<9.11.31 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25216
|
|
bind>=9.12<9.16.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25216
|
|
binutils<2.35.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20294
|
|
consul<1.9.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25864
|
|
exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29463
|
|
exiv2<0.27.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29464
|
|
exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29470
|
|
exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29473
|
|
ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31598
|
|
fluidsynth<2.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21417
|
|
giflib-util-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23922
|
|
go-xz<0.5.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29482
|
|
gpac<1.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-23928
|
|
gpac<1.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23930
|
|
gpac<1.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-23931
|
|
gpac<1.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23932
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35979
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35980
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35981
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35982
|
|
graphviz<2.46.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-18032
|
|
jhead<3.06.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3496
|
|
libupnp<1.14.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29462
|
|
modular-xorg-server<1.20.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-3472
|
|
mongodb>=4.4<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20326
|
|
openjdk8<1.8.282 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA
|
|
openjdk11<1.11.0.11 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA
|
|
openvpn<2.5.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-15078
|
|
p5-Image-ExifTool<12.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22204
|
|
php{56,72,73,74,80}-orangehrm-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2021-28399
|
|
py{27,36,37,38,39}-django-filter<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15225
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21391
|
|
rpm<4.17.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-20266
|
|
ruby{25,26,27,30}-bundler<2.2.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-36327
|
|
ruby{25,26,27,30}-redmine40<4.0.9 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-31863
|
|
ruby{25,26,27,30}-redmine41<4.1.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-31863
|
|
ruby{25,26,27,30}-redmine40<4.0.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31864
|
|
ruby{25,26,27,30}-redmine41<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31864
|
|
ruby{25,26,27,30}-redmine40<4.0.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31865
|
|
ruby{25,26,27,30}-redmine41<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31865
|
|
ruby{25,26,27,30}-redmine40<4.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31866
|
|
ruby{25,26,27,30}-redmine41<4.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31866
|
|
ruby{25,26,27,30}-rexml<3.2.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-28965
|
|
salt<3002.7 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31607
|
|
samurai-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30218
|
|
samurai-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30219
|
|
shibboleth-sp<3.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-31826
|
|
unbound<1.9.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-25031
|
|
unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25032
|
|
unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25033
|
|
unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25034
|
|
unbound<1.9.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-25035
|
|
unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25036
|
|
unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25037
|
|
unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25038
|
|
unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25039
|
|
unbound<1.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-25040
|
|
unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25041
|
|
unbound<1.9.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-25042
|
|
vault<1.6.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-27400
|
|
vault<1.6.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-29653
|
|
webmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-31760
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-31761
|
|
webmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-31762
|
|
wget-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31879
|
|
wireshark<3.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22207
|
|
exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-28007
|
|
exim4<4.94.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28008
|
|
exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28009
|
|
exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28010
|
|
exim4<4.94.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28011
|
|
exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28012
|
|
exim4<4.94.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28013
|
|
exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-28014
|
|
exim4<4.94.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-28015
|
|
exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28016
|
|
exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28017
|
|
exim4<4.94.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-28018
|
|
exim4<4.94.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28019
|
|
exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28020
|
|
exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28021
|
|
exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28022
|
|
exim4<4.94.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-28023
|
|
exim4<4.94.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28024
|
|
exim4<4.94.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28025
|
|
exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28026
|
|
exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-27216
|
|
ImageMagick<7.0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27769
|
|
ImageMagick6<6.9.10.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27769
|
|
ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20309
|
|
ImageMagick6<6.9.12.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20309
|
|
ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20310
|
|
ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20311
|
|
ImageMagick<7.0.11.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20312
|
|
ImageMagick<7.0.11.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20313
|
|
ap24-modsecurity<3.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25043
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3502
|
|
bitcoin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31876
|
|
cyrus-imapd<3.2.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32056
|
|
php{56,73,74,80}-drupal>=7<7.70 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-13662
|
|
php{56,73,74,80}-drupal>=8<8.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13664
|
|
php{56,73,74,80}-drupal>=8<8.9.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13665
|
|
php{56,73,74,80}-drupal>=7<7.73 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13666
|
|
php{56,73,74,80}-drupal>=8<8.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13666
|
|
elasticsearch<6.8.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22135
|
|
elasticsearch<6.8.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22137
|
|
exiv2<0.27.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29623
|
|
hivex<1.3.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3504
|
|
libaom<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30473
|
|
libcares<1.17.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-14354
|
|
libexosip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32611
|
|
libxml2<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3537
|
|
mapserver<7.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32062
|
|
matrix-synapse<1.33.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29471
|
|
mutt>=1.11.0<2.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32055
|
|
neomutt>=20191025<20210504 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32055
|
|
nim<1.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-29495
|
|
openjpeg<2.4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27823
|
|
openjpeg<2.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27824
|
|
openscad<2021.01 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28600
|
|
php{56,73,74,80}-piwigo<11.5.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32615
|
|
prosody<0.11.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32917
|
|
prosody<0.11.9 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32918
|
|
prosody<0.11.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32919
|
|
prosody<0.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32920
|
|
prosody<0.11.9 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32921
|
|
py{36,37,38,39}-django>=2.2<2.2.21 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31542
|
|
py{36,37,38,39}-django>=3<3.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31542
|
|
py39-django>=2.2<2.2.22 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32052
|
|
py39-django>=3<3.2.2 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32052
|
|
py{27,36,37,38,39}-flask-caching-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33026
|
|
py{27,36,37,38,39}-impacket-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31800
|
|
py{27,36,37,38,39}-octoprint<1.6.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32560
|
|
py{27,36,37,38,39}-octoprint<1.6.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32561
|
|
pycharm-bin<2020.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30005
|
|
#python27-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921
|
|
#python36-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921
|
|
#python37-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921
|
|
python38<3.8.12 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921
|
|
python39<3.9.5 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921
|
|
qemu<6.0.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-20181
|
|
qemu<6.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-20221
|
|
qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3507
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32613
|
|
raptor-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25713
|
|
raptor2<2.0.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25713
|
|
redis<6.2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29477
|
|
redis<6.2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29478
|
|
ruby{25,26,27,30}-puma<4.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29509
|
|
sabnzbd<3.2.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-29488
|
|
samba<4.14.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27840
|
|
samba<4.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20277
|
|
samba<4.14.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-20254
|
|
slurm-wlm<20.02.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31215
|
|
upx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24119
|
|
xfce4-thunar<1.8.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32563
|
|
yara<4.0.4 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-3402
|
|
ansible<2.9.6 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-10729
|
|
ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20178
|
|
ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20191
|
|
binutils<2.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3549
|
|
dmg2img-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32614
|
|
dmg2img-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3548
|
|
ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20445
|
|
ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20446
|
|
ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20448
|
|
ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20450
|
|
ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20451
|
|
ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20453
|
|
ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21041
|
|
ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22015
|
|
ffmpeg4<4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22016
|
|
ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22017
|
|
ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22019
|
|
ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22020
|
|
ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22021
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22022
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22023
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22024
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22025
|
|
ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22026
|
|
ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22027
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22028
|
|
ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22029
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22030
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22031
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22032
|
|
ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22033
|
|
ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22034
|
|
ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24020
|
|
fig2dev-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3561
|
|
go115<1.15.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31525
|
|
go116<1.16.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31525
|
|
go115<1.15.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-33194
|
|
go116<1.16.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-33194
|
|
gupnp<1.0.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33516
|
|
gupnp12<1.2.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33516
|
|
isc-dhcpd<4.4.2p1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25217
|
|
isc-dhclient<4.4.2p1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25217
|
|
libX11<1.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31535
|
|
libcaca-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30498
|
|
libcaca-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30499
|
|
libvirt<6.2.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10701
|
|
libvirt<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3559
|
|
libytnef<2.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2009-3721
|
|
#modular-xorg-server-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-25697 Design limitation of X11
|
|
nss<3.55 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12403
|
|
pam-u2f<1.1.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-31924
|
|
glpi<9.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3486
|
|
pleaser<0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31153
|
|
pleaser<0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31154
|
|
pleaser<0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31155
|
|
podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30469
|
|
podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30470
|
|
podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30471
|
|
podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30472
|
|
privoxy<3.0.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20209
|
|
putty<0.75 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33500
|
|
qemu<6.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20196
|
|
qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3527
|
|
ruby{25,26,27,30}-actionpack52<5.2.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885
|
|
ruby{25,26,27,30}-actionpack60<6.0.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885
|
|
ruby{25,26,27,30}-actionpack61<6.1.3.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885
|
|
squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28651
|
|
squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28652
|
|
squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28662
|
|
squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31806
|
|
squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31808
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30500
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30501
|
|
authelia<4.29.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32637
|
|
ettercap<0.7.5 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-3843
|
|
gama<2.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18395
|
|
gdk-pixbuf2<2.42.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20240
|
|
libvirt<6.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14301
|
|
mariadb-server<10.4.15 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15180
|
|
mariadb-server>=10.5<10.5.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15180
|
|
openldap-server<2.4.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25710
|
|
qemu<6.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35504
|
|
qemu<6.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35505
|
|
qemu<6.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35506
|
|
radsecproxy<1.9.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32642
|
|
rsync<3.2.3nb1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2020-14387
|
|
spice-server<0.14.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20201
|
|
squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33620
|
|
zeromq<4.3.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20236
|
|
zeromq<4.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20237
|
|
dino<0.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33896
|
|
libgcrypt<1.9.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-33560
|
|
nginx<1.13.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-20005
|
|
ntpsec-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22212
|
|
openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23169
|
|
openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23215
|
|
openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26260
|
|
openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26945
|
|
py{36,37,38,39}-django>=2.2<2.2.24 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33203
|
|
py{36,37,38,39}-django>=3<3.2.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33203
|
|
py{36,37,38,39}-django>=2.2<2.2.24 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-33571
|
|
py{36,37,38,39}-django>=3<3.2.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-33571
|
|
rabbitmq<3.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22116
|
|
wireshark<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22222
|
|
ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3532
|
|
ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3533
|
|
apache>=2.4.6<2.4.48 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17567
|
|
apache>=2.4.41<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13950
|
|
apache<2.4.48 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35452
|
|
apache<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-26690
|
|
apache<2.4.48 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26691
|
|
apache>=2.4.39<2.4.48 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-30641
|
|
curl<7.77.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22898
|
|
curl<7.77.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22901
|
|
php{56,73,74,80}-drupal>=7<7.72 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-13663
|
|
php{56,73,74,80}-drupal>=8<8.9.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-13663
|
|
php{56,73,74,80}-drupal>=8<8.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13688
|
|
jetty<9.4.41 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28169
|
|
lrzip<0.640 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25467
|
|
lrzip<0.640 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27345
|
|
lrzip<0.640 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27347
|
|
opendmarc-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34555
|
|
php{56,72,73,74,80}-nextcloud<20.0.10 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22915
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-33829
|
|
ripgrep<13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3013
|
|
ruby{25,26,27,30}-actionpack60<6.0.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22902
|
|
ruby{25,26,27,30}-actionpack61<6.1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22902
|
|
ruby{25,26,27,30}-actionpack61<6.1.3.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-22903
|
|
ruby{25,26,27,30}-actionpack52<5.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904
|
|
ruby{25,26,27,30}-actionpack60<6.0.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904
|
|
ruby{25,26,27,30}-actionpack61<6.1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904
|
|
squid4<4.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-31807
|
|
xscreensaver<5.45nb4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34557
|
|
py{27,36,37,38,39}-mpmath-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29063
|
|
thunderbird<78.9.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/
|
|
thunderbird<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/
|
|
firefox78<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
|
|
mozjs78<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
|
|
tor-browser<10.0.16 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
|
|
firefox<88 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/
|
|
thunderbird<78.8.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-17/
|
|
firefox<88.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/
|
|
thunderbird<78.10.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/
|
|
firefox<89 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/
|
|
firefox78<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/
|
|
mozjs78<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/
|
|
tor-browser<10.0.17 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/
|
|
thunderbird<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/
|
|
ImageMagick-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34183
|
|
ampache<4.4.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32644
|
|
djvulibre-lib-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-32490
|
|
djvulibre-lib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32491
|
|
djvulibre-lib-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32492
|
|
djvulibre-lib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32493
|
|
djvulibre-lib-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3500
|
|
jetty<9.4.41 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2021-34428
|
|
moodle-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21809
|
|
opengrok<1.6.9 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-2322
|
|
php{56,72,73,74,80}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-18670
|
|
php{56,72,73,74,80}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-18671
|
|
ruby{25,26,27,30}-bindata<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32823
|
|
dovecot<2.3.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28200
|
|
dovecot<2.3.14.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-29157
|
|
dovecot<2.3.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33515
|
|
postsrsd<1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-35525
|
|
rabbitmq<3.8.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32718
|
|
rabbitmq<3.8.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32719
|
|
libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21813
|
|
libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21814
|
|
libredwg<0.10.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21815
|
|
libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21816
|
|
libredwg<0.10.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21817
|
|
libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21818
|
|
libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21819
|
|
libredwg<0.10.1.2665 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21827
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21830
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21831
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21832
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21833
|
|
libredwg<0.10.1.2699 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21834
|
|
libredwg<0.10.1.2699 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21835
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21836
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21838
|
|
libredwg<0.10.1.2699 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21839
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21840
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21841
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21842
|
|
libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21843
|
|
libredwg<0.10.1.2699 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-21844
|
|
libredwg<0.10.1.371 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23861
|
|
libredwg<0.12.3.4194 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-36080
|
|
SOGo<2.4.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2021-33054
|
|
SOGo>=3<5.1.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2021-33054
|
|
apache>=2.4.47<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-31618
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3468
|
|
cflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23856
|
|
djvulibre-lib<3.5.28 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3630
|
|
php{56,73,74,80}-drupal>=8<8.9.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13667
|
|
exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32617
|
|
fluent-bit<1.8.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-36088
|
|
htslib<1.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36403
|
|
jenkins<2.300 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21670
|
|
jenkins<2.300 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2021-21671
|
|
keystone-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-36404
|
|
keystone-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-36405
|
|
kimageformats<5.83.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36083
|
|
libressl<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-25048
|
|
libressl<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-25049
|
|
mediawiki<1.36.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-35197
|
|
mediawiki<1.36.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36129
|
|
ndpi-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36082
|
|
py{36,37,38,39}-django>=3<3.2.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-35042
|
|
py{27,36,37,38,39}-urllib3<1.26.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33503
|
|
tesseract-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-36081
|
|
tor<0.4.6.5 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34548
|
|
tor<0.4.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34549
|
|
tor<0.4.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34550
|
|
unrar<5.6.1.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-20006
|
|
unrar<5.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-25018
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692
|
|
zeromq<4.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36400
|
|
py{27,36,37,38,39}-Flask-User-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23401
|
|
moodle<3.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14827
|
|
libxml2<2.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3518
|
|
websvn<2.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32305
|
|
mpv<0.33.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30145
|
|
openldap-server<2.4.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25709
|
|
libxml2<2.9.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3517
|
|
rpm<4.16.1.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3421
|
|
prometheus<2.27.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29622
|
|
python36<3.6.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426
|
|
python37<3.7.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426
|
|
python38<3.8.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426
|
|
python39<3.9.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426
|
|
libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28906
|
|
libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28904
|
|
libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28903
|
|
libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28902
|
|
libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28905
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36332
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36331
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36330
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36329
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36328
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25014
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25013
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25012
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25011
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25010
|
|
libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25009
|
|
libxml2<2.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3516
|
|
nginx<1.20.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-23017
|
|
xdg-utils-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27748
|
|
ffmpeg4<4.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-22036
|
|
ffmpeg4<4.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-22035
|
|
libjpeg-turbo<2.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17541
|
|
ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22040
|
|
ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22044
|
|
ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22041
|
|
ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22039
|
|
ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22043
|
|
ffmpeg4<4.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22038
|
|
ffmpeg4<4.4.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22037
|
|
ffmpeg4<4.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22042
|
|
py{27,36,37,38,39}-Pillow<8.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-28676
|
|
py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28678
|
|
py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28677
|
|
py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28675
|
|
py{27,36,37,38,39}-Pillow<8.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25287
|
|
py{27,36,37,38,39}-Pillow<8.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25288
|
|
qemu<6.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3546
|
|
qemu<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3545
|
|
qemu<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3544
|
|
qemu<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27661
|
|
qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3595
|
|
qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3594
|
|
qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3593
|
|
qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3592
|
|
qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35503
|
|
libraw<0.20.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24870
|
|
ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22056
|
|
ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22054
|
|
ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22051
|
|
ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22049
|
|
ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22048
|
|
ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22046
|
|
qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12067
|
|
lrzsz-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10195
|
|
redis<6.2.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32625
|
|
ffmpeg4<4.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-33815
|
|
vault<1.6.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32923
|
|
lasso<2.7.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-28091
|
|
moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32244
|
|
putty<0.75 spoofing https://nvd.nist.gov/vuln/detail/CVE-2021-36367
|
|
php{56,72,73,74,80}-owncloud<10.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29659
|
|
php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32657
|
|
php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32656
|
|
php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32655
|
|
php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32653
|
|
php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32654
|
|
gstreamer1<1.18.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3522
|
|
lz4<1.9.3nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3520
|
|
py{34,35,36,37,38,39}-websockets<9.1 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2021-33880
|
|
jdom-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33813
|
|
quassel-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-34825
|
|
mantis<2.25.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33557
|
|
zziplib<0.13.72 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18442
|
|
openexr<3.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3598
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36217
|
|
libxml2<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3541
|
|
postgresql96<9.6.22 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027
|
|
postgresql10<10.17 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027
|
|
postgresql11<11.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027
|
|
postgresql12<12.7 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027
|
|
postgresql13<13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027
|
|
libaom<3.1.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-30474
|
|
xdg-utils<1.1.3 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2015-1877
|
|
fuse<2.9.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33805
|
|
py{36,37,38,39}-wagtail<2.12.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32681
|
|
ruby-addressable<2.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32740
|
|
go<1.0.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2012-2666
|
|
fossil<2.15.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36377
|
|
libaom<3.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30475
|
|
file<5.02 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2009-0947
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32705
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32703
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32688
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32680
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32678
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32679
|
|
prometheus<2.50.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538
|
|
grafana-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538
|
|
apache-ant<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36373
|
|
apache-ant>=1.10<1.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36373
|
|
apache-ant<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36374
|
|
apache-ant>=1.10<1.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36374
|
|
apache-tomcat<8.5.65 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30639
|
|
apache-tomcat>=9.0<9.0.45 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30639
|
|
apache-tomcat<8.5.66 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30640
|
|
apache-tomcat>=9.0<9.0.46 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30640
|
|
apache-tomcat<8.5.67 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-33037
|
|
apache-tomcat>=9.0<9.0.47 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-33037
|
|
bat<0.18.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36753
|
|
exiv2<0.27.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19715
|
|
exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19716
|
|
fail2ban<0.11.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32749
|
|
go115<1.15.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34558
|
|
go116<1.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34558
|
|
icinga2<2.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-32739
|
|
icinga2<2.12.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32743
|
|
icingaweb2<2.8.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-32746
|
|
icingaweb2<2.8.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32747
|
|
jasper<2.0.17 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-27845
|
|
jetty<9.4.43 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34429
|
|
libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3530
|
|
mbedtls<2.26.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24119
|
|
mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22885
|
|
mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22886
|
|
nodejs<12.22.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-22918
|
|
nodejs>=14<14.17.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-22918
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32725
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2021-32726
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32734
|
|
php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32741
|
|
py{27,36,37,38,39}-Pillow<8.3.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34552
|
|
quickjs<20200705 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22876
|
|
ruby26-base<2.6.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810
|
|
ruby27-base<2.7.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810
|
|
ruby30-base<3.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810
|
|
eterm<0.9.6nb3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477
|
|
mrxvt<0.5.4nb14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477
|
|
rxvt<2.7.10nb9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477
|
|
rxvt-unicode<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477
|
|
wolfssl<4.8.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24116
|
|
varnish>=5.0<6.6.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36740
|
|
consul<1.10.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36213
|
|
consul<1.10.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32574
|
|
gthumb3<3.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36427
|
|
mbedtls<2.24.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36426
|
|
mbedtls<2.24.0 invalid-crl-checks https://nvd.nist.gov/vuln/detail/CVE-2020-36425
|
|
mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36424
|
|
mbedtls<2.23.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36421
|
|
mbedtls<2.23.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36423
|
|
mbedtls<2.23.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36422
|
|
racket<8.2 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-32773
|
|
unicorn<1.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-36979
|
|
qpdf<10.3.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36978
|
|
matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36977
|
|
libarchive<3.6.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-36976
|
|
libsndfile<1.0.31nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3246
|
|
wireshark<3.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22235
|
|
unicorn-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36431
|
|
libass>=0.15<0.15.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36430
|
|
matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36428
|
|
geckodriver<0.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15660
|
|
aspell-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25051
|
|
gdal-lib<3.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25050
|
|
gradle<7.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32751
|
|
curl>=7.27<7.78 input-validation https://curl.se/docs/CVE-2021-22922.html
|
|
wolfssl>=4.6<4.8.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-37155
|
|
php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-22150
|
|
php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-22148
|
|
mupdf<1.18.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19609
|
|
libheif<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19498
|
|
matio<1.5.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19497
|
|
gpac<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19488
|
|
gpac<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19481
|
|
libheif<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19499
|
|
mupdf<1.19.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-37220
|
|
redis<6.2.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32761
|
|
mysql-server>=5.7<5.7.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL
|
|
mysql-cluster<8.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL
|
|
openjdk8<1.8.292 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixJAVA
|
|
openjdk11<1.11.0.12 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixJAVA
|
|
mosquitto>=1.6<2.0.11 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34431
|
|
mit-krb5<1.18.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-36222
|
|
ap{22,24}-auth-openidc<2.4.9 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-32786
|
|
ap{22,24}-auth-openidc<2.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32785
|
|
mongodb<4.2.10 inject-log-entries https://nvd.nist.gov/vuln/detail/CVE-2021-20333
|
|
elasticsearch<6.8.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22144
|
|
asterisk>=13.0<13.38.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html
|
|
asterisk>=16.0<16.16.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html
|
|
asterisk>=18.0<18.2.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html
|
|
asterisk>=16.0<16.16.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-006.html
|
|
asterisk>=18.0<18.2.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-006.html
|
|
asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-007.html
|
|
asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-007.html
|
|
asterisk>=13.0<13.38.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html
|
|
asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html
|
|
asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html
|
|
asterisk>=13.0<13.38.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html
|
|
asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html
|
|
asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html
|
|
webkit-gtk<2.32.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0004.html
|
|
ap24-auth-openidc<2.4.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-32791
|
|
ap24-auth-openidc<2.4.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32792
|
|
claws-mail<3.18.0 clickjacking https://nvd.nist.gov/vuln/detail/CVE-2021-37746
|
|
exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31291
|
|
exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31292
|
|
fetchmail<6.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36386
|
|
go115<1.15.13 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-33195
|
|
go116<1.16.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-33195
|
|
go115<1.15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33196
|
|
go116<1.16.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33196
|
|
go115<1.15.13 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33197
|
|
go116<1.16.5 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33197
|
|
go115<1.15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33198
|
|
go116<1.16.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33198
|
|
mosquitto<2.0.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34432
|
|
php{56,73,74,80}-pear<1.10.12nb5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32610
|
|
php{56,73,74,80}-concrete5-[0-9]* php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36766
|
|
powerdns>=4.5.0<4.5.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36754
|
|
prosody>=0.11.0<0.11.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37601
|
|
py{27,36,37,38,39}-Glances<3.2.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-23418
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3673
|
|
ruby26-base<2.6.8 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799
|
|
ruby27-base<2.7.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799
|
|
ruby30-base<3.0.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799
|
|
ruby26-base<2.6.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066
|
|
ruby27-base<2.7.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066
|
|
ruby30-base<3.0.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066
|
|
vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25801
|
|
vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25802
|
|
vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25803
|
|
vlc<3.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25804
|
|
libfetch-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36159
|
|
courier-mta<1.1.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-38084
|
|
gd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38115
|
|
ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38114
|
|
gpac<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22352
|
|
gpac<1.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24829
|
|
ruby{25,26,27,30}-redmine42<4.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37156
|
|
qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3682
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36584
|
|
ffmpeg4<4.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-3566
|
|
curl>=7.33<7.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22926
|
|
curl>=7.7<7.78 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2021-22925
|
|
curl>=7.27<7.78 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22923
|
|
curl>=7.10.4<7.78 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22924
|
|
thunderbird<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/
|
|
tor-browser<10.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/
|
|
firefox78<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/
|
|
mozjs78<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/
|
|
firefox<90 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/
|
|
firefox<89.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-27/
|
|
lynx<2.8.9.1nb5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38165
|
|
rust<1.53.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29922
|
|
gcpio-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38185
|
|
go115-[0-9]* access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29923
|
|
go116-[0-9]* access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29923
|
|
libcares<1.17.2 invalid-validation https://c-ares.haxx.se/adv_20210810.html
|
|
alpine<=2.24 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38370
|
|
exim4-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38371
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32815
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34334
|
|
exiv2<0.27.5 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-34335
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37615
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37616
|
|
exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37618
|
|
exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37619
|
|
exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37620
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37621
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37622
|
|
exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37623
|
|
ffmpeg4<4.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-21688
|
|
ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21697
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21675
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21676
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21678
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21680
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21681
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21682
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21683
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21684
|
|
go115<1.15.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36221
|
|
go116<1.16.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36221
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32437
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32438
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32439
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32440
|
|
libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21677
|
|
nim-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-23171
|
|
perl>=5.32.0<5.34.0nb3 code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36770
|
|
php{56,72,73,74,80}-typo3<7.6.53 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32768
|
|
py{27,36,37,38,39}-notebook<6.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32798
|
|
qt5-qtbase<5.14.1 code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24741
|
|
qt5-qtbase<5.14.0 code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24742
|
|
qt5-qtbase-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38593
|
|
trojita-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38372
|
|
tor<0.4.6.7 denial-of-service https://lists.torproject.org/pipermail/tor-announce/2021-August/000228.html
|
|
ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38291
|
|
libspf2<1.2.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20314
|
|
nodejs<12.22.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22931
|
|
nodejs>=14<14.17.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22931
|
|
nodejs<12.22.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22939
|
|
nodejs>=14<14.17.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22939
|
|
nodejs<12.22.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22940
|
|
nodejs>=14<14.17.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22940
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32808
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32809
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-37695
|
|
vault<1.8.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-38553
|
|
vault<1.8.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38554
|
|
wolfssl<4.8.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-38597
|
|
firefox<91 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/
|
|
tor-browser<10.5.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/
|
|
firefox78<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/
|
|
mozjs78<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/
|
|
thunderbird<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-36/
|
|
firefox<91.01 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/
|
|
xmill-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21810
|
|
haproxy>=2.2<2.2.16 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242
|
|
haproxy>=2.3<2.3.13 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242
|
|
haproxy>=2.4<2.4.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242
|
|
haproxy>=2.0<2.0.24 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241
|
|
haproxy>=2.2<2.2.16 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241
|
|
haproxy>=2.3<2.3.13 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241
|
|
haproxy>=2.4<2.4.3 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241
|
|
haproxy>=2.2<2.2.16 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240
|
|
haproxy>=2.3<2.3.13 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240
|
|
haproxy>=2.4<2.4.3 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21861
|
|
gpac-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21859
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21860
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21862
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21858
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21857
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21855
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21856
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21854
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21853
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21852
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21851
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21847
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21846
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21845
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21844
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21839
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21843
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21838
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21837
|
|
apache-roller<6.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33580
|
|
bind>=9.16<9.16.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25218
|
|
xmill-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21825
|
|
xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21828
|
|
xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21827
|
|
xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21826
|
|
icinga2<2.12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37698
|
|
ruby{25,26,27}-nexpose<6.6.96 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31868
|
|
apr>=1.7.0<1.7.0nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-35940
|
|
exiv2<0.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18899
|
|
exiv2<0.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18898
|
|
libgda-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39359
|
|
libgfbgraph-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39358
|
|
grilo-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39365
|
|
mbedtls<2.25.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-36478
|
|
mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36477
|
|
mbedtls<2.24.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36476
|
|
mbedtls<2.25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36475
|
|
mit-krb5<1.18.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-37750
|
|
ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38171
|
|
exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18774
|
|
exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18773
|
|
exiv2-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18771
|
|
plib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38714
|
|
sqlite3<3.36.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36690
|
|
knot<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40083
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
diylc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
diylc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
diylc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
clion-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
clion-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
clion-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
intellij-ce-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
intellij-ce-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
intellij-ce-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
intellij-ue-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
intellij-ue-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
intellij-ue-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
phpstorm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
phpstorm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
phpstorm-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
pycharm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
pycharm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
pycharm-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
rubymine-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
rubymine-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
rubymine-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153
|
|
aipo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146
|
|
aipo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141
|
|
aipo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140
|
|
aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139
|
|
openssl>=1.1<1.1.1l buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3711
|
|
openssl<1.1.1l denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3712
|
|
php{56,73,74,80}-basercms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39136
|
|
qemu<6.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3713
|
|
openexr<3.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3605
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21850
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21849
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21848
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21842
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21841
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21840
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21836
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21835
|
|
tcpreplay<4.3.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18976
|
|
nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18974
|
|
podofo<0.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-18972
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21834
|
|
podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18971
|
|
squashfs<4.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-40153
|
|
cacti<1.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-23226
|
|
py{27,34,35,36,37,38,39}-mezzanine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-19002
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28700
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28700
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28699
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28699
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694
|
|
fetchmail<6.4.22 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-39272
|
|
tor>=0.4.6<0.4.6.7 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38385
|
|
tor<0.4.5.10 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38385
|
|
mc<4.8.27 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36370
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35634
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35633
|
|
cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35635
|
|
git-base<2.30.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40330
|
|
mosquitto-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34434
|
|
matrix-synapse<1.41.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39164
|
|
matrix-synapse<1.41.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39163
|
|
libssh<0.9.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3634
|
|
xmill-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-21811
|
|
cyrus-imapd<2.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33582
|
|
cyrus-imapd>=3.0<3.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33582
|
|
gst-plugins1-libav-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
gst-plugins1-libav-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
gst-plugins1-libav-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778
|
|
ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776
|
|
ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775
|
|
inetutils<2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40491
|
|
py{27,34,35,36,37,38,39}-Pillow<8.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-23437
|
|
ap{22,24}-auth-openidc<2.4.9.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-39191
|
|
pure-ftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40524
|
|
weechat<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40516
|
|
botan-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40529
|
|
consul<1.8.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-37219
|
|
consul<1.8.15 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38698
|
|
cryptopp-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40530
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33285
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33286
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33287
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33289
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35266
|
|
fuse-ntfs-3g<2021.8.22 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35267
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35268
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35269
|
|
fuse-ntfs-3g<2021.8.22 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39251
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39252
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39253
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39254
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39255
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39256
|
|
fuse-ntfs-3g<2021.8.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39257
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39258
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39259
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39260
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39261
|
|
fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39262
|
|
fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39263
|
|
libgcrypt<1.9.4 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40528
|
|
php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35947
|
|
php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35949
|
|
tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19131
|
|
vim<8.2.3402 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3770
|
|
php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35946
|
|
php{56,72,73,74,80}-owncloud<10.8.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-35948
|
|
php{56,72,73,74,80}-nextcloud<22.1.0 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32802
|
|
php{56,72,73,74,80}-nextcloud<22.1.0 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-32801
|
|
php{56,72,73,74,80}-nextcloud<22.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32800
|
|
gifsicle<1.93 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-19752
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19751
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19750
|
|
salt<3003.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22004
|
|
salt<3003.3 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21996
|
|
tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19144
|
|
tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19143
|
|
wordpress>=5.0<5.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39201
|
|
wordpress>=5.2<5.8.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39200
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33366
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33364
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33362
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32137
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32136
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32135
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32134
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32132
|
|
squashfs-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-41072
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33365
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33363
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32138
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32139
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33361
|
|
libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21050
|
|
libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21049
|
|
libsixel<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21048
|
|
gd<2.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40812
|
|
ImageMagick<7.1.0.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-39212
|
|
glpi>=9.2<9.5.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39211
|
|
glpi>=9.1<9.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39213
|
|
glpi<9.5.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39210
|
|
glpi<9.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39209
|
|
vim<8.2.3428 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3796
|
|
vim<8.2.3409 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3778
|
|
elasticsearch<7.14.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22147
|
|
fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21535
|
|
fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21534
|
|
fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21533
|
|
fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21532
|
|
fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21531
|
|
fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21530
|
|
fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21529
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21606
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21605
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21602
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21604
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21603
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21601
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21600
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21597
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21599
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21598
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21596
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21595
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21594
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701
|
|
xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701
|
|
apache-tomcat>=8.5<8.5.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41079
|
|
apache-tomcat>=9.0<9.0.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41079
|
|
apache<2.4.49 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-40438
|
|
apache<2.4.49 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39275
|
|
mitmproxy<7.0.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-39214
|
|
apache<2.4.49 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-34798
|
|
apache>=2.4.30<2.4.49 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36160
|
|
libsixel<1.8.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21548
|
|
libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21547
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39598
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39597
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39595
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39596
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39594
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39593
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39592
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39591
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39585
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39588
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39590
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39583
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39589
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39579
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39587
|
|
swftools-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39582
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39584
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39577
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39574
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39575
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39569
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39562
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39564
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39561
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39563
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39553
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39559
|
|
swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39558
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39557
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39555
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39556
|
|
swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39554
|
|
ncurses<6.2nb4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39537
|
|
libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39530
|
|
libredwg<0.10.1.3768 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-39528
|
|
libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39527
|
|
libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39525
|
|
libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39522
|
|
libredwg<0.10.1.3768 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39523
|
|
libredwg<0.10.1.3773 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39521
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38094
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38093
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38092
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38091
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38089
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38090
|
|
libgig-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32294
|
|
faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32278
|
|
faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32277
|
|
fig2dev<3.2.7b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32280
|
|
faad2<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32276
|
|
faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32273
|
|
faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32274
|
|
faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32272
|
|
gpac-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32271
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32270
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32269
|
|
gpac-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32268
|
|
icu<67.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-21913
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20901
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20900
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20899
|
|
ffmpeg4-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-20902
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20897
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20898
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20896
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20895
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20894
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20893
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20891
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20892
|
|
#redis-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21468 Disputed, see https://github.com/redis/redis/issues/6633
|
|
#openssh-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-20012 Documented configuration setting
|
|
halibut<4.4.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31819
|
|
tcpreplay<4.3.3 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23273
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23269
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23266
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23267
|
|
php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22953
|
|
php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22950
|
|
php{56,73,74,80}-concrete5<8.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22949
|
|
elvish<0.14.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-41088
|
|
php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40100
|
|
php{56,73,74,80}-concrete5<8.5.6 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2021-40102
|
|
php{56,73,74,80}-concrete5<8.5.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40099
|
|
php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40109
|
|
php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40108
|
|
php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40106
|
|
php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40105
|
|
php{56,73,74,80}-concrete5<8.5.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-40103
|
|
php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40104
|
|
php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40098
|
|
php{56,73,74,80}-concrete5<8.5.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40097
|
|
py{27,34,35,36,37,38,39}-nltk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3828
|
|
py{27,34,35,36,37,38,39}-inflect-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3820
|
|
ruby{25,26,27}-nokogiri<1.12.5 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-41098
|
|
ansible-base<2.12.0nb1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3583
|
|
curl>=7.73.0<7.79.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-22945
|
|
libressl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41581
|
|
#tor-browser-[0-9]* excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246 The logging is by tor, not tor-browser
|
|
tor-[0-9]* excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246
|
|
openssh>=6.2<8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-41617
|
|
apache>=2.4.49<2.4.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41524
|
|
apache>=2.4.49<2.4.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-41773
|
|
apache>=2.4.49<2.4.51 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-42013
|
|
ardour<6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-22617
|
|
curl<7.79.0 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2021-22946
|
|
curl<7.79.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22947
|
|
grafana<8.1.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39226
|
|
hiredis<1.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32765
|
|
mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42040
|
|
mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-42041
|
|
mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-42043
|
|
nodejs<12.22.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22930
|
|
nodejs>=14<14.17.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22930
|
|
gajim<1.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41055
|
|
libreoffice<7.1.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25633
|
|
mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41798
|
|
mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41799
|
|
mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41800
|
|
php>=7.3<7.3.31 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705
|
|
php>=7.4<7.4.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705
|
|
php>=8.0<8.0.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705
|
|
php{56,73,74,80}-concrete5<8.5.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22958
|
|
php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41461
|
|
php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41462
|
|
php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41465
|
|
postgresql96-server<9.6.22 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028
|
|
postgresql10-server<10.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028
|
|
postgresql11-server<11.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028
|
|
postgresql12-server<12.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028
|
|
postgresql13-server<13.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028
|
|
postgresql11-server<11.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029
|
|
postgresql12-server<12.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029
|
|
postgresql13-server<13.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029
|
|
py{36,37,38,39,310}-scrapy<2.5.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41125
|
|
redis<6.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32626
|
|
redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32627
|
|
redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32628
|
|
redis<6.2.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32672
|
|
redis<6.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32675
|
|
redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32687
|
|
redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32762
|
|
redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41099
|
|
vault<1.8.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-41802
|
|
vault<1.8.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42135
|
|
tinyxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42260
|
|
ruby{25,26,27,30}-redmine41<4.1.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42326
|
|
ruby{25,26,27,30}-redmine42<4.2.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42326
|
|
ruby{25,26,27,30}-puma<4.3.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-41136
|
|
ruby{25,26,27,30}-puma>=5<5.5.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-41136
|
|
heimdal<7.7.0nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3671
|
|
libreoffice>=7.0<7.0.6 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25634
|
|
libreoffice>=7.1<7.1.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25634
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22679
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22678
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22677
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22675
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22673
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22674
|
|
apache-tomcat>=9.0.40<9.0.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-42340
|
|
apache-tomcat>=8.5.60<8.5.71 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-42340
|
|
couchdb<3.1.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-38295
|
|
vim<8.2.3489 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3875
|
|
rt4<4.2.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38562
|
|
freeswitch<1.10.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36513
|
|
go116<1.16.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38297
|
|
go117<1.17.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38297
|
|
ruby{25,26,27,30}-actionpack60<6.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22942
|
|
ruby{25,26,27,30}-actionpack61<6.1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22942
|
|
mysql-client>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL
|
|
mysql-cluster>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.36 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL
|
|
openjdk8<1.8.302 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-35550
|
|
openjdk11<1.11.0.13 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-35550
|
|
freerdp<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-41159
|
|
freerdp<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-41160
|
|
mailman<2.1.35 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42096
|
|
mailman<2.1.35 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42097
|
|
php56-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703
|
|
php71-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703
|
|
php72-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703
|
|
php73-fpm<7.3.31 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703
|
|
php74-fpm<7.4.25 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703
|
|
php80-fpm<8.0.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703
|
|
py{27,36,37,38,39}-babel<2.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-42771
|
|
qutebrowser<2.4.0 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-41146
|
|
vim<8.2.3487 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3872
|
|
php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179
|
|
php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179
|
|
php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178
|
|
php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178
|
|
php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177
|
|
php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177
|
|
websvn-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-2195
|
|
libmysofa<1.2.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3756
|
|
calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4126
|
|
calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4124
|
|
calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4125
|
|
vim<8.2.3564 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3903
|
|
firefox<92 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/
|
|
firefox78<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/
|
|
tor-browser<10.5.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/
|
|
mozjs78<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/
|
|
firefox91<91.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-40/
|
|
thunderbird<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-42/
|
|
firefox<93 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/
|
|
tor-browser<10.5.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/
|
|
firefox78<78.15 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/
|
|
mozjs78<78.15 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/
|
|
firefox91<91.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/
|
|
jenkins<2.303.2 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2021-11-04/
|
|
bind>=9.16<9.16.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25219
|
|
htmldoc<1.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40985
|
|
grafana>=8.0.0<8.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41174
|
|
libxls-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27836
|
|
libheif<1.7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23109
|
|
cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-43398
|
|
vim<8.2.3581 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3928
|
|
vim<8.2.3582 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3927
|
|
go116<1.16.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41772
|
|
go117<1.17.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41772
|
|
go116<1.16.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-41771
|
|
go117<1.17.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-41771
|
|
speex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23904
|
|
speex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23903
|
|
nim-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-41259
|
|
belle-sip<5.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43611
|
|
belle-sip<5.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43610
|
|
mailman<2.1.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43331
|
|
mailman<2.1.36 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-43332
|
|
cacti<1.2.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14424
|
|
grafana>=8<8.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41244
|
|
puppet<7.12.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27025
|
|
puppet<7.12.1 possible-data-leak https://nvd.nist.gov/vuln/detail/CVE-2021-27023
|
|
wireshark>=3.4<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39920
|
|
wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39928
|
|
wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39929
|
|
wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39926
|
|
wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39925
|
|
wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39924
|
|
wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39923
|
|
wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39922
|
|
wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39921
|
|
py{27,36,37,38,39}-pip<21.1 data-manipulation https://nvd.nist.gov/vuln/detail/CVE-2021-3572
|
|
gocr-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33481
|
|
gocr-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33480
|
|
gocr-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33479
|
|
php{56,72,73,74,80}-roundcube<1.4.12 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-44026
|
|
php{56,72,73,74,80}-roundcube<1.4.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44025
|
|
vim<8.2.3612 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3974
|
|
vim<8.2.3611 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3973
|
|
vim<8.2.3611 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3968
|
|
gmp<6.2.1nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43618
|
|
ImageMagick<7.1.0-14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3962
|
|
quagga<1.2.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-44038
|
|
librecad-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21900
|
|
librecad-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21899
|
|
librecad-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-21898
|
|
pgbouncer<1.16.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-3935
|
|
isync-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44143
|
|
ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23906
|
|
json-schema<0.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3918
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41165
|
|
py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41164
|
|
gerbv-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-40391
|
|
npm-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43616
|
|
moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43559
|
|
moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43559
|
|
moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43560
|
|
moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43560
|
|
moodle<3.9.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3943
|
|
moodle>=3.10<3.10.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3943
|
|
moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43558
|
|
moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43558
|
|
lua54-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519
|
|
matrix-synapse<1.47.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-41281
|
|
libcares<1.17.2 dns-hijacking https://nvd.nist.gov/vuln/detail/CVE-2021-3672
|
|
wordpress<5.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44223
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708
|
|
php{56,73,74,80}-basercms<4.5.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-41279
|
|
php{56,73,74,80}-basercms<4.5.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-41243
|
|
flif<0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14232
|
|
libaom<3.2.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36129
|
|
libaom<2.1.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36130
|
|
libaom<2.1.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36131
|
|
libaom<3.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36133
|
|
libaom<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36134
|
|
libaom<2.1.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36135
|
|
mailman<2.1.38 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-44227
|
|
mosquitto<2.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41039
|
|
php{56,73,74,80}-concrete5<8.5.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40101
|
|
vault<1.8.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43998
|
|
vim<8.2.3625 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3984
|
|
vim<8.2.3669 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4019
|
|
binutils<2.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-37322
|
|
php>=7.3<7.3.33 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707
|
|
php>=7.4<7.4.26 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707
|
|
php>=8.0<8.0.13 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707
|
|
grafana>=8.0<8.0.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798
|
|
grafana>=8.1<8.1.8 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798
|
|
grafana>=8.2<8.2.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798
|
|
grafana>=8.3<8.3.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798
|
|
php-7.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
drupal-8.[0-9]* eol https://www.drupal.org/psa-2021-11-30
|
|
thunderbird<91.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/
|
|
firefox<94 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/
|
|
firefox91<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/
|
|
firefox<94 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/
|
|
firefox91<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/
|
|
thunderbird<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-50/
|
|
firefox<95 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-52/
|
|
firefox91<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-52/
|
|
firefox91<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-53/
|
|
thunderbird<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-54/
|
|
ruby{25,26,27,30}-bundler<2.2.33 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43809
|
|
php{56,73,74,80}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-40313
|
|
calibre<5.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44686
|
|
tmate-[0-9]* session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-44513
|
|
tmate-[0-9]* session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-44512
|
|
grafana<7.5.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43813
|
|
grafana>=8.3<8.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43813
|
|
vim<8.2.3741 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4069
|
|
grafana<7.5.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43815
|
|
grafana>=8.3<8.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43815
|
|
nss<3.73 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-43527
|
|
py{36,37,38,39,310}-django>=2.2<2.2.25 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420
|
|
py{36,37,38,39,310}-django>=3.1<3.1.14 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420
|
|
py{36,37,38,39,310}-django>=3.2<3.2.10 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420
|
|
py{27,36,37,38,39,310}-lxml<4.6.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43818
|
|
webkit-gtk<2.32.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0005.html
|
|
webkit-gtk<2.34.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0006.html
|
|
webkit-gtk<2.34.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0007.html
|
|
teeworlds-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43518
|
|
php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40882
|
|
epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45088
|
|
epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45086
|
|
epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45087
|
|
epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45085
|
|
vault>=1.4.0<1.9.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45042
|
|
p5-CPAN-Checksums-[0-9]* incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16155
|
|
p5-App-cpanminus-[0-9]* incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16154
|
|
perl<5.35.7 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16156
|
|
binutils<2.37nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45078
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45038
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44857
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44858
|
|
py{27,34,35,36,37,38,39,310}-numpy<1.23.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41496
|
|
py{27,34,35,36,37,38,39,310}-numpy<1.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34141
|
|
py{27,34,35,36,37,38,39,310}-numpy<1.22.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41495
|
|
py{27,34,35,36,37,38,39,310}-numpy<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33430
|
|
vim<8.2.3847 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4136
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45038
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44857
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44858
|
|
vim<8.2.3847 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4136
|
|
mbedtls>=2<2.28.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-44732
|
|
apache<2.4.52 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44790
|
|
apache>=2.4.7<2.4.52 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44224
|
|
modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4011
|
|
modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4010
|
|
modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4009
|
|
modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4008
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45292
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45289
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45288
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45291
|
|
binaryen<104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45293
|
|
binaryen<104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45290
|
|
mbedtls<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45451
|
|
mbedtls<2.28.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45450
|
|
assimp<5.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45948
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45951
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45952
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45953
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45954
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45955
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45956
|
|
dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45957
|
|
e2guardian-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-44273
|
|
expat<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45960
|
|
gdallib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45943
|
|
gegl<0.4.34 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-45463
|
|
gerbv<2.8.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-40393
|
|
gerbv<2.8.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40394
|
|
ghostscript-agpl<9.54 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-45944
|
|
ghostscript-agpl<9.55.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45949
|
|
giftrans-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45972
|
|
gnuplot-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44917
|
|
go116<1.16.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44716
|
|
go117<1.17.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44716
|
|
go116<1.16.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-44717
|
|
go117<1.17.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-44717
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44918
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44919
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44920
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44921
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44922
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44923
|
|
gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-44924
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44925
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44926
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44927
|
|
gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45258
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45259
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45260
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45262
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45263
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45266
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45267
|
|
gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-45297
|
|
harfbuzz<2.9.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45931
|
|
libredwg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45950
|
|
mongodb<4.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20330
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45256
|
|
nasm-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-45257
|
|
openexr<3.1.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45942
|
|
patch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45261
|
|
py{27,36,37,38,39,310}-celery<5.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-23727
|
|
py{27,36,37,38,39,310}-nltk<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43854
|
|
py{27,36,37,38,39,310}-ujson-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45958
|
|
qt5-qtsvg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930
|
|
qt6-qtsvg<6.2.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930
|
|
ruby26-base<2.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817
|
|
ruby27-base<2.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817
|
|
ruby30-base<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817
|
|
ruby26-base<2.6.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819
|
|
ruby27-base<2.7.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819
|
|
ruby30-base<3.0.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819
|
|
unicorn<2.0.0rc5 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-44078
|
|
vim<8.2.3884 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4166
|
|
vim<8.2.3902 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4173
|
|
vim<8.2.3923 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4187
|
|
vim<8.2.3949 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4192
|
|
vim<8.2.3950 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4193
|
|
wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4181
|
|
wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4182
|
|
wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4183
|
|
wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4184
|
|
wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4185
|
|
wireshark<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4186
|
|
wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4190
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45829
|
|
py{27,36,37,38,39,310}-nltk<3.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3842
|
|
tcpslice<1.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41043
|
|
php{56,72,73,74,80}-roundcube<1.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46144
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46143
|
|
uriparser<0.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46142
|
|
uriparser<0.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46141
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46038
|
|
hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45832
|
|
hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45833
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-45831
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45830
|
|
lighttpd>=1.4.46<1.4.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22707
|
|
vim<8.2.4009 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0128
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44591
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44590
|
|
wordpress<5.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21664
|
|
wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21662
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46044
|
|
wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21663
|
|
wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21661
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46043
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46042
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46041
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46040
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46039
|
|
kubectl<1.26.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25743
|
|
py{36,37,38,39,310}-django>=2.2<2.2.26 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452
|
|
py{36,37,38,39,310}-django>=3.2<3.2.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452
|
|
py{36,37,38,39,310}-django>=4<4.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452
|
|
py{36,37,38,39,310}-django>=2.2<2.2.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115
|
|
py{36,37,38,39,310}-django>=3.2<3.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115
|
|
py{36,37,38,39,310}-django>=4<2.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115
|
|
py{36,37,38,39,310}-django>=2.2<2.2.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116
|
|
py{36,37,38,39,310}-django>=3.2<3.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116
|
|
py{36,37,38,39,310}-django>=4<4.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116
|
|
tiff<4.3.0nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-22844
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22827
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22826
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22825
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22824
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22823
|
|
expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22822
|
|
py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22817
|
|
py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22816
|
|
py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2022-22815
|
|
vim<8.2.4049 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0158
|
|
vim<8.2.4040 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0156
|
|
mediawiki<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46150
|
|
mediawiki<1.36.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46149
|
|
mediawiki<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46147
|
|
mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-46148
|
|
mediawikit<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46146
|
|
vim<8.2.3883 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46059
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46051
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46049
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46047
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46045
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46046
|
|
htmldoc<1.9.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-43579
|
|
ruby{25,26,27,30}-actionpack60<6.0.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-44528
|
|
ruby{25,26,27,30}-actionpack61<6.1.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-44528
|
|
phoronix-test-suite-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0157
|
|
clamav<0.103.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20698
|
|
fig2dev<3.2.8b double-free https://nvd.nist.gov/vuln/detail/CVE-2021-37529
|
|
fig2dev<3.2.8b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37530
|
|
gdk-pixbuf2<2.42.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44648
|
|
gpac<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25427
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36412
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36414
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36417
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40559
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40562
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40563
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40564
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40565
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40566
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40567
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40568
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40569
|
|
gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40570
|
|
gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40571
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40572
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40573
|
|
gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40574
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40575
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40576
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45760
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45762
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45763
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45764
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45767
|
|
guacamole-server<1.4.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41767
|
|
guacamole-server<1.4.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43999
|
|
jenkins<2.330 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-20612
|
|
libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-35452
|
|
libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36408
|
|
libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36409
|
|
libde265<1.0.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36410
|
|
libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36411
|
|
lua54-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44647
|
|
binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46048
|
|
binaryen-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46050
|
|
binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46052
|
|
binaryen-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46053
|
|
binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46054
|
|
binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46055
|
|
phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0196
|
|
phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0197
|
|
phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0238
|
|
radare2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0173
|
|
samba<4.13.16 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-43566
|
|
spin-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-46168
|
|
vim<8.2.4074 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0213
|
|
wpa_supplicant<2.10 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23303
|
|
wpa_supplicant<2.10 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23304
|
|
zabbix<5.4.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23131
|
|
zabbix<5.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23132
|
|
zabbix<5.4.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23133
|
|
zabbix<5.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23134
|
|
webkit-gtk<2.34.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0001.html
|
|
polkit<0.120nb2 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-4034
|
|
mysql-cluster>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
|
|
mysql-server>=5.7<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL
|
|
openjdk8<1.8.313 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
|
|
openjdk11<1.11.0.14 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
|
|
apache-tomcat<8.5.75 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23181
|
|
apache-tomcat>=9<9.0.58 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23181
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-23225
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-26247
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3816
|
|
duktape-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46322
|
|
expat<2.4.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23852
|
|
expat<2.4.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23990
|
|
gcc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46195
|
|
go116<1.16.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39293
|
|
go117<1.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39293
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46234
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46236
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46237
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46238
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46239
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46240
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46311
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46313
|
|
grafana<8.3.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-21673
|
|
hdf5-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46242
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46243
|
|
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46244
|
|
ldns<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-19860
|
|
ldns<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-19861
|
|
librecad-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45341
|
|
librecad-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45342
|
|
librecad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45343
|
|
libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45340
|
|
libspf2<1.2.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33912
|
|
mariadb-server<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657
|
|
mariadb-server<10.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658
|
|
mariadb-server<10.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659
|
|
moodle<3.11.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0332
|
|
moodle<3.11.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-0333
|
|
moodle<3.11.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0334
|
|
moodle<3.11.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0335
|
|
py{36,37,38,39,310}-wagtail<2.15.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21683
|
|
vim<8.2.4120 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0261
|
|
wolfssl>=5<5.1.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23408
|
|
py{36,37,38,39,310}-loguru<0.6.0 remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0329
|
|
vim<8.2.4151 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0318
|
|
php{56,70,71,72,73,74,80}-phpmyadmin<4.9.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23807
|
|
xerces-j<2.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23437
|
|
vim<8.2.4206 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-0351
|
|
vim<8.2.4217 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0368
|
|
vim<8.2.4215 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0361
|
|
vim<8.2.4214 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0359
|
|
vim<8.2.4233 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0393
|
|
vim<8.2.4218 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0392
|
|
vim<8.2.4253 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0413
|
|
vim<8.2.4247 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0408
|
|
vim<8.2.4219 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0407
|
|
vim<8.2.4245 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0417
|
|
rust>=1<1.58.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-21658
|
|
p5-Image-ExifTool<12.38 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23935
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034
|
|
xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034
|
|
xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033
|
|
varnish>=6.0<6.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23959
|
|
varnish>=7.0<7.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23959
|
|
qemu<6.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4145
|
|
protobuf<3.15.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-22570
|
|
tightvnc-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23967
|
|
glpi<9.5.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-21720
|
|
glpi<9.5.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21719
|
|
php{56,73,74,80}-piwigo<2.8.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-3735
|
|
xterm<370 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24130
|
|
py{27,34,35,36,37,38,39,310}-treq<22.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23607
|
|
h2o-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-43848
|
|
zabbix-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-46088
|
|
minetest<5.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24301
|
|
minetest<5.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24300
|
|
jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26208
|
|
vim<8.2.4281 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0443
|
|
py{36,37,38,39,310}-django>=2.2<2.2.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833
|
|
py{36,37,38,39,310}-django>=3.2<3.2.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833
|
|
py{36,37,38,39,310}-django>=4.0<4.0.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833
|
|
py{36,37,38,39,310}-django>=2.2<2.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818
|
|
py{36,37,38,39,310}-django>=3.2<3.2.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818
|
|
py{36,37,38,39,310}-django>=4.0<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818
|
|
py{27,36,37,38,39,310}-ipython>=6.0.0<7.16.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699
|
|
py{27,36,37,38,39,310}-ipython>=7.17.0<7.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699
|
|
py{27,36,37,38,39,310}-ipython>=8.0.0<8.0.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699
|
|
mariadb-server>=10.6<10.6.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669
|
|
mariadb-server>=10.5<10.5.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669
|
|
mariadb-server>=10.4<10.4.25 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669
|
|
mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668
|
|
mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668
|
|
mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668
|
|
mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665
|
|
mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665
|
|
mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665
|
|
mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664
|
|
mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664
|
|
mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664
|
|
mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662
|
|
mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662
|
|
mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662
|
|
mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663
|
|
mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663
|
|
mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663
|
|
mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661
|
|
mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661
|
|
mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661
|
|
openssl>=1.1.1<1.1.1m unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2021-4160
|
|
mariadb-server<10.4.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667
|
|
mariadb-server>=10.5.0<10.5.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667
|
|
mariadb-server>=10.6.0<10.6.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667
|
|
mariadb-server<10.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666
|
|
mariadb-server>=10.5.0<10.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666
|
|
mariadb-server>=10.6.0<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24249
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4043
|
|
gerbv-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40403
|
|
gerbv-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-40401
|
|
mongodb<4.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32036
|
|
apache-cassandra<3.0.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44521
|
|
atheme<7.2.12 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24976
|
|
drupal<9.0.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13668
|
|
drupal<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13669
|
|
drupal<9.0.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13670
|
|
drupal<9.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13672
|
|
drupal<9.2.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13675
|
|
drupal<9.2.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13677
|
|
gitea<1.7.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-45325
|
|
gitea<1.5.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-45326
|
|
gitea<1.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45327
|
|
gitea<1.4.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-45328
|
|
gitea<1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45329
|
|
gitea<1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45330
|
|
gitea<1.5.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45331
|
|
go116<1.16.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23772
|
|
go117<1.17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23772
|
|
go116<1.16.14 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-23773
|
|
go117<1.17.7 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-23773
|
|
go116<1.16.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23806
|
|
go117<1.17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23806
|
|
gradle<7.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-23630
|
|
grafana<8.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21702
|
|
grafana<8.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-21703
|
|
grafana<8.3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-21713
|
|
htmldoc<1.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0534
|
|
jenkins<2.334 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0538
|
|
kate<21.12.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23853
|
|
# "can't be fixed" according to https://bugzilla.redhat.com/show_bug.cgi?id=2054686
|
|
#git-base-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24975
|
|
php{56,73,74,80,81}-concrete5<9.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22954
|
|
php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45357
|
|
py{27,36,37,38,39,310}-twisted<22.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-21712
|
|
python36<3.6.14 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391
|
|
python37<3.7.11 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391
|
|
python38<3.8.11 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391
|
|
python39<3.9.5 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391
|
|
python310<3.10.0 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391
|
|
radare2<5.6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0139
|
|
radare2<5.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0519
|
|
radare2<5.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0521
|
|
ruby{25,26,27,30,31}-actionpack60<6.0.4.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633
|
|
ruby{25,26,27,30,31}-actionpack61<6.1.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633
|
|
ruby{25,26,27,30,31}-actionpack70<7.0.2.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633
|
|
ruby27-base<2.7.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41816
|
|
ruby30-base<3.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41816
|
|
ruby{25,26,27,30,31}-puma<5.2.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23634
|
|
tcpreplay<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45386
|
|
tcpreplay<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45387
|
|
tiff<4.3.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0561
|
|
tiff<4.3.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0562
|
|
unzip-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-0529
|
|
unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0530
|
|
vim<8.2.4327 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0554
|
|
ImageMagick<7.0.10.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3596
|
|
ImageMagick<7.0.11.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3610
|
|
blender<2.83.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0544
|
|
blender>=2.93<2.93.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0544
|
|
blender<2.83.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0545
|
|
blender>=2.93<2.93.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0545
|
|
blender-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0546
|
|
consul<1.9.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24687
|
|
cyrus-sasl<2.1.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24407
|
|
drupal<9.2.16 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25271
|
|
expat<2.4.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25235
|
|
expat<2.4.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25236
|
|
expat<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25313
|
|
expat<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-25314
|
|
expat<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-25315
|
|
ghostscript-agpl<9.55.0 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3781
|
|
htmldoc<1.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26252
|
|
isync<1.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3578
|
|
isync<1.4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3657
|
|
kcron<21.12.3 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2022-24986
|
|
vim<8.2.4359 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0572
|
|
phoronix-test-suite<10.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0571
|
|
zsh<5.8.1 archive-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45444
|
|
wireshark<3.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-0586
|
|
wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0583
|
|
wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0582
|
|
wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0581
|
|
radare2<5.6.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0559
|
|
qt5>=5.9<5.15.9 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-25255
|
|
pcf2bdf<1.07 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23319
|
|
pcf2bdf<1.07 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23318
|
|
vim<8.2.4397 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0629
|
|
wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0585
|
|
swtpm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-23645
|
|
libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-46700
|
|
vim<8.2.4418 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0685
|
|
vim<8.2.4428 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-0696
|
|
radare2<5.6.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-0712
|
|
vim<8.2.4436 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0714
|
|
radare2<5.6.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0713
|
|
vim<8.2.4440 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0729
|
|
radare2<5.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0476
|
|
wolfssl<5.2.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25640
|
|
wolfssl<5.2.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25638
|
|
radare2<5.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0695
|
|
radare2<5.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4021
|
|
libxml2<2.9.13 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-23308
|
|
lepton-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26181
|
|
polkit<0.119 local-root-exploit https://nvd.nist.gov/vuln/detail/CVE-2021-3560
|
|
qemu<6.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3947
|
|
qemu<6.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3930
|
|
polkit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4115
|
|
php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24620
|
|
qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3608
|
|
qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3607
|
|
qt5<5.15.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-25634
|
|
webmin<1.990 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0829
|
|
webmin<1.990 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0824
|
|
haproxy-[0-9]* http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-0711
|
|
htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23206
|
|
htmldoc<1.9.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-23191
|
|
htmldoc<1.9.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-23180
|
|
htmldoc<1.9.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-26948
|
|
htmldoc<1.9.12 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26259
|
|
liquibase<4.8.0 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2022-0839
|
|
radare2<5.6.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0849
|
|
cmark-gfm<0.29.0.gfm.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24724
|
|
cacti-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0730
|
|
py{27,36,37,38,39,310}-twisted<22.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-21716
|
|
qemu<7.2.0 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3638
|
|
openjpeg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3575
|
|
openexr<2.5.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20303
|
|
openexr<2.5.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20300
|
|
openexr<2.5.4 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-20302
|
|
samba>=4.0<4.13.14 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722
|
|
samba>=4.14<4.14.10 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722
|
|
samba>=4.15<4.15.2 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722
|
|
samba>=4.0<4.13.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718
|
|
samba>=4.14<4.14.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718
|
|
samba>=4.15<4.15.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718
|
|
samba>=4.0<4.13.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717
|
|
samba>=4.14<4.14.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717
|
|
samba>=4.15<4.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717
|
|
samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719
|
|
samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719
|
|
samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719
|
|
samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124
|
|
samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124
|
|
samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124
|
|
samba<4.13.17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142
|
|
samba>=4.14<4.14.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142
|
|
samba>=4.15<4.15.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142
|
|
samba<4.15.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44141
|
|
samba>=4.0<4.13.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738
|
|
samba>=4.14<4.14.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738
|
|
samba>=4.15<4.15.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738
|
|
samba>=4.10<4.13.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192
|
|
samba>=4.14<4.14.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192
|
|
samba>=4.15<4.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192
|
|
go116<1.16.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24921
|
|
go117<1.17.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24921
|
|
mediawiki<1.23.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0371
|
|
libreoffice>=7.2<7.2.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25636
|
|
py{36,37,38,39,310}-scrapy<2.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0577
|
|
libtpms<0.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3623
|
|
ansible-base<2.9.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3620
|
|
python36<3.6.14 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737
|
|
python37<3.7.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737
|
|
python38<3.8.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737
|
|
python39<3.9.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737
|
|
sqlite3>=3.35.1<3.38.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-45346
|
|
mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052
|
|
mariadb-server>=10.5<10.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052
|
|
mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052
|
|
mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051
|
|
mariadb-server>=10.5<10.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051
|
|
mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051
|
|
mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050
|
|
mariadb-server>=10.5<10.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050
|
|
mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050
|
|
mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048
|
|
mariadb-server>=10.5<10.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048
|
|
mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048
|
|
nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44533
|
|
nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44533
|
|
nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44532
|
|
nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44532
|
|
nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44531
|
|
nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44531
|
|
php>=7.4<7.4.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708
|
|
php>=8.0<8.0.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708
|
|
php>=8.1<8.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708
|
|
postgresql11-server<11.13 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677
|
|
postgresql12-server<12.8 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677
|
|
postgresql13-server<13.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677
|
|
postgresql96-server<9.6.24 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214
|
|
postgresql10-server<10.19 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214
|
|
postgresql11-server<11.14 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214
|
|
postgresql12-server<12.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214
|
|
postgresql13-server<13.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214
|
|
postgresql14-server<14.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214
|
|
nginx<1.20.2nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139
|
|
nginx>=1.21<1.21.6nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139
|
|
njs<0.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139
|
|
nginx<1.20.2nb2 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463
|
|
nginx>=1.21<1.21.6nb1 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463
|
|
njs<0.7.2 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463
|
|
nginx<1.20.2nb2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462
|
|
nginx>=1.21<1.21.6nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462
|
|
njs<0.7.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462
|
|
nginx<1.20.2nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461
|
|
nginx>=1.21<1.21.6nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461
|
|
njs<0.7.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461
|
|
mupdf<1.20.0nb2 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45005
|
|
bareos<20.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24756
|
|
bareos<20.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24755
|
|
py{27,34,35,36,37,38,39,310}-httpie<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0430
|
|
openssl<1.1.1n denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0778
|
|
gitea<1.13.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-29134
|
|
vim<8.2.4563 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0943
|
|
qemu<7.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26354
|
|
qemu<7.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26353
|
|
htmldoc<1.9.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-23158
|
|
openexr<3.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-20299
|
|
ansible-base<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20180
|
|
qemu<6.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-20257
|
|
samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721
|
|
samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721
|
|
samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721
|
|
minidlna<1.3.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26505
|
|
py{27,34,35,36,37,38,39,310}-httpie<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24737
|
|
php{56,71,72,73,74,80}-nextcloud>=20<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239
|
|
php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239
|
|
icingaweb2<2.9.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24716
|
|
icingaweb2<2.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24714
|
|
icingaweb2<2.8.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24715
|
|
zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24919
|
|
zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24917
|
|
zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24918
|
|
zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24349
|
|
gitea<1.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0905
|
|
libcaca-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0856
|
|
php{56,70,71,72,73,74,80}-phpmyadmin<4.9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0813
|
|
keepass-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0725
|
|
ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-34342
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34341
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34340
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34339
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34338
|
|
libpano13-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-33293
|
|
libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2020-36123
|
|
gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26967
|
|
gpac<2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24578
|
|
gpac<2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24577
|
|
gpac<2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24576
|
|
gpac<2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24575
|
|
gpac<2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24574
|
|
apache<2.4.53 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23943
|
|
apache<2.4.53 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-22720
|
|
apache<2.4.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22721
|
|
apache<2.4.53 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22719
|
|
mutt<2.2.3 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2022-1328
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32162
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32161
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32160
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32159
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32158
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32157
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32156
|
|
vim<8.2.4647 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1160
|
|
vim<8.2.4646 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1154
|
|
tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27942
|
|
tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27941
|
|
tcpreplay-[0-9]* arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2022-27939
|
|
tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27940
|
|
tcpreplay<4.4.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-27416
|
|
tcpreplay<4.4.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27418
|
|
salt<3004.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-22941
|
|
salt<3004.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-22936
|
|
salt<3004.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-22935
|
|
salt<3004.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-22934
|
|
moodle<3.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32478
|
|
moodle<3.10.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32476
|
|
moodle<3.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32475
|
|
moodle<3.10.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32474
|
|
moodle<3.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32473
|
|
moodle<3.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32472
|
|
moodle<3.10.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32477
|
|
radare2<5.6.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1031
|
|
radare2<5.6.8 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1061
|
|
radare2<5.6.6 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1052
|
|
radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1207
|
|
radare2<5.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1244
|
|
radare2<5.6.8 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1238
|
|
radare2<5.8.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1240
|
|
radare2<5.6.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1237
|
|
radare2<5.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1284
|
|
radare2<5.6.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1283
|
|
radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1296
|
|
radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1297
|
|
libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27938
|
|
libsixel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27046
|
|
libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27044
|
|
libsixel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41715
|
|
libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40656
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1035
|
|
gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-1222
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27148
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27147
|
|
gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27146
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27145
|
|
php{56,72,73,74,80}-orangehrm<4.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-27107
|
|
php{56,72,73,74,80}-orangehrm<4.10.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27108
|
|
jhead<3.06.0.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28278
|
|
jhead<3.06.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28277
|
|
jhead<3.06.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28276
|
|
jhead<3.06.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28275
|
|
abcm2ps<8.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32436
|
|
abcm2ps<8.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32435
|
|
abcm2ps<8.14.12 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32434
|
|
mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28209
|
|
mediawiki<1.37.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-28202
|
|
tiff<4.4.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0891
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0865
|
|
tiff<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0924
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0908
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0909
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0907
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1056
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1210
|
|
gerbv-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40402
|
|
gerbv-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40400
|
|
openexr<3.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3941
|
|
openexr<3.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3933
|
|
py{27,34,35,36,37,38,39,310}-tryton<6.2.6 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-26661
|
|
wavpack-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44269
|
|
grub2-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3981
|
|
horde<2.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26874
|
|
fish<3.4.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-20001
|
|
lua54<5.4.4 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-44964
|
|
py{27,34,35,36,37,38,39,310}-paramiko<2.10.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24302
|
|
openvpn<2.5.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0547
|
|
mitmproxy<8.0.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-24766
|
|
bind>=9.16.11<9.16.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0396
|
|
libsndfile<1.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4156
|
|
qemu<6.2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3748
|
|
gitea<1.16.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-1058
|
|
mbedtls-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43666
|
|
libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0897
|
|
libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4147
|
|
qemu<2.17.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3582
|
|
caribou<0.4.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3567
|
|
zlib<1.2.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-25032
|
|
py{27,34,35,36,37,38,39,310}-Pillow<9.0.1 local-file-delete https://nvd.nist.gov/vuln/detail/CVE-2022-24303
|
|
lrzip<0.650 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-26291
|
|
re2c<3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23901
|
|
openjpeg<2.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1122
|
|
mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28205
|
|
mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28206
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1172
|
|
ruby{25,26,27,30,31}-puma<5.6.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24790
|
|
py{27,36,37,38,39,310}-notebook<6.4.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24758
|
|
SDL2<2.0.20 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33657
|
|
weechat<3.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-28352
|
|
py{27,36,37,38,39,310}-twisted<22.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-24801
|
|
htmldoc<1.9.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24191
|
|
py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24729
|
|
py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24728
|
|
mantis<2.25.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26144
|
|
mantis<2.25.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43257
|
|
libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1253
|
|
sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40426
|
|
njs<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27008
|
|
njs<0.7.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27007
|
|
mutt<2.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1328
|
|
subversion-base<1.14.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28544
|
|
ap24-subversion<1.14.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28544
|
|
lua54-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28805
|
|
e2fsprogs-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1304
|
|
go116-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27191
|
|
go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27191
|
|
mariadb-server>=10.6<10.6.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387
|
|
mariadb-server>=10.5<10.5.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387
|
|
mariadb-server>=10.4<10.4.25 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384
|
|
mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385
|
|
mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385
|
|
mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445
|
|
mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444
|
|
mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444
|
|
mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444
|
|
subversion-base<1.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24070
|
|
ap24-subversion<1.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24070
|
|
mongodb<4.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32040
|
|
asterisk16<16.25.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499
|
|
asterisk18<18.11.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499
|
|
asterisk19<19.3.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499
|
|
asterisk16<16.25.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498
|
|
asterisk18<18.11.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498
|
|
asterisk19<19.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498
|
|
asterisk16<16.25.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651
|
|
asterisk18<18.11.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651
|
|
asterisk18<19.3.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651
|
|
php{56,71,72,73,74,80}-nextcloud<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241
|
|
php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241
|
|
php{56,71,72,73,74,80}-nextcloud<21.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741
|
|
php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741
|
|
php{56,71,72,73,74,80}-nextcloud<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233
|
|
php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233
|
|
ImageMagick<6.9.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4219
|
|
ImageMagick>=7.1<7.1.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4219
|
|
php{56,72,73,74,80}-composer<2.2.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24828
|
|
xenkernel411-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356
|
|
xenkernel413-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356
|
|
xenkernel415<4.15.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356
|
|
njs<0.7.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-28049
|
|
php{56,73,74,80,81}-piwigo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26267
|
|
php{56,73,74,80,81}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26266
|
|
powerdns<4.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27227
|
|
powerdns-recursor<4.4.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27227
|
|
ruby{25,26,27,30,31}-nokogiri<1.13.4 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2022-24836
|
|
# affects ghostpcl, not part of standard ghostscript, see e.g. https://ubuntu.com/security/CVE-2022-1350
|
|
#ghostscript-agpl-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-1350
|
|
neomutt<20220415 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1328
|
|
php{56,73,74,80,81}-memcached<2.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26635
|
|
grafana<8.4.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24812
|
|
grafana<7.3.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26148
|
|
libarchive<3.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-26280
|
|
py{36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347
|
|
py{36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347
|
|
py{36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347
|
|
py{36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346
|
|
py{36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346
|
|
py{36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346
|
|
ruby{25,26,27,30,31}-yajl<1.4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24795
|
|
bind>=9.11<9.11.37 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-25220
|
|
bind>=9.16<9.16.27 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-25220
|
|
python37<3.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733
|
|
python39<3.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733
|
|
python39<3.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733
|
|
python37<3.7.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107
|
|
python38<3.8.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107
|
|
python39<3.9.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107
|
|
python310<3.10.8 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107
|
|
radare2<5.6.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1382
|
|
radare2<5.6.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1383
|
|
vim<8.2.4763 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1381
|
|
bwm-ng<0.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1341
|
|
py{27,36,37,38,39,310}-PDF2<1.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24859
|
|
opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42782
|
|
opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42781
|
|
opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42780
|
|
opensc<0.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42779
|
|
opensc<0.22.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-42778
|
|
dcraw-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3624
|
|
freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27406
|
|
freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27405
|
|
freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27404
|
|
radare2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1437
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1444
|
|
radare2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1452
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1451
|
|
glpi<10.0.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24869
|
|
glpi<10.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24868
|
|
glpi<10.0.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24867
|
|
zoneminder-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29806
|
|
vim<8.2.4774 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1420
|
|
pam-tacplus<1.4.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2016-20014
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29537
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1441
|
|
epiphany<41.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29536
|
|
xpdf-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27135
|
|
giflib<5.2.1nb5 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28506
|
|
mysql-cluster<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-server<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-cluster>=7.0<7.4.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-server>=7.0<7.4.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-cluster>=7.6<7.6.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-server>=7.6<7.6.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-cluster>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL
|
|
openjdk8<1.8.322 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA
|
|
openjdk11<11.0.15 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA
|
|
freerdp2<2.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24883
|
|
freerdp2<2.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24882
|
|
couchdb<3.2.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24706
|
|
htmldoc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28085
|
|
consul<1.9.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-29153
|
|
go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28327
|
|
go117<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28327
|
|
go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27536
|
|
go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675
|
|
go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675
|
|
ncurses-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29458
|
|
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059
|
|
ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059
|
|
redis<6.2.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24736
|
|
redis<6.2.7 code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24735
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24889
|
|
php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24889
|
|
php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24888
|
|
php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24888
|
|
pycharm-bin<2022.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29820
|
|
intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29819
|
|
intellij-ue-bin<2022.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29818
|
|
intellij-ue-bin<2022.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-29817
|
|
intellij-ue-bin<2022.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29816
|
|
intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29815
|
|
intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29814
|
|
intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29813
|
|
intellij-ue-bin<2022.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29812
|
|
py{27,36,37,38,39,310}-httpx-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41945
|
|
podman<3.4.7 code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1227
|
|
ImageMagick>=7.1<7.1.0.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1114
|
|
moodle-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0985
|
|
moodle-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0984
|
|
qemu<7.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4207
|
|
qemu<7.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4206
|
|
mediawiki<1.36.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28323
|
|
prosody<0.11.12 denial-of-service https://prosody.im/security/advisory_20220113/
|
|
radare2-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1649
|
|
vim<8.2.4925 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1629
|
|
vim<8.2.4919 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1621
|
|
libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29977
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1623
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1622
|
|
qemu<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3611
|
|
mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34085
|
|
njs<0.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29369
|
|
vim<8.2.4938 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1674
|
|
radare2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1714
|
|
webmin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-30708
|
|
unrar<6.1.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-30333
|
|
janet<1.22.0 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30763
|
|
gitea<1.6.7 command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-30781
|
|
xpdf-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-30775
|
|
u-boot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30767
|
|
apache-tomcat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29885
|
|
apache-tomcat>=9.0<9.0.21 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-25762
|
|
apache-tomcat>=8.5<8.5.76 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-25762
|
|
gitea<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27313
|
|
gtk+-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
gtk2+-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
qt4-libs-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ImageMagick6<6.9.12.44 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28463
|
|
ImageMagick<7.1.0.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28463
|
|
ImageMagick6<6.9.12.43 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32545
|
|
ImageMagick<7.1.0.28 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32545
|
|
ImageMagick6<6.9.12.44 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32546
|
|
ImageMagick<7.1.0.29 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32546
|
|
ImageMagick<7.1.0.30 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32547
|
|
ImageMagick6<6.9.12.45 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32547
|
|
SDL2_ttf<2.20.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27470
|
|
admesh-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-25033
|
|
apache-maven<3.8.3 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29599
|
|
apache-tomcat>=8.5<8.5.82 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34305
|
|
apache-tomcat>=9.0<9.0.65 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34305
|
|
apache<2.4.54 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-26377
|
|
apache<2.4.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28614
|
|
apache<2.4.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28615
|
|
apache<2.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29404
|
|
apache<2.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30522
|
|
apache<2.4.54 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30556
|
|
apache<2.4.54 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31813
|
|
caddy<2.5.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-29718
|
|
clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20770
|
|
clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20771
|
|
clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20785
|
|
clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20796
|
|
curl<7.83.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-22576
|
|
curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27774
|
|
curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27775
|
|
curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27776
|
|
curl<7.83.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-27778
|
|
curl<7.83.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27779
|
|
curl<7.83.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27780
|
|
curl<7.83.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27781
|
|
curl<7.83.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27782
|
|
curl<7.83.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30115
|
|
dpkg<1.21.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-1664
|
|
elasticsearch<7.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23712
|
|
electrum<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31246
|
|
ezxml-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-30045
|
|
webkit-gtk<2.34.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0002.html
|
|
webkit-gtk<2.34.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0003.html
|
|
webkit-gtk<2.36.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0004.html
|
|
webkit-gtk<2.36.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0005.html
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125002
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125003
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125004
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125005
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125006
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125007
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125008
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125009
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125010
|
|
ffmpeg2<2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-125011
|
|
ffmpeg2<2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-125012
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125013
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125014
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125015
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125016
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125017
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125018
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125019
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125020
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125021
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125022
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125023
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125024
|
|
ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125025
|
|
ffmpeg4<4.4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1475
|
|
ffmpeg5<5.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1475
|
|
ghostscript-agpl<9.56.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2085
|
|
giflib-util-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40633
|
|
gimp<2.10.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30067
|
|
gimp<2.10.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32990
|
|
gitea<1.16.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1928
|
|
gitea<1.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27313
|
|
go117<1.17.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-29526
|
|
go118<1.18.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-29526
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40592
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41458
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1795
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29339
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29340
|
|
gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-30976
|
|
halibut<1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42612
|
|
halibut<1.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-42613
|
|
halibut<1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42614
|
|
harfbuzz<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33068
|
|
htmldoc<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27114
|
|
inkscape<1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-42700
|
|
inkscape<1.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42702
|
|
inkscape<1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-42704
|
|
jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34170
|
|
jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34171
|
|
jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34172
|
|
jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34173
|
|
jenkins<2.346.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2022-34174
|
|
jenkins<2.346.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34175
|
|
knot<5.5.1 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-32983
|
|
libdwarf<0.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-32200
|
|
libdwarf<0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34299
|
|
libjpeg-turbo<2.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46822
|
|
libntfs<2022.5.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30783
|
|
libntfs<2022.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30784
|
|
libntfs<2022.5.17 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-30785
|
|
libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30786
|
|
libntfs<2022.5.17 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-30787
|
|
libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30788
|
|
libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30789
|
|
libredwg-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33034
|
|
libxml2<2.9.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29824
|
|
lighttpd<1.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30780
|
|
lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33067
|
|
mantis<2.25.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-33910
|
|
mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621
|
|
mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622
|
|
mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623
|
|
mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624
|
|
matio<1.5.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1515
|
|
moodle<4.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30596
|
|
moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30597
|
|
moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30598
|
|
moodle<4.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30600
|
|
mupdf<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30974
|
|
mupdf<1.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-30975
|
|
njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29779
|
|
njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29780
|
|
njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30503
|
|
njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31306
|
|
njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31307
|
|
njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32414
|
|
nuitka<0.9 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2054
|
|
openldap<2.6.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29155
|
|
openssl<1.1.1o shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-1292
|
|
openssl>=3.0.0<3.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-1343
|
|
openssl>=3.0.0<3.0.3 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-1434
|
|
openssl>=3.0.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1473
|
|
openssl<1.1.1p shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2068
|
|
pcre2<10.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1586
|
|
pcre2<10.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1587
|
|
php{56,73,74,80,81}-concrete5<9.1.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21829
|
|
php{56,73,74,80,81}-concrete5<9.1.0 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2022-30117
|
|
glpi<10.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24876
|
|
glpi<10.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29250
|
|
php74-mysql<7.4.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626
|
|
php80-mysql<8.0.20 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626
|
|
php81-mysql<8.1.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626
|
|
php{56,74,80,81}-nextcloud<23.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-29163
|
|
php{56,74,80,81}-nextcloud<23.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29243
|
|
php{56,74,80,81}-owncloud<10.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31649
|
|
php74-pgsql<7.4.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625
|
|
php80-pgsql<8.0.20 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625
|
|
php81-pgsql<8.1.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625
|
|
php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19212
|
|
php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19213
|
|
php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19215
|
|
php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-40317
|
|
php{56,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40678
|
|
pidgin<2.14.9 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-26491
|
|
poppler<22.04.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27337
|
|
protobuf-c<=1.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33070
|
|
py{27,36,37,38,39,310}-JWT<2.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-29217
|
|
py{27,36,37,38,39,310}-Pillow<9.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30595
|
|
py{27,36,37,38,39,310}-aiohttp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33124
|
|
py{27,36,37,38,39,310}-bottle<0.12.20 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-31799
|
|
py{27,36,37,38,39,310}-cookiecutter<2.1.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24065
|
|
py{27,36,37,38,39,310}-flower-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30034
|
|
py{27,36,37,38,39,310}-ldap3<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46823
|
|
py{27,36,37,38,39,310}-notebook<6.4.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29238
|
|
py{27,36,37,38,39,310}-octoprint<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1430
|
|
py{27,36,37,38,39,310}-octoprint<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1432
|
|
py{27,36,37,38,39,310}-waitress>=2.1.0<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31015
|
|
qemu<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3750
|
|
radare2<5.5.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44974
|
|
radare2<5.5.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44975
|
|
radare2<5.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1809
|
|
radare2<5.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1899
|
|
redis<7.0.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-33105
|
|
rsyslog<8.2204.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24903
|
|
ruby{26,27,30,31}-actionpack52-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577
|
|
ruby{26,27,30,31}-actionpack60<6.0.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577
|
|
ruby{26,27,30,31}-actionpack61<6.1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577
|
|
ruby{26,27,30,31}-activestorage52<5.2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831
|
|
ruby{26,27,30,31}-activestorage60<6.0.4.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831
|
|
ruby{26,27,30,31}-activestorage61<6.1.4.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831
|
|
ruby30-base<3.0.4 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-28738
|
|
ruby31-base<3.0.4 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-28738
|
|
ruby26-base<2.6.10 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739
|
|
ruby27-base<2.7.6 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739
|
|
ruby30-base<3.0.4 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739
|
|
ruby31-base<3.1.2 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739
|
|
ruby{26,27,30,31}-jmespath<1.6.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32511
|
|
ruby{26,27,30,31}-mechanize<2.8.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31033
|
|
ruby{26,27,30,31}-nokogiri<1.13.6 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-29181
|
|
ruby{26,27,30,31}-octokit>=4.23.0<4.25.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2022-31072
|
|
ruby{26,27,30,31}-rails<1.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-32209
|
|
ruby{26,27,30,31}-sinatra<2.2.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-29970
|
|
salt<3004.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-22967
|
|
slurm-wlm<20.11.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29500
|
|
slurm-wlm<20.11.9.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-29501
|
|
slurm-wlm>=21<21.08.8.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-29502
|
|
sofia-sip<1.13.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31001
|
|
sofia-sip<1.13.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31002
|
|
sofia-sip<1.13.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-31003
|
|
sox-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3643
|
|
sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-31650
|
|
sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31651
|
|
tcpreplay-[0-9]* format-string https://nvd.nist.gov/vuln/detail/CVE-2022-28487
|
|
totd<1.5.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-34295
|
|
php{56,73,74,80,81}-typo3<7.6.57 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31046
|
|
php{56,73,74,80,81}-typo3<7.6.57 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31047
|
|
php{56,73,74,80,81}-typo3<8.7.47 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31048
|
|
php{56,73,74,80,81}-typo3<9.5.34 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-31049
|
|
php{56,73,74,80,81}-typo3<9.5.34 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31050
|
|
u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30552
|
|
u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30790
|
|
unicorn-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-29692
|
|
unicorn<2.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-29693
|
|
unicorn<2.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-29694
|
|
unicorn<2.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-29695
|
|
vault>=1.10.0<1.10.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30689
|
|
vim<8.2.4895 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1616
|
|
vim<8.2.4899 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1619
|
|
vim<8.2.4901 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1620
|
|
vim<8.2.4956 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1720
|
|
vim<8.2.4968 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1733
|
|
vim<8.2.4969 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1735
|
|
vim<8.2.4974 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1769
|
|
vim<8.2.4975 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1771
|
|
vim<8.2.4977 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1785
|
|
vim<8.2.4979 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1796
|
|
vim<8.2.5013 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1851
|
|
vim<8.2.5016 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1886
|
|
vim<8.2.5023 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1897
|
|
vim<8.2.5024 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1898
|
|
vim<8.2.5037 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1927
|
|
vim<8.2.5043 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1942
|
|
vim<8.2.5050 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1968
|
|
vim<8.2.5063 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2000
|
|
vim<8.2.5072 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2042
|
|
vim<8.2.5120 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2124
|
|
vim<8.2.5122 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2125
|
|
vim<8.2.5123 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2126
|
|
vim<8.2.5126 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2129
|
|
vim<8.2.5148 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2175
|
|
vim<8.2.5150 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2182
|
|
vim<8.2.5151 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2183
|
|
xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26362
|
|
xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26362
|
|
xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26363
|
|
xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26363
|
|
xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26364
|
|
xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26364
|
|
xfce4-exo<4.16.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-32278
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30524
|
|
nodejs>=14<14.19.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097
|
|
nodejs>=14<14.20.1 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212
|
|
nodejs>=14<14.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213
|
|
nodejs>=14<14.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214
|
|
nodejs>=14<14.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215
|
|
nodejs>=14<14.19.0 dll-hijacking https://nvd.nist.gov/vuln/detail/CVE-2022-32223
|
|
nodejs>=16<16.16.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097
|
|
nodejs>=16<16.16.0 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212
|
|
nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213
|
|
nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214
|
|
nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215
|
|
nodejs>=16<16.16.0 dll-hijacking https://nvd.nist.gov/vuln/detail/CVE-2022-32223
|
|
nodejs>=18<18.5.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097
|
|
nodejs>=18<18.9.1 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212
|
|
nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213
|
|
nodejs>=18<18.5.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214
|
|
nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215
|
|
nodejs>=18<18.9.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-32222
|
|
vim<8.2.5160 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2206
|
|
vim<8.2.5164 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2210
|
|
vim<8.2.5163 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2208
|
|
vim<8.2.5162 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2207
|
|
vim<8.2.5169 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2231
|
|
vim<9.0.0009 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2257
|
|
vim<9.0.0011 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2264
|
|
vim<9.0.0020 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2286
|
|
vim<9.0.0018 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2285
|
|
vim<9.0.0017 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2284
|
|
vim<9.0.0021 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2287
|
|
vim<9.0.0025 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2288
|
|
vim<9.0.0026 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2289
|
|
vim<9.0.0035 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2304
|
|
vim<9.0.0046 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2344
|
|
vim<9.0.0045 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2343
|
|
vim<9.0.0047 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2345
|
|
libredwg-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-33033
|
|
libredwg-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-33027
|
|
libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33026
|
|
libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33032
|
|
libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33028
|
|
libredwg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33024
|
|
libredwg-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-33025
|
|
gpac<2.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40942
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40607
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40944
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40608
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40609
|
|
gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40606
|
|
curl<7.84.0 insecure-temp-file https://nvd.nist.gov/vuln/detail/CVE-2022-32207
|
|
curl<7.84.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-32208
|
|
curl<7.84.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32206
|
|
curl<7.84.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32205
|
|
glpi<10.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31061
|
|
glpi<10.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31068
|
|
glpi<10.0.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-31056
|
|
mediawiki<1.39.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34750
|
|
mediawiki<1.38.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34912
|
|
mediawiki<1.38.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34911
|
|
salt<3004.2. authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2282
|
|
jetty<9.4.47 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2048
|
|
jetty<9.4.47 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2022-2047
|
|
webmin<1.997 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2022-36446
|
|
webmin<1.995 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36880
|
|
vim<9.0.0060 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2522
|
|
vim<9.0.0100 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-2598
|
|
vim<9.0.0104 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2581
|
|
vim<9.0.0102 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2580
|
|
vim<9.0.0101 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2571
|
|
unbound<1.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30699
|
|
unbound<1.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30698
|
|
lrzip-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33451
|
|
lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33453
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33468
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33465
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33466
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33459
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33456
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33467
|
|
yasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33464
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33462
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33463
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33461
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33460
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33458
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33457
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33454
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33455
|
|
u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34835
|
|
u-boot<2022.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-33103
|
|
u-boot<2022.07 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33967
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33108
|
|
radare2-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-34520
|
|
radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34502
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2454
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2453
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2549
|
|
njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34032
|
|
njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34031
|
|
njs<0.7.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-34029
|
|
njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34030
|
|
njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34028
|
|
njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34027
|
|
nasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33450
|
|
nasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33452
|
|
gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2122
|
|
gstreamer1<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1924
|
|
gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1923
|
|
gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1921
|
|
gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1922
|
|
gstreamer1<1.20.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1920
|
|
gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1925
|
|
opa<0.42.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33082
|
|
dovecot<2.3.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30550
|
|
caddy<2.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34037
|
|
autotrace-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-32323
|
|
picoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-34556
|
|
qpdf<10.3.2 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34503
|
|
libxml2<2.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-3709
|
|
py{27,36,37,38,39,310}-lxml<4.9.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2309
|
|
libxml2<2.10.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2309
|
|
htmldoc<1.9.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34035
|
|
htmldoc<1.9.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34033
|
|
p5-HTTP-Daemon<6.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-31081
|
|
mplayer-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32317
|
|
grub2<2.12 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3697
|
|
grub2<2.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3696
|
|
grub2<2.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3695
|
|
vault<1.11.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-36129
|
|
wavpack-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2476
|
|
tor>=0.4.7<0.4.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33903
|
|
moodle<4.0.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35650
|
|
moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35653
|
|
moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35652
|
|
moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35651
|
|
moodle<4.0.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35649
|
|
mbedtls<2.28.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-35409
|
|
gdk-pixbuf2<2.42.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46829
|
|
gradle<7.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31156
|
|
py{27,36,37,38,39,310}-ujson<5.4.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-31116
|
|
py{27,36,37,38,39,310}-ujson<5.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-31117
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2056
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2058
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2057
|
|
tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34266
|
|
mysql-server>=8.0<8.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
mysql-server>=7.6<7.6.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
mysql-server>=7.0<7.4.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
mysql-server<5.7.39 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
mysql-cluster>=8.0<8.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
mysql-cluster>=7.6<7.6.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
mysql-cluster>=7.0<7.4.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
matrix-synapse<1.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31052
|
|
ruby{26,27,30,31}-mysql<2.10.0 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2021-3779
|
|
php{56,73,74,80,81}-piwigo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40553
|
|
jpegoptim-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-32325
|
|
libreoffice<7.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26305
|
|
libreoffice<7.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26307
|
|
libreoffice<7.3.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26306
|
|
qemu<7.1.0 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2022-35414
|
|
grafana>=9.0.0<9.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31097
|
|
grafana<8.5.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31097
|
|
grafana>=9.0.0<9.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31107
|
|
grafana<8.5.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31107
|
|
gnutls<3.7.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2509
|
|
gsasl<2.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2469
|
|
py{36,37,38,39,310}-django>=3.2<3.2.14 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265
|
|
py{36,37,38,39,310}-django>=4.0<4.0.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265
|
|
php{56,74,80,81}-nextcloud<23.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31014
|
|
rt4-[0-9]* open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-25803
|
|
rt4<4.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-25802
|
|
php{56,73,74,80,81}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32297
|
|
ruby{26,27,30,31}-tzinfo<1.2.10 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-31163
|
|
py{27,36,37,38,39,310}-mistune<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34749
|
|
php>=8.1<8.1.8 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31627
|
|
SDL-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-34568
|
|
packagekit-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0987
|
|
squid4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46784
|
|
py{27,36,37,38,39,310}-sanic<22.6.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-35920
|
|
lua54-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33099
|
|
mariadb-server<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32089
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32089
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085
|
|
mariadb-server<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32082
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32082
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088
|
|
mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081
|
|
mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081
|
|
mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081
|
|
gnupg2<2.2.36 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-34903
|
|
openssl<1.1.1q weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097
|
|
rsync<3.2.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-29154
|
|
frr-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-37035
|
|
milkytracker-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34927
|
|
sqlite3<3.39.2 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35737
|
|
moodle<3.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1754
|
|
py{36,37,38,39,310}-django>=3.2<3.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359
|
|
py{36,37,38,39,310}-django>=4.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359
|
|
py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31175
|
|
php{56,74,80,81}-nextcloud<22.2.7 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2022-31120
|
|
php{56,74,80,81}-nextcloud>=23.0<23.0.4 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2022-31120
|
|
php{56,74,80,81}-nextcloud<22.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118
|
|
php{56,74,80,81}-nextcloud>=23.0<23.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118
|
|
php{56,74,80,81}-nextcloud>=24.0<24.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118
|
|
zlib-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37434
|
|
libmpeg2-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-37416
|
|
exim4<4.96 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-37451
|
|
exim4<4.95 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37452
|
|
openjdk7<1.7.344 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
|
|
openjdk8<1.8.334 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
|
|
openjdk11<1.11.0.15.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA
|
|
libxslt<1.1.34nb10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-30560
|
|
expat<2.4.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-40674
|
|
routinator<0.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3029
|
|
bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38178
|
|
bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38177
|
|
bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3080
|
|
bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2795
|
|
unbound<1.16.3 denial-of-service https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
|
|
redis>7<7.0.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35951
|
|
ruby25-* eol https://www.ruby-lang.org/en/downloads/branches/
|
|
ruby26-* eol https://www.ruby-lang.org/en/downloads/branches/
|
|
nodejs>=14<14.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32256
|
|
nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32255
|
|
nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32256
|
|
php>=7.4<7.4.32 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628
|
|
php>=8.0<8.0.24 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628
|
|
php>=8.0<8.0.24 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31629
|
|
php>=8.1<8.1.11 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628
|
|
php>=8.1<8.1.11 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31629
|
|
drupal<9.3.22 multiple-vulnerabilities https://www.drupal.org/sa-core-2022-016
|
|
sqlite3<3.39.4 integer-overflow https://sqlite.org/news.html#2022_09_29
|
|
go118<1.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2879
|
|
go119<1.19.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2879
|
|
isc-dhcpd<4.4.3p1 integer-overflow https://kb.isc.org/docs/cve-2022-2928
|
|
isc-dhcpd<4.4.3p1 memory-leak https://kb.isc.org/docs/cve-2022-2929
|
|
isc-dhcp4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
isc-dhcpd4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
isc-dhclient4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
isc-dhcrelay4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
xterm<375 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45063
|
|
postgresql10-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{27,36,37,38,39,310}-sip<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
emacs20-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs21-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs21-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs25-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs25-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs26-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs26-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs27-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs27-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs28<28.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
emacs28-nox11<28.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
|
rust<1.66.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-46176
|
|
libXpm<3.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46285
|
|
libXpm<3.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44617
|
|
libXpm<3.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-4883
|
|
motif-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46285
|
|
motif-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44617
|
|
motif-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-4883
|
|
heimdal<7.8.0nb2 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2022-45142
|
|
py{36,37,38,39,310,311}-django>=3.2<3.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23969
|
|
py{36,37,38,39,310,311}-django>=3.2<3.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24580
|
|
gnutls<3.7.9 side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-0361
|
|
git-base<2.39.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41903
|
|
git-base<2.39.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23521
|
|
git-base<2.39.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-22490
|
|
git-base<2.39.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-23946
|
|
curl>=7.57.0<7.88.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23916
|
|
haproxy<2.7.3 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-25725
|
|
webkit-gtk<2.38.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-23529
|
|
vim<9.0.0224 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2874
|
|
vim<9.0.0211 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2819
|
|
vim<9.0.0213 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2817
|
|
vim<9.0.0212 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2816
|
|
vim<9.0.0218 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2845
|
|
vim<9.0.0220 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2849
|
|
vim<9.0.0221 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2862
|
|
vim<9.0.0225 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2889
|
|
vim<9.0.0240 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2923
|
|
vim<9.0.0246 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2946
|
|
vim<9.0.0260 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2982
|
|
vim<9.0.0259 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2980
|
|
vim<9.0.0286 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3016
|
|
vim<9.0.0322 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3037
|
|
vim<9.0.0360 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3099
|
|
vim<9.0.0389 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3134
|
|
vim<9.0.0404 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3153
|
|
vim<9.0.0483 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3234
|
|
vim<9.0.0490 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3235
|
|
vim<9.0.0530 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3256
|
|
vim<9.0.0552 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3278
|
|
vim<9.0.0577 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3296
|
|
vim<9.0.0598 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3324
|
|
vim<9.0.0579 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3297
|
|
vim<8.2.4959 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1725
|
|
vim<9.0.0614 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3352
|
|
vim<9.0.0805 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3705
|
|
vim<9.0.0946 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4141
|
|
vim<9.0.0789 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3591
|
|
vim<9.0.0765 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3520
|
|
vim<9.0.0742 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3491
|
|
vim<9.0.0882 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4292
|
|
vim<9.0.0804 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-4293
|
|
vim<9.0.1144 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0051
|
|
vim<9.0.1143 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0049
|
|
vim<9.0.1145 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0054
|
|
vim<9.0.1189 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0288
|
|
vim>=8.1.2269<9.0.0339 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-47024
|
|
vim<9.0.1225 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0433
|
|
vim<9.0.1247 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-0512
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44321
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44320
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44319
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44318
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44317
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44315
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44316
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44314
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44313
|
|
picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44312
|
|
zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39290
|
|
zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39291
|
|
zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39289
|
|
zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39285
|
|
zoneminder<1.37.24 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2022-30769
|
|
zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30768
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43598
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597
|
|
openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596
|
|
openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43594
|
|
openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43595
|
|
openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593
|
|
openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41999
|
|
openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41988
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981
|
|
openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977
|
|
openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41838
|
|
openimageio-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41837
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794
|
|
openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639
|
|
openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143
|
|
openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600
|
|
openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43598
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597
|
|
openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596
|
|
openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43594
|
|
openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43595
|
|
openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593
|
|
openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41999
|
|
openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41988
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981
|
|
openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977
|
|
openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41838
|
|
openimageio-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41837
|
|
openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794
|
|
openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684
|
|
openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639
|
|
openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143
|
|
openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354
|
|
redis>=7<7.0.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35951
|
|
redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22458
|
|
redis>=6.0<6.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977
|
|
redis>=6.2<6.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/cve-2022-35977
|
|
redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977
|
|
advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35020
|
|
advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35019
|
|
advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35018
|
|
advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35017
|
|
advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35016
|
|
advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35015
|
|
advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35014
|
|
nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41420
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46457
|
|
nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46456
|
|
tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37049
|
|
tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37048
|
|
tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37047
|
|
binwalk<2.3.3 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-4287
|
|
binwalk>=2.2<2.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4510
|
|
upx<3.96 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2020-27790
|
|
upx<3.96 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27787
|
|
upx<3.96 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27788
|
|
upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23457
|
|
upx-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23456
|
|
ampache<5.5.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0606
|
|
ampache<5.5.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-0771
|
|
bind>=9.18.0<9.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2906
|
|
bind>=9.19.0<9.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2906
|
|
bind>=9.18.0<9.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2881
|
|
bind>=9.19.0<9.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2881
|
|
bind>=9.16.12<9.16.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924
|
|
bind>=9.18.0<9.18.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924
|
|
bind>=9.19.0<9.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924
|
|
bind>=9.16.12<9.16.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736
|
|
bind>=9.18.0<9.18.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736
|
|
bind>=9.19.0<9.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736
|
|
xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38238
|
|
xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38237
|
|
xpdf-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38236
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38235
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38233
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38234
|
|
xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38231
|
|
xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-38230
|
|
xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38229
|
|
xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38228
|
|
xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38227
|
|
xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38171
|
|
xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24107
|
|
xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24106
|
|
xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-36561
|
|
xpdf<4.04 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38334
|
|
xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38928
|
|
xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38222
|
|
xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41842
|
|
xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41844
|
|
xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41843
|
|
xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40226
|
|
xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43295
|
|
xpdf<4.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43071
|
|
xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36493
|
|
grafana<9.1.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35957
|
|
grafana<9.1.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36062
|
|
grafana<9.1.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39201
|
|
grafana<9.1.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-39229
|
|
grafana<9.1.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31130
|
|
grafana<9.1.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31123
|
|
grafana>=9.2.0<9.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39328
|
|
grafana<9.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39307
|
|
grafana<9.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39306
|
|
grafana<9.2.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39324
|
|
grafana<9.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23552
|
|
grafana<9.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23498
|
|
libde265<1.0.10 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43253
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43252
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43250
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43249
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43248
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43245
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43244
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43243
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43242
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43241
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43240
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43238
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43237
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43239
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43236
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43235
|
|
libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47655
|
|
heimdal<7.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41916
|
|
heimdal<7.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-44640
|
|
heimdal<7.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44758
|
|
curl<7.85.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35252
|
|
curl>=7.77.0<7.86.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42916
|
|
curl>=7.77.0<7.86.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-42915
|
|
curl>=7.84.0<7.86.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35260
|
|
curl<7.86.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-32221
|
|
curl>=7.77.0<7.87.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43551
|
|
curl<7.87.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43552
|
|
freeradius-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-41860
|
|
freeradius-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41861
|
|
freeradius-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41859
|
|
freerdp2<2.8.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-39283
|
|
freerdp2<2.8.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-39282
|
|
freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-41877
|
|
freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39347
|
|
freerdp2<2.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-39320
|
|
freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39319
|
|
freerdp2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39318
|
|
freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39316
|
|
freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39317
|
|
fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25310
|
|
fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25309
|
|
fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25308
|
|
glpi>=0.65<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39376
|
|
glpi<10.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39375
|
|
glpi>=10.0.0<10.0.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-39373
|
|
glpi>=0.70<10.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39372
|
|
glpi>=10.0.0<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39371
|
|
glpi<10.0.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39370
|
|
glpi<10.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-39323
|
|
glpi>=0.60<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39277
|
|
glpi<10.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39262
|
|
glpi<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39276
|
|
glpi<10.0.4 access-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39234
|
|
glpi<10.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35947
|
|
glpi<10.0.3 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2022-31187
|
|
glpi<10.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36112
|
|
glpi<10.0.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-35946
|
|
glpi<10.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31143
|
|
glpi<10.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35945
|
|
glpi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39181
|
|
glpi<10.0.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23610
|
|
glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22725
|
|
glpi<10.0.6 access-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-22500
|
|
glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22724
|
|
glpi<10.0.6 url-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22722
|
|
glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41941
|
|
wordpress<6.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43500
|
|
wordpress<6.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-43504
|
|
wordpress<6.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-43497
|
|
wordpress-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-3590
|
|
wordpress-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-22622
|
|
radare2<4.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-27794
|
|
radare2<4.4.0 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2020-27793
|
|
radare2<4.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-27795
|
|
radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4398
|
|
radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4843
|
|
radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-0302
|
|
exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3559
|
|
exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3620
|
|
sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-33844
|
|
sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-23210
|
|
sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23172
|
|
sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23159
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2869
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2868
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2867
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2953
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2521
|
|
tiff<4.5.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2519
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2520
|
|
tiff<4.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1355
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1354
|
|
tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3599
|
|
tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3598
|
|
tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3627
|
|
tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3626
|
|
tiff<4.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3570
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3970
|
|
tiff<4.5.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48281
|
|
libraw<0.21.1 ut-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35535
|
|
libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35533
|
|
libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35531
|
|
libraw<0.21.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-35534
|
|
libraw<0.21.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35530
|
|
libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35532
|
|
libredwg<0.12.4.4608 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-35164
|
|
libredwg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45332
|
|
blender-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-2833
|
|
blender-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2832
|
|
blender-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2831
|
|
consul<1.11.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41803
|
|
consul<1.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-40716
|
|
consul<1.24.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-3920
|
|
rpm<4.17.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3521
|
|
rpm<4.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35938
|
|
rpm<4.18.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-35937
|
|
rpm<4.18.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-35939
|
|
typo3<8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
wireshark<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3725
|
|
wireshark<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4345
|
|
wireshark<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4344
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0417
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0416
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0415
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0414
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0413
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0412
|
|
wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0411
|
|
wolfssl<5.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34293
|
|
wolfssl>=5.3.0<5.5.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-38153
|
|
wolfssl<5.5.0 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2022-38152
|
|
wolfssl<5.1.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-44718
|
|
wolfssl<5.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39173
|
|
wolfssl<5.5.0 privacy-leak https://nvd.nist.gov/vuln/detail/CVE-2022-42961
|
|
wolfssl<5.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-42905
|
|
wkhtmltopdf<0.12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-21365
|
|
wkhtmltopdf-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-35583
|
|
moodle<3.8.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-1756
|
|
moodle<3.8.2 url-spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-1755
|
|
moodle<3.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14322
|
|
moodle<3.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14321
|
|
moodle<3.9.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14320
|
|
moodle<4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36568
|
|
moodle<3.11.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40695
|
|
moodle<3.11.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40694
|
|
moodle<3.11.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40693
|
|
moodle<3.11.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40692
|
|
moodle<3.11.3 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-40691
|
|
moodle<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-40315
|
|
moodle<4.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-40316
|
|
moodle<4.0.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-40314
|
|
moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-40313
|
|
moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45151
|
|
moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45150
|
|
moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45149
|
|
moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45152
|
|
py{36,37,38,39,310,311}-octoprint<1.8.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-2930
|
|
py{36,37,38,39,310,311}-octoprint<1.8.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-3068
|
|
py{36,37,38,39,310,311}-octoprint<1.8.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2888
|
|
py{36,37,38,39,310,311}-octoprint<1.8.3 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-2872
|
|
py{36,37,38,39,310,311}-octoprint<1.8.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3607
|
|
php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43967
|
|
php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43692
|
|
php{56,73,74,80,81}-concrete5<8.5.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43691
|
|
php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43968
|
|
php{56,73,74,80,81}-concrete5<8.5.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43695
|
|
php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43694
|
|
php{56,73,74,80,81}-concrete5<8.5.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43690
|
|
php{56,73,74,80,81}-concrete5<8.5.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43689
|
|
php{56,73,74,80,81}-concrete5<8.5.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43686
|
|
php{56,73,74,80,81}-concrete5<8.5.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43687
|
|
php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43556
|
|
lighttpd<1.4.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37797
|
|
lighttpd>=1.4.56<1.4.67 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41556
|
|
varnish<7.1.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-38150
|
|
varnish<7.2.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-45059
|
|
mediawiki<1.38.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39194
|
|
mediawiki<1.37.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28203
|
|
mediawiki<1.37.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28204
|
|
mediawiki<1.37.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-28201
|
|
mediawiki<1.38.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42049
|
|
mediawiki<1.37.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44855
|
|
mediawiki<1.37.1 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-44854
|
|
mediawiki<1.38.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41767
|
|
mediawiki<1.38.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41765
|
|
mediawiki<1.37.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44856
|
|
mediawiki<1.38.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22911
|
|
mediawiki<1.39.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22909
|
|
mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22945
|
|
mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-47927
|
|
mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22912
|
|
mediawiki<1.39.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22910
|
|
mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39193
|
|
mbedtls<2.28.2 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46393
|
|
mbedtls>=3<3.3.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46393
|
|
mbedtls<2.28.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-46392
|
|
mbedtls>=3<3.3.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-46392
|
|
mbedtls<2.16.11 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647
|
|
mbedtls>=2.17<2.27 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647
|
|
mbedtls>=2.28.0<3.0.0 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647
|
|
gitea<1.16.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-38183
|
|
gitea<1.17.3 command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42968
|
|
squid<5.7 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-41318
|
|
squid>=4.9<4.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41317
|
|
squid>=5.0.6<5.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41317
|
|
tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0804
|
|
tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0803
|
|
tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0802
|
|
tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0801
|
|
tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0800
|
|
tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0799
|
|
tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0798
|
|
tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0797
|
|
tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0796
|
|
tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0795
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45587
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45586
|
|
py{36,37,38,39,310,311}-werkzeug<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25577
|
|
py{36,37,38,39,310,311}-werkzeug<2.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-23934
|
|
php{56,73,74,80,81}-nextcloud<24.0.8 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-25162
|
|
php{56,73,74,80,81}-nextcloud<25.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-25161
|
|
py{27,36,37,38,39,310,311}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-48110
|
|
postgresql-timescaledb<2.9.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-25149
|
|
cmark-gfm<0.29.0.gfm.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39209
|
|
cmark-gfm<0.29.0.gfm.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22485
|
|
cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22484
|
|
cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22483
|
|
cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22486
|
|
ap-modsecurity2<2.9.7 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24021
|
|
ap-modsecurity2<2.9.6 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48279
|
|
apache>=2.4.0<2.4.55 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-36760
|
|
apache<2.4.55 remote-memory-read https://nvd.nist.gov/vuln/detail/CVE-2006-20001
|
|
apache<2.4.55 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-37436
|
|
nginx<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41742
|
|
nginx<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41741
|
|
zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-40626
|
|
zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43515
|
|
xfig<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40241
|
|
webmin<2.003 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-3844
|
|
wayland<1.20.91 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3782
|
|
w3m<0.5.3.0.20230121 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38223
|
|
viewvc<1.1.29 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-22456
|
|
viewvc>=1.2.0<1.2.2 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-22456
|
|
viewvc<1.1.30 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-22464
|
|
viewvc>=1.2.0<1.2.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-22464
|
|
jasper<4.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40755
|
|
net-snmp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44793
|
|
net-snmp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44792
|
|
pspp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39831
|
|
pspp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39832
|
|
samba<4.14.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-3670
|
|
samba>=4.15<4.15.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-3670
|
|
samba<4.15.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20316
|
|
samba>=4.13.14<4.14.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745
|
|
samba>=4.15.2<4.15.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745
|
|
samba>=4.16.0<4.16.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745
|
|
samba>=4.3.0<4.14.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744
|
|
samba>=4.15.0<4.15.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744
|
|
samba>=4.16.0<4.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744
|
|
samba<4.14.14 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742
|
|
samba>=4.15.0<4.15.9 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742
|
|
samba>=4.16.0<4.16.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742
|
|
samba<4.14.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031
|
|
samba>=4.15.0<4.15.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031
|
|
samba>=4.16.0<4.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031
|
|
samba>=4.0.0<4.13.17 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336
|
|
samba>=4.14.0<4.14.12 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336
|
|
samba>=4.15.0<4.15.4 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336
|
|
samba<4.17.1 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-32743
|
|
samba<4.17.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-1615
|
|
samba>=4.0.0<4.15.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437
|
|
samba>=4.16.0<4.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437
|
|
samba>=4.17.0<4.17.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437
|
|
samba>=4.17.0<4.17.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2022-3592
|
|
samba-[0-9]* sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628
|
|
ffmpeg5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3965
|
|
ffmpeg4-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3964
|
|
ffmpeg3-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3109
|
|
ffmpeg5<5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3341
|
|
ffmpeg5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2566
|
|
sqlite3<3.40.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46908
|
|
sqlite3<3.32.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35527
|
|
sqlite3<3.32.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35525
|
|
powerdns-recursor>=4.5.0<4.5.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428
|
|
powerdns-recursor>=4.6.0<4.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428
|
|
powerdns-recursor>=4.7.0<4.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428
|
|
powerdns-recursor>=4.8.0<4.8.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2023-22617
|
|
open-vm-tools-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2009-1143
|
|
open-vm-tools-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2009-1142
|
|
dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012
|
|
dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012
|
|
dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012
|
|
dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011
|
|
dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011
|
|
dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011
|
|
dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010
|
|
dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010
|
|
dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010
|
|
apr<1.7.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-24963
|
|
apr-util<1.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-25147
|
|
p5-libapreq2<2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22728
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0819
|
|
gpac-[0-9]* off-by-one https://nvd.nist.gov/vuln/detail/CVE-2023-0818
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0817
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0841
|
|
php>=8.0<8.0.28 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568
|
|
php>=8.1<8.1.16 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568
|
|
php>=8.2<8.2.3 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568
|
|
php>=8.0<8.0.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662
|
|
php>=8.1<8.1.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662
|
|
php>=8.2<8.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662
|
|
apache-tomcat>=8.5.0<8.5.78 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-43980
|
|
apache-tomcat>=9<9.0.61 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-43980
|
|
apache-tomcat>=8.5.0<8.5.83 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-42252
|
|
apache-tomcat>=9.0.0<9.0.68 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-42252
|
|
apache-tomcat>=9.0.40<9.0.69 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45143
|
|
hdf5-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26061
|
|
hdf5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-25972
|
|
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-25942
|
|
hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-37501
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-36190
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-36186
|
|
gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38530
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3178
|
|
gpac<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3222
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43045
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43044
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43043
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43042
|
|
gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43039
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43040
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-43255
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-43254
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3957
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-45204
|
|
gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45202
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45343
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4202
|
|
gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45283
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47663
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47662
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47661
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47659
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47658
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47657
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47660
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47656
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47654
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47653
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47095
|
|
gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-47094
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-47093
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47092
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47091
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47089
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47088
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47087
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47086
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-46490
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-46489
|
|
gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0358
|
|
gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-23145
|
|
gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23144
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23143
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0760
|
|
gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0770
|
|
htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33235
|
|
htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33236
|
|
htmldoc<1.9.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0137
|
|
go117<1.17.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32189
|
|
go118<1.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32189
|
|
go117<1.17.12 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32148
|
|
go118<1.18.4 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32148
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30635
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30635
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30633
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30633
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30632
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30632
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30631
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30631
|
|
go117<1.17.11 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2022-30629
|
|
go118<1.18.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2022-30629
|
|
go117<1.17.11 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30580
|
|
go118<1.18.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30580
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30630
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30630
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28131
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28131
|
|
go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1962
|
|
go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1962
|
|
go117<1.17.12 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-1705
|
|
go118<1.18.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-1705
|
|
go118<1.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27664
|
|
go119<1.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27664
|
|
go118<1.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41715
|
|
go119<1.19.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41715
|
|
go118<1.18.7 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-2880
|
|
go119<1.19.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-2880
|
|
go118<1.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41717
|
|
go119<1.19.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41717
|
|
go119<1.19.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-32190
|
|
php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-37183
|
|
py{36,37,38,39,310,311}-django>=3.2<3.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323
|
|
py{36,37,38,39,310,311}-django>=4.0<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323
|
|
py{36,37,38,39,310,311}-django>=4.1<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323
|
|
py{27,36,37,38,39,310,311}-django-photologue<3.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4526
|
|
gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0866
|
|
thunderbird<91.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43529
|
|
jhead-[0-9]* command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41751
|
|
jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34055
|
|
rust<1.65.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36113
|
|
rust<1.65.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36114
|
|
ruby{26,27,30,31}-activerecord60<6.0.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224
|
|
ruby{26,27,30,31}-activerecord61<6.1.6.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224
|
|
ruby{26,27,30,31}-activerecord70<7.0.3.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224
|
|
ruby{26,27,30,31}-activerecord60<6.0.6.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794
|
|
ruby{26,27,30,31}-activerecord61<6.1.7.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794
|
|
ruby{26,27,30,31}-activerecord70<7.0.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794
|
|
ruby{26,27,30,31}-activerecord61<6.1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44566
|
|
ruby{26,27,30,31}-activerecord70<7.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44566
|
|
exctags-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4515
|
|
expat<2.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43680
|
|
openexr<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20304
|
|
openexr<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20298
|
|
php{56,73,74,80,81}-nextcloud<22.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074
|
|
php{56,73,74,80,81}-nextcloud<22.2.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211
|
|
php{56,73,74,80,81}-nextcloud<23.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39329
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39329
|
|
php{56,73,74,80,81}-nextcloud<22.2.10.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364
|
|
php{56,73,74,80,81}-nextcloud<22.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330
|
|
php{56,73,74,80,81}-nextcloud<22.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41970
|
|
php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41970
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.10 insufficient-input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-41968
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.5 insufficient-input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-41968
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41969
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41969
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25159
|
|
php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25159
|
|
firefox<96 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-01/
|
|
firefox91<91.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-02/
|
|
thunderbird<91.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-03/
|
|
firefox<97 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-04/
|
|
firefox91<91.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-05/
|
|
thunderbird<91.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-06/
|
|
thunderbird<91.6.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-07/
|
|
firefox<97.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-09/
|
|
firefox91<91.6.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-09/
|
|
firefox<98 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-10/
|
|
firefox91<91.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-11/
|
|
thunderbird<91.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-12/
|
|
firefox<99 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-13/
|
|
firefox91<91.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-14/
|
|
thunderbird<91.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-15/
|
|
firefox<100 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-16/
|
|
firefox91<91.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-17/
|
|
thunderbird<91.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-18/
|
|
firefox<100.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/
|
|
firefox91<91.9.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/
|
|
thunderbird<91.9.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/
|
|
firefox<101 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-20/
|
|
firefox91<91.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-21/
|
|
thunderbird<91.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-22/
|
|
firefox<102 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-24/
|
|
firefox91<91.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-25/
|
|
thunderbird<102 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-26/
|
|
firefox<103 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-28/
|
|
firefox91<91.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-29/
|
|
firefox102<102.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-30/
|
|
thunderbird<91.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-31/
|
|
thunderbird<102.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-32/
|
|
firefox<104 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-33/
|
|
thunderbird<102.2.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-38/
|
|
thunderbird<91.13.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-39/
|
|
firefox<105 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-40/
|
|
firefox102<102.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-41/
|
|
thunderbird<102.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-42/
|
|
firefox<107 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-47/
|
|
firefox102<102.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-48/
|
|
firefox102<102.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-49/
|
|
xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326
|
|
xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325
|
|
xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42324
|
|
xentools411-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323
|
|
xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323
|
|
xentools415-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323
|
|
xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42322
|
|
xentools415-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42322
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42321
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42321
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42319
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42319
|
|
xentools413-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42320
|
|
xentools415-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42320
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42317
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42317
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42318
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42318
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42316
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42316
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42315
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42315
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42314
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42314
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42313
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42313
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42312
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42312
|
|
xentools413-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42310
|
|
xentools415-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42310
|
|
xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42311
|
|
xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42311
|
|
xentools413-[0-9]* expired-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-42309
|
|
xentools415-[0-9]* expired-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-42309
|
|
sudo>=1.8.0<1.9.12 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-43995
|
|
sudo>=1.8.0<1.9.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-22809
|
|
syslog-ng<3.38.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38725
|
|
dompdf<2.0.1 arbitrary-file-access https://nvd.nist.gov/vuln/detail/CVE-2022-41343
|
|
mpd<0.23.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46449
|
|
tinyproxy-[0-9]* insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-40468
|
|
syft<0.70.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24827
|
|
sslh-[0-9]* remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-4639
|
|
sofia-sip<1.13.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-22741
|
|
sleuthkit-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45639
|
|
nss-[0-9]* timing https://nvd.nist.gov/vuln/detail/CVE-2020-12413
|
|
python37<3.7.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329
|
|
python38<3.8.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329
|
|
python39<3.9.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329
|
|
python310<3.10.12 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329
|
|
python311<3.11.4 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329
|
|
clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20803
|
|
mpv<0.30 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19824
|
|
libraw<0.21.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32142
|
|
py{27,36,37,38,39,310,311}-joblib<1.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21797
|
|
glib2<2.63.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3800
|
|
libarchive<3.5.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-31566
|
|
libarchive<3.5.2 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-23177
|
|
libarchive>=3.0.0<3.6.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-36227
|
|
libdwarf<0.4.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-39170
|
|
libetpan-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4121
|
|
libgit2<1.4.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-22742
|
|
libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3826
|
|
libjpeg-turbo<2.0.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35538
|
|
libksba<1.6.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47629
|
|
libksba<1.6.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3515
|
|
libtasn1<4.19.0 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2021-46848
|
|
libvirt<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3975
|
|
libxml2<2.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40303
|
|
libxml2<2.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40304
|
|
py{27,36,37,38,39,310,311}-oauthlib>=3.1.1<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36087
|
|
shapelib-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-0699
|
|
py{27,36,37,38,39,310,311}-Pillow<9.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45199
|
|
py{27,36,37,38,39,310,311}-Pillow<9.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45198
|
|
py{27,36,37,38,39,310,311}-certifi>=2017.11.05<2022.12.07 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-23491
|
|
py{27,36,37,38,39,310,311}-cleo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42966
|
|
py{27,36,37,38,39,310,311}-cryptography>=1.8<39.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23931
|
|
py{27,36,37,38,39,310,311}-gitpython<3.1.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24439
|
|
py{27,36,37,38,39,310,311}-ipython<8.10.0 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-24816
|
|
py{27,36,37,38,39,310,311}-jupyter_core<4.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-39286
|
|
py{27,36,37,38,39,310,311}-jwt<3.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39227
|
|
py{27,36,37,38,39,310,311}-mako<1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40023
|
|
py{27,36,37,38,39,310,311}-mechanize<0.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32837
|
|
py{27,36,37,38,39,310,311}-mod_wsgi<4.9.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2255
|
|
py{27,36,37,38,39,310,311}-poetry<1.1.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36069
|
|
py{27,36,37,38,39,310,311}-py<1.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42969
|
|
py{27,36,37,38,39,310,311}-setuptools<65.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40897
|
|
py{27,36,37,38,39,310,311}-twisted>=0.9.4<22.10.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39348
|
|
py{27,36,37,38,39,310,311}-wheel<0.38.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-40898
|
|
xfce4-settings<4.16.4 missing-argument-check https://nvd.nist.gov/vuln/detail/CVE-2022-45062
|
|
vtk<9.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-42521
|
|
vlc<3.0.18 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41325
|
|
unzip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4217
|
|
editorconfig-core<0.12.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-0341
|
|
tor<0.4.7.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23589
|
|
u-boot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2347
|
|
totd-[0-9]* dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-34294
|
|
scala>=2.13<2.13.9 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-36944
|
|
allegro<5.2.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36489
|
|
ruby{26,27,30,31}-activesupport<6.1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22796
|
|
ruby{26,27,30,31}-activesupport>=7.0.0<7.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22796
|
|
ruby{26,27,30,31}-globalid>=0.2.1<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22799
|
|
ruby{26,27,30,31}-loofah>=2.2.0<2.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23516
|
|
ruby{26,27,30,31}-loofah>=2.1.0<2.19.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23515
|
|
ruby{26,27,30,31}-loofah<2.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23514
|
|
ruby-nokogiri>=1.13.8<1.13.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-23476
|
|
ruby{26,27,30,31}-rack>=1.2<2.0.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122
|
|
ruby{26,27,30,31}-rack>=2.1.0<2.1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122
|
|
ruby{26,27,30,31}-rack>=2.2.0<2.2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122
|
|
ruby{26,27,30,31}-rack<2.0.9.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123
|
|
ruby{26,27,30,31}-rack>=2.1.0<2.1.4.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123
|
|
ruby{26,27,30,31}-rack>=2.2.0<2.2.3.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123
|
|
ruby{26,27,30,31}-rack<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572
|
|
ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572
|
|
ruby{26,27,30,31}-rack>=2.2.0<2.2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572
|
|
ruby{26,27,30,31}-rack>=2.0.0<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571
|
|
ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571
|
|
ruby{26,27,30,31}-rack>=2.2.0<2.2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571
|
|
ruby{26,27,30,31}-rack>=3.0.0.0<3.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571
|
|
ruby{26,27,30,31}-rack>=1.5.0<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570
|
|
ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570
|
|
ruby{26,27,30,31}-rack>=2.2.0<2.2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570
|
|
ruby{26,27,30,31}-rack>=3.0.0<3.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570
|
|
ruby{26,27,30,31}-rails>=0.2.1<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22797
|
|
ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23519
|
|
ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23520
|
|
ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23518
|
|
ruby{26,27,30,31}-redmine>=5<5.0.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-44030
|
|
ruby{26,27,30,31}-redmine<4.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44637
|
|
ruby{26,27,30,31}-redmine>=5<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44637
|
|
ruby{26,27,30,31}-redmine<4.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44031
|
|
ruby{26,27,30,31}-redmine>=5<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44031
|
|
ruby{26,27,30,31}-sanitize>=5<6.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23627
|
|
ruby{26,27,30,31}-sinatra>=2.0.0<2.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45442
|
|
ruby{26,27,30,31}-sinatra>=3.0.0<3.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45442
|
|
rxvt-unicode<9.29 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4170
|
|
rtf2html-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43148
|
|
rabbitmq<3.8.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008
|
|
rabbitmq>=3.9.0<3.9.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008
|
|
rabbitmq>=3.10.0<3.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008
|
|
qt5-qtbase-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3481
|
|
qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14394
|
|
qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0216
|
|
qemu-[0-9]* insecure-lock-files https://nvd.nist.gov/vuln/detail/CVE-2021-3735
|
|
qemu<6.2.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-0358
|
|
qemu<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0148
|
|
qemu<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0147
|
|
qemu<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0144
|
|
qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3165
|
|
qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3872
|
|
qemu<7.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4172
|
|
qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4144
|
|
#png-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4214 # test program only, not installed
|
|
pngcheck<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35511
|
|
py{27,36,37,38,39,310,311}-matrix-nio<0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39254
|
|
py{27,36,37,38,39,310,311}-octoprint<1.9.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2822
|
|
python36<3.6.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189
|
|
python37<3.7.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189
|
|
python38<3.8.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189
|
|
python39<3.9.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189
|
|
python37<3.7.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735
|
|
python38<3.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735
|
|
python39<3.9.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735
|
|
python310<3.10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735
|
|
python37<3.7.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919
|
|
python38<3.8.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919
|
|
python39<3.9.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919
|
|
python310<3.10.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919
|
|
python37<3.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061
|
|
python38<3.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061
|
|
python39<3.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061
|
|
python310<3.10.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061
|
|
python311<3.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061
|
|
python37<3.7.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861
|
|
python38<3.8.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861
|
|
python39<3.9.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861
|
|
python310<3.10.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861
|
|
protobuf>=3.19.0<3.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941
|
|
protobuf>=3.20.0<3.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941
|
|
protobuf>=3.21.0<3.21.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941
|
|
podman<4.4.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-2989
|
|
poppler<22.08.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38784
|
|
php{56,73,74,80,81}-gd>=7.4.0<7.4.33 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630
|
|
php{56,73,74,80,81}-gd>=8.0.0<8.0.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630
|
|
php{56,73,74,80,81}-gd>=8.1.0<8.1.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630
|
|
php{73,74,80,81}-phpmyadmin>=5<5.2.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-22452
|
|
phppgadmin<6.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4223
|
|
php{56,73,74,80,81}-phpmyadmin<4.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25727
|
|
php{73,74,80,81}-phpmyadmin>=5<5.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25727
|
|
phppgadmin>=4<6.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-22298
|
|
phoronix-test-suite-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-40704
|
|
mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38865
|
|
mencoder<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38865
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38855
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38855
|
|
mplayer<15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38851
|
|
mencoder<15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38851
|
|
mplayer<15.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-38600
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38866
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38866
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38864
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38864
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38862
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38862
|
|
mplayer<15.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-38861
|
|
mencoder<15.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-38861
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38863
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38863
|
|
mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38860
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38858
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38858
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38856
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38856
|
|
mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38853
|
|
mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38853
|
|
mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38850
|
|
matrix-synapse<1.62.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31152
|
|
matrix-synapse<1.52.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41952
|
|
pkgconf<1.9.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-24056
|
|
pixman<0.42.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-44638
|
|
pgpool-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22332
|
|
openscad<2022-01-09 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0497
|
|
openscad<2022-02-04 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-0496
|
|
opusfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47021
|
|
openssh<9.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-25136
|
|
p5-HTML-StripScripts-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24038
|
|
patchelf<0.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-44940
|
|
opa>=0.40.0<0.43.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-36085
|
|
nautilus<2.26.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-37290
|
|
nostromo<2.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48253
|
|
netatalk<3.1.14 remote-root-access https://nvd.nist.gov/vuln/detail/CVE-2022-45188
|
|
njs<0.7.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-35173
|
|
njs<0.7.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38890
|
|
njs<0.7.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43286
|
|
njs<0.7.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-43285
|
|
njs<0.7.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-43284
|
|
nim<1.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46872
|
|
nss<3.79.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3479
|
|
mujs>=1.0.0<1.3.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-44789
|
|
mupdf<1.21 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-4216
|
|
openssl<1.1.1t denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0286
|
|
openssl<1.1.1t use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0215
|
|
openssl<1.1.1t timing-attack https://nvd.nist.gov/vuln/detail/CVE-2022-4304
|
|
openssl<1.1.1t denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4450
|
|
man2html-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-40648
|
|
man2html-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-40647
|
|
bash<5.1.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3715
|
|
minetest-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35978
|
|
less>=566<609 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46663
|
|
grub2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2601
|
|
grub2-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3775
|
|
memcached<1.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37519
|
|
leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38266
|
|
lepton-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-4104
|
|
binutils<2.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38533
|
|
binutils<2.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4285
|
|
awstats>=7<7.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46391
|
|
assimp-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45748
|
|
knot<5.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40188
|
|
freeciv>=2.6.7<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39047
|
|
modular-xorg-server<21.1.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2319
|
|
modular-xorg-server<21.1.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-2320
|
|
modular-xorg-server<21.1.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3551
|
|
modular-xorg-server<21.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3550
|
|
modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46342
|
|
modular-xorg-server<1.20.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-46344
|
|
modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46343
|
|
modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46341
|
|
modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46340
|
|
modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4283
|
|
git-base<2.38.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39260
|
|
git-base<2.38.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39253
|
|
mysql-server<5.7.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL
|
|
mysql-cluster<5.7.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL
|
|
mysql-cluster>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL
|
|
mysql-server<5.7.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
|
|
mysql-server>=7.6<7.6.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
|
|
mysql-server>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
|
|
mysql-cluster<5.7.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
|
|
mysql-cluster>=7.6<7.6.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
|
|
mysql-cluster>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL
|
|
thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0616
|
|
thunderbird<102.8.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-25728
|
|
thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25730
|
|
thunderbird<102.8.0 arbitrary-memory-write https://nvd.nist.gov/vuln/detail/CVE-2023-0767
|
|
thunderbird<102.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-25735
|
|
thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25737
|
|
thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25738
|
|
thunderbird<102.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-25739
|
|
thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25729
|
|
thunderbird<102.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25732
|
|
thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25734
|
|
thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25742
|
|
thunderbird<102.8.0 memory-safety https://nvd.nist.gov/vuln/detail/CVE-2023-25746
|
|
thunderbird<102.7.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-0430
|
|
thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46871
|
|
thunderbird<102.7.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2023-23598
|
|
thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23599
|
|
thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23601
|
|
thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23602
|
|
thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46877
|
|
thunderbird<102.7.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23603
|
|
thunderbird<102.7.0 memory-safety https://nvd.nist.gov/vuln/detail/CVE-2023-23605
|
|
clamav<0.103.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20792
|
|
ImageMagick<7.1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2719
|
|
ghostscript-agpl<9.51 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27792
|
|
ap{22,24}-auth-mellon<0.18.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-3639
|
|
gnutls<3.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4209
|
|
colord<1.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42523
|
|
anjuta-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42522
|
|
ImageMagick6<6.9.12.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115
|
|
ImageMagick<7.1.0-29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115
|
|
dnsmasq-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0934
|
|
ImageMagick<7.1.0.20 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0284
|
|
inetutils<2.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-39028
|
|
gzip<1.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-1271
|
|
influxdb<1.8.10 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36640
|
|
confuse-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-40320
|
|
frr<8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37032
|
|
nodejs>=14<14.21.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548
|
|
nodejs>=16<16.18.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548
|
|
nodejs>=18.18.12.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548
|
|
nodejs<16.17.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-35256
|
|
nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-35256
|
|
nodejs<16.17.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-35255
|
|
nodejs>=18<18.9.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-35255
|
|
SOGo<5.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4558
|
|
SOGo<5.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4556
|
|
dropbear<2022.82 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36369
|
|
dynamips-[0-9]* uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2022-47012
|
|
gajim<1.5.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-39835
|
|
harfbuzz<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25193
|
|
hs-aeson<2.0.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3433
|
|
hyperscan<5.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29486
|
|
jasper<4.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-2963
|
|
jenkins<2.370 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41224
|
|
kitty<0.26.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41322
|
|
cacti<1.2.23 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46169
|
|
caddy<2.5.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-28923
|
|
chicken>=5.0.0<5.3.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45145
|
|
erlang<23.3.4.15 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026
|
|
erlang>=24<24.3.4.2 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026
|
|
erlang>=25<25.0.2 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026
|
|
fcitx5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37311
|
|
botan2<2.19.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43705
|
|
fuse-ntfs-3g<2022.10.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-40284
|
|
gtar-base<1.34nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-48303
|
|
bind>=9.11<9.11.37 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-3488
|
|
bind>=9.16<9.16.36 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-3488
|
|
bind>=9.16<9.16.37 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094
|
|
bind>=9.18<9.18.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094
|
|
bind>=9.19<9.19.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094
|
|
libreoffice>=7.3<7.3.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3140
|
|
libreoffice>=7.4<7.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3140
|
|
mariadb-server>=10.3<10.3.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791
|
|
mariadb-server>=10.4<10.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791
|
|
mariadb-server>=10.5<10.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791
|
|
mariadb-server>=10.6<10.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791
|
|
mariadb-server>=10.7<10.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791
|
|
mariadb-server>=10.8<10.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791
|
|
mariadb-server>=10.11<10.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015
|
|
mariadb-server>=10.6<10.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015
|
|
mariadb-server>=10.5<10.5.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015
|
|
mariadb-server>=10.4<10.4.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015
|
|
mit-krb5>=1.8<1.19.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42898
|
|
modular-xorg-xquartz-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3553
|
|
ImageMagick<7.0.10.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20224
|
|
ImageMagick6<6.9.11.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20224
|
|
ImageMagick<7.0.11.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3574
|
|
ImageMagick6<6.9.12.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3574
|
|
ImageMagick<7.1.0.47 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3213
|
|
ImageMagick6<6.9.12.62 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3213
|
|
ImageMagick<7.1.0.62 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267
|
|
ImageMagick6<6.9.12.76 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267
|
|
ImageMagick<7.1.0.52 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44268
|
|
ImageMagick6<6.9.12.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44268
|
|
SDL2>=2.0.4<2.26.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4743
|
|
alpine<2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46853
|
|
amanda-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-37703
|
|
GraphicsMagick<1.3.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1270
|
|
ap{22,24}-auth-openidc<2.4.12.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-23527
|
|
postgresql-server>=10<10.22 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625
|
|
postgresql-server>=11<11.17 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625
|
|
postgresql-server>=12<12.12 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625
|
|
postgresql-server>=13<13.8 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625
|
|
postgresql-server>=14<14.5 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625
|
|
postgresql-server>=10<10.21 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552
|
|
postgresql-server>=11<11.16 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552
|
|
postgresql-server>=12<12.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552
|
|
postgresql-server>=13<13.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552
|
|
postgresql-server>=14<14.3 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552
|
|
asterisk>=16<16.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837
|
|
asterisk>=17<17.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837
|
|
asterisk>=18<18.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837
|
|
asterisk>=16<16.16.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706
|
|
asterisk>=17<18.15.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706
|
|
asterisk>=19<19.7.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706
|
|
asterisk>=16<16.29.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705
|
|
asterisk>=18.14<18.15.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705
|
|
asterisk>=19.6<19.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705
|
|
asterisk<16.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325
|
|
asterisk>=17<18.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325
|
|
asterisk>=19<19.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325
|
|
salt-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33226
|
|
xdg-utils-[0-9]* command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4055
|
|
mysql-client>=8<8.0.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL
|
|
openjdk8<1.8.346 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA
|
|
openjdk11<1.11.0.16.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA
|
|
openjdk17<1.17.0.4.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA
|
|
openjdk8<1.8.352 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA
|
|
openjdk11<1.11.0.18 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA
|
|
openjdk11<1.17.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA
|
|
nethack>=3.6.2<3.6.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-24809
|
|
moodle<4.1.1 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-23923
|
|
moodle<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23922
|
|
moodle<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23921
|
|
samba>=4.3<4.14.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746
|
|
samba>=4.15<4.15.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746
|
|
samba>=4.16<4.16.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746
|
|
xenkernel413-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-33745
|
|
xenkernel413-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-33748
|
|
xenkernel415-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-33748
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33747
|
|
xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33747
|
|
xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33746
|
|
xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33746
|
|
epiphany-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-26081
|
|
afl++-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26266
|
|
glusterfs-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-26253
|
|
knot<5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26249
|
|
jd-gui-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-26235
|
|
jd-gui-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-26234
|
|
glusterfs-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-48340
|
|
emacs-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48339
|
|
emacs-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48338
|
|
emacs-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-48337
|
|
zoneminder<1.36.33 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26039
|
|
zoneminder<1.36.33 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2023-26038
|
|
zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26037
|
|
zoneminder<1.36.33 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2023-26036
|
|
zoneminder<1.36.33 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-26035
|
|
zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26034
|
|
zoneminder<1.36.33 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25825
|
|
zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26032
|
|
curl>=7.57<7.88 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23915
|
|
curl>=7.57<7.88 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23914
|
|
freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33367
|
|
mantis<2.25.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22476
|
|
libheif<1.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0996
|
|
php{56,73,74,80,81}-nextcloud>=23<23.0.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.8 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579
|
|
php{56,73,74,80,81}-nextcloud>=25<25.0.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579
|
|
php{56,73,74,80,81}-nextcloud>=24<24.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25821
|
|
php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25821
|
|
php{56,73,74,80,81}-nextcloud>=25<25.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25816
|
|
nodejs<14.21.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920
|
|
nodejs>=16<16.19.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920
|
|
nodejs>=18<18.14.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920
|
|
nodejs>=19<19.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920
|
|
nodejs<14.21.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919
|
|
nodejs>=16<16.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919
|
|
nodejs>=18<18.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919
|
|
nodejs>=19<19.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919
|
|
nodejs<14.21.3 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918
|
|
nodejs>=16<16.19.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918
|
|
nodejs>=18<18.14.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918
|
|
nodejs>=19<19.6.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918
|
|
apache<2.4.56 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-27522
|
|
apache<2.4.56 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-25690
|
|
yubico-c-client-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
curl>=7.7<8.00 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27533
|
|
curl>=7.18<8.00 improper-path-limitation https://nvd.nist.gov/vuln/detail/CVE-2023-27534
|
|
curl>=7.13<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27535
|
|
curl>=7.22<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27536
|
|
curl>=7.88<8.00 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-27537
|
|
curl>=7.16.1<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27538
|
|
redis>=7.0.8<7.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28425
|
|
openssl<1.1.1tnb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0464
|
|
modular-xorg-server<21.1.7nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-1393
|
|
irssi<1.4.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-29132
|
|
pcre-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ghostscript-gpl<10.01.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28879
|
|
ghostscript-agpl<10.01.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28879
|
|
git-base<2.40.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25652
|
|
git-base<2.40.1 arbitrary-messages https://nvd.nist.gov/vuln/detail/CVE-2023-25815
|
|
git-base<2.40.1 configuration-misinterpretation https://nvd.nist.gov/vuln/detail/CVE-2023-29007
|
|
# CPAN up to and including 2.34
|
|
perl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31484
|
|
p5-GitLab-API-v4-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31485
|
|
# HTTP::Tiny up to and including 0.082, part of perl
|
|
perl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31486
|
|
py{36,37,38,39,310,311}-django>=3.2<3.2.19 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047
|
|
py{36,37,38,39,310,311}-django>=4.1<4.1.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047
|
|
py{36,37,38,39,310,311}-django>=4.2<4.2.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047
|
|
libssh<0.105 debial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1667
|
|
libssh<0.105 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-2283
|
|
curl>=7.81.0<8.1.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-28319
|
|
curl>=7.9.8<8.1.0 improper-synchronization https://nvd.nist.gov/vuln/detail/CVE-2023-28320
|
|
curl>=7.12.0<8.1.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2023-28321
|
|
curl>=7.7<8.1.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-28322
|
|
cups-filters<1.28.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-24805
|
|
libcares<1.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32067
|
|
libcares<1.19.1 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2023-31124
|
|
libcares<1.19.1 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2023-31130
|
|
libcares<1.19.1 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2023-31147
|
|
luatex<1.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32700
|
|
openssl<1.1.1u denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2650
|
|
webkit-gtk<2.40.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28204
|
|
webkit-gtk<2.40.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32373
|
|
cups-base<2.4.2nb9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32324
|
|
libde265<1.0.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-27102
|
|
libde265<1.0.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-27103
|
|
libX11<1.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3138
|
|
libtpms<0.9.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1017
|
|
libtpms<0.9.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1018
|
|
cups-base<2.4.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-34241
|
|
webkit-gtk<2.38.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48503
|
|
webkit-gtk<2.40.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32435
|
|
webkit-gtk<2.40.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32439
|
|
ruby27-* eol https://www.ruby-lang.org/en/downloads/branches/
|
|
ruby{26,27,30,31}-actionpack52<5.2.8.1nb1 cross-site-scripting https://cve.report/CVE-2023-28362
|
|
ruby{26,27,30,31}-actionpack60<6.0.6.1nb1 cross-site-scripting https://cve.report/CVE-2023-28362
|
|
ruby{26,27,30,31}-actionpack61<6.1.7.4 cross-site-scripting https://cve.report/CVE-2023-28362
|
|
ruby{26,27,30,31}-actionpack70<6.1.7.4 cross-site-scripting https://cve.report/CVE-2023-28362
|
|
ruby30-base<3.0.6nb1 denial-of-service https://cve.report/CVE-2023-36617
|
|
ruby31-base<3.1.4nb1 denial-of-service https://cve.report/CVE-2023-36617
|
|
ruby32-base<3.2.2nb2 denial-of-service https://cve.report/CVE-2023-36617
|
|
python36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
python37-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{37,38,39,310,311}-django>=3.2<3.2.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053
|
|
py{37,38,39,310,311}-django>=4.1<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053
|
|
py{37,38,39,310,311}-django>=4.2<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053
|
|
py{27,34,35,36,37,38,39,310,311}-django<3.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
ruby{26,27,30,31}-sanitize<6.0.2 cross-site-scripting https://cve.report/CVE-2023-36823
|
|
acmesh<3.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38198
|
|
openssh<9.3p2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38408
|
|
samba<4.18.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2127
|
|
samba<4.18.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2023-3347
|
|
samba<4.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34966
|
|
samba<4.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34967
|
|
samba<4.18.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-34968
|
|
samba<4 eol https://wiki.samba.org/index.php/Samba_Release_Planning
|
|
webkit-gtk<2.40.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-37450
|
|
webkit-gtk<2.40.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32393
|
|
librsvg<2.46.6 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-38633
|
|
librsvg<2.56.3 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-38633
|
|
webkit-gtk<2.40.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-38133
|
|
webkit-gtk<2.40.5 same-origin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-38572
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38592
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38594
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38595
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38597
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38599
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38600
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38611
|
|
rust<1.71.1 permission-problem https://nvd.nist.gov/vuln/detail/CVE-2023-38497
|
|
py{27,37,38,39,310,311}-borgbackup<1.2.5 archive-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-36811
|
|
ruby{30,31,32}-rails<6.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{37,38,39,310,311}-django>=3.2<3.2.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164
|
|
py{37,38,39,310,311}-django>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164
|
|
py{37,38,39,310,311}-django>=4.2<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164
|
|
curl>=7.84.0<8.3.0 allocation-of-resources-without-limits-or-throttling https://nvd.nist.gov/vuln/detail/CVE-2023-38039
|
|
webkit-gtk<2.40.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28198
|
|
webkit-gtk<2.40.1 content-security-policiy-escape https://nvd.nist.gov/vuln/detail/CVE-2023-32370
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40397
|
|
libwebp<1.3.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4863
|
|
bind>=9.2<9.16.43 denial-of-service https://kb.isc.org/docs/cve-2023-3341
|
|
bind>=9.18<9.18.18 denial-of-service https://kb.isc.org/docs/cve-2023-3341
|
|
bind>=9.19<9.19.16 denial-of-service https://kb.isc.org/docs/cve-2023-3341
|
|
bind>=9.18<9.18.18 denial-of-service https://kb.isc.org/docs/cve-2023-4236
|
|
cups-base<2.4.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-4504
|
|
zbar-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40890
|
|
zbar-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40889
|
|
zola-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-40274
|
|
zstd<1.5.4 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2022-4899
|
|
z3<4.8.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-19725
|
|
yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29581
|
|
yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29580
|
|
yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29582
|
|
yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29583
|
|
yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29579
|
|
yasm-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30402
|
|
yasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-31975
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31974
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31973
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31972
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31724
|
|
yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31725
|
|
yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31723
|
|
yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37732
|
|
yt-dlp>=2015.01.25<2023.07.06 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2023-35934
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38310
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38308
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38306
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38305
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38311
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38309
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38307
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38304
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38303
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-41155
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40986
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40985
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40984
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40983
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40982
|
|
webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-43309
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43316
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43317
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43314
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43315
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43311
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43313
|
|
upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43312
|
|
upx<4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46179
|
|
netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23125
|
|
netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23124
|
|
netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23123
|
|
netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23122
|
|
netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23121
|
|
netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-0194
|
|
netatalk3-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43634
|
|
cacti<1.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37543
|
|
cacti<1.2.19 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-48547
|
|
cacti<1.2.23 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48538
|
|
cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41444
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39515
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39514
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39513
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39516
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39512
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39510
|
|
cacti>=1.2.0<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39366
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39365
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39364
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39362
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39361
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39360
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39359
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39358
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39357
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-31132
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-30534
|
|
cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39511
|
|
radare2<5.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27114
|
|
radare2<5.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1605
|
|
radare2<5.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-32495
|
|
radare2<5.3.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-32494
|
|
radare2<5.9.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4322
|
|
radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28073
|
|
radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28072
|
|
radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28071
|
|
radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28070
|
|
radare2<5.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28069
|
|
radare2<5.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28068
|
|
vault<1.10.11 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24999
|
|
vault<1.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25000
|
|
vault<1.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0665
|
|
vault<1.11.9 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-0620
|
|
vault<1.11.11 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2023-2121
|
|
vault<1.13.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-3462
|
|
vault<1.12.11 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4680
|
|
libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38854
|
|
libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38856
|
|
libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38853
|
|
libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38852
|
|
libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38851
|
|
libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38855
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27789
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27788
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27787
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27786
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27785
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27784
|
|
tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27783
|
|
salt<3005.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20898
|
|
salt<3005.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20897
|
|
salt>=3006.0<3006.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20898
|
|
salt>=3006.0<3006.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20897
|
|
sudo>=1.9.8<1.9.13 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-27320
|
|
sudo<1.9.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28487
|
|
sudo<1.9.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28486
|
|
jetty<9.4.51 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-26049
|
|
jetty<9.4.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26048
|
|
jetty>=9.0.0<9.4.52 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-40167
|
|
jetty>=9.4.21<9.4.52 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-41900
|
|
sox-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34318
|
|
sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-32627
|
|
sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-26590
|
|
sox-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34432
|
|
libredwg<0.12.5.5016 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25222
|
|
libredwg<0.12.5.5256 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-36274
|
|
libredwg<0.12.5.5256 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36273
|
|
libredwg<0.12.5.5256 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36272
|
|
libredwg<0.12.5.5256 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36271
|
|
podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2241
|
|
podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31568
|
|
podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31567
|
|
podofo<0.10.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31566
|
|
podofo<0.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31555
|
|
podofo<0.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31556
|
|
openimageio<2.4.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24472
|
|
openimageio<2.4.8.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24473
|
|
openimageio<2.4.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22845
|
|
openimageio<2.4.13.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36183
|
|
ntp<4.2.8p17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26554
|
|
ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26555
|
|
ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26553
|
|
ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26552
|
|
ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26551
|
|
ntpsec<1.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4012
|
|
webkit-gtk<2.42.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39928
|
|
webkit-gtk<2.40.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35074
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39434
|
|
webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40451
|
|
webkit-gtk<2.42.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41074
|
|
webkit-gtk<2.42.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41993
|
|
libvpx<1.13.0nb1 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-5217
|
|
exim<4.96.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42114
|
|
exim<4.96.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42115
|
|
exim<4.96.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42116
|
|
exim<4.96.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42117
|
|
libspf2<1.2.11nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42118
|
|
exim<4.96.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42119
|
|
gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474
|
|
gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475
|
|
gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476
|
|
libX11<1.8.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43785
|
|
libX11<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43786
|
|
libX11<1.8.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43787
|
|
libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43788
|
|
libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43789
|
|
py{37,38,39,310,311}-django>=3.2<3.2.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665
|
|
py{37,38,39,310,311}-django>=4.1<4.1.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665
|
|
py{37,38,39,310,311}-django>=4.2<4.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665
|
|
grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4692
|
|
grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4693
|
|
croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43621
|
|
croc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43620
|
|
croc-[0-9]* remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43619
|
|
croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43618
|
|
croc-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-43616
|
|
croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43617
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44232
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31976
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30085
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30084
|
|
ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-30083
|
|
ming-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31240
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36239
|
|
ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40781
|
|
amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37705
|
|
amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37704
|
|
lldpd<1.0.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-43612
|
|
lldpd<1.0.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-41910
|
|
zabbix<4.0.47 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-29456
|
|
zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29457
|
|
zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29455
|
|
zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29454
|
|
freeimage<1.18.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40266
|
|
freeimage<1.18.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40265
|
|
freeimage<1.18.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40264
|
|
freeimage<1.18.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40262
|
|
freeimage-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40263
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24295
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24293
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24294
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24292
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22524
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21428
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21426
|
|
freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21427
|
|
wireshark<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1161
|
|
wireshark<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1992
|
|
wireshark<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1994
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2879
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2858
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2857
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2856
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2855
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2854
|
|
wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2952
|
|
wireshark<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0667
|
|
wireshark>=4<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0666
|
|
wireshark<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0668
|
|
wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3649
|
|
wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3648
|
|
wireshark<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4513
|
|
wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4512
|
|
wireshark<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4511
|
|
wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5371
|
|
w3m-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38252
|
|
w3m-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38253
|
|
vsftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30047
|
|
vorbis-tools-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43361
|
|
matrix-synapse<1.74.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32323
|
|
matrix-synapse>=1.62.0<1.68.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39374
|
|
matrix-synapse<1.69.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39335
|
|
matrix-synapse<1.85.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32682
|
|
matrix-synapse<1.85.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32683
|
|
matrix-synapse>=1.66.0<1.93.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-41335
|
|
matrix-synapse>=1.34.0<1.93.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-42453
|
|
freerdp2<2.11.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40589
|
|
freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40569
|
|
freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-40188
|
|
freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40567
|
|
freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40186
|
|
freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40181
|
|
freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39356
|
|
freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39354
|
|
freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39353
|
|
freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39352
|
|
freerdp2<2.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39350
|
|
freerdp2<2.11.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-39351
|
|
gnupg2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3219
|
|
libmicrohttpd<0.9.76 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-27371
|
|
libde265<1.0.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25221
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24758
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24757
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24756
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24754
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24755
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24752
|
|
libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24751
|
|
nasm<2.16 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44370
|
|
nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-44369
|
|
nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-44368
|
|
nasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31722
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38668
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38667
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38665
|
|
nasm<2.15.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29654
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21687
|
|
nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21686
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21685
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21528
|
|
nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18780
|
|
puppet<7.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1894
|
|
openssh>=8.9<9.3 configuration-misinterpretation https://nvd.nist.gov/vuln/detail/CVE-2023-28531
|
|
wolfssl<5.6.2 privacy-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3724
|
|
catdoc-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31979
|
|
catdoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-41633
|
|
geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37787
|
|
geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37786
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38469
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38470
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38471
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38472
|
|
avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38473
|
|
libxml2<2.12.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-45322
|
|
libcue<2.2.1nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-43641
|
|
mutt<2.2.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4874
|
|
mutt<2.2.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4875
|
|
djvulibre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46312
|
|
djvulibre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46310
|
|
grpc<1.53.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32732
|
|
grpc>=1.53.0<1.55.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-32731
|
|
grpc>=1.51.0<1.53.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-1428
|
|
grpc<1.55.3 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-4785
|
|
podman-[0-9]* unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2023-0778
|
|
opensc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2977
|
|
opensc<0.23.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34193
|
|
jhead<3.08 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-28550
|
|
jhead<3.04 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28840
|
|
monit<5.31.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-26563
|
|
tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-4645
|
|
tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-1916
|
|
vim<9.0.1367 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-1127
|
|
vim<9.0.1376 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1170
|
|
vim<9.0.1378 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1175
|
|
vim<9.0.1392 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-1264
|
|
vim<9.0.1402 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-1355
|
|
vim<9.0.1499 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2426
|
|
vim<9.0.1531 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2609
|
|
vim<9.0.1532 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2610
|
|
optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43907
|
|
#png-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3857 # false positive
|
|
jpegoptim<1.5.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-27781
|
|
phppgadmin<7.14.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40619
|
|
phppgadmin<7.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-5002
|
|
phppgadmin<6.19 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-0241
|
|
webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25363
|
|
webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25362
|
|
webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25361
|
|
webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25360
|
|
webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25358
|
|
libde265-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47664
|
|
libcares<1.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4904
|
|
webkit-gtk<2.26.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2019-8720
|
|
qemu>=7.2.0<7.2.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0330
|
|
emacs>=28.1<28.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27986
|
|
emacs>=28.1<28.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27985
|
|
consul<1.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0845
|
|
liferea<1.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-1350
|
|
opendoas-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-28339
|
|
stellarium<23.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-28371
|
|
dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28450
|
|
pandoc>=1.13<3.1.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-35936
|
|
pandoc<3.1.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-38745
|
|
exempi<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18652
|
|
exempi<2.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18651
|
|
cmark-gfm<0.29.0.gfm.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24824
|
|
cmark-gfm<0.29.0.gfm.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26485
|
|
cmark-gfm<0.29.0.gfm.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37463
|
|
syncthing<1.23.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46165
|
|
memcached<1.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48571
|
|
memcached>=1.6.0<1.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22570
|
|
mbedtls<2.28.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43615
|
|
libheif<1.15.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-29659
|
|
grafana<9.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0594
|
|
grafana<9.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0507
|
|
redis<7.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36021
|
|
gradle>=6.2<6.9.4 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-26053
|
|
redis<7.0.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-25155
|
|
grafana<9.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22462
|
|
libde265<1.0.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-47665
|
|
moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36398
|
|
moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36397
|
|
moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36396
|
|
moodle<3.11.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36393
|
|
moodle<3.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36395
|
|
moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36403
|
|
samba4<4.17.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20251
|
|
pev-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45423
|
|
vim<9.0.1969 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-5344
|
|
mosquitto<2.0.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3592
|
|
gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-5377
|
|
tiff<4.5.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3576
|
|
ImageMagick<7.1.1.19 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3428
|
|
gradle<7.6.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2023-44387
|
|
webkit-gtk<2.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-39928
|
|
gifsicle-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44821
|
|
libcue<2.2.1nb1 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43641
|
|
py{27,37,38,39,310,311,312}-urllib3<2.0.6 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2023-43804
|
|
tnftpd<20231001 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45198
|
|
tiff<4.6.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-41175
|
|
tiff<4.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-40745
|
|
vim<9.0.1992 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-5441
|
|
go120<1.20.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39323
|
|
php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44766
|
|
php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44765
|
|
php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44762
|
|
php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44761
|
|
php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44764
|
|
gradle<7.6.3 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2023-42445
|
|
py{27,37,38,39,310,311,312}-octoprint<1.9.3 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41047
|
|
php{56,73,74,80,81,82}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44393
|
|
asn1c-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23910
|
|
asn1c-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23911
|
|
yajl-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33460
|
|
zziplib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18770
|
|
xterm<380 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40359
|
|
vim<9.0.1847 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-4735
|
|
vim<9.0.1846 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4734
|
|
vim<9.0.1833 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4736
|
|
vim<9.0.1848 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4738
|
|
vim<9.0.1331 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4751
|
|
vim<9.0.1858 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4752
|
|
vim<9.0.1840 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4733
|
|
vim<9.0.1857 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4750
|
|
vim<9.0.1873 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4781
|
|
tightvnc<2.8.75 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-27830
|
|
unrar<6.2.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48579
|
|
haproxy<2.7.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-0836
|
|
haproxy<2.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25950
|
|
haproxy<2.8.2 request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-40225
|
|
py{27,37,38,39,310,311,312}-MechanicalSoup<1.3.0 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-34457
|
|
p7zip-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-47069
|
|
p7zip-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1576
|
|
wordpress<6.1.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-2745
|
|
webkit-gtk-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-2203
|
|
vault>=0.10.0<1.13.0 permission-problem https://nvd.nist.gov/vuln/detail/CVE-2023-5077
|
|
vim<8.1.2136 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-20703
|
|
vim<9.0.1664 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-3896
|
|
vim<8.2.2354 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3236
|
|
poppler<23.06.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34872
|
|
poppler<21.01.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36024
|
|
poppler<21.01.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-36023
|
|
poppler<21.01.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38349
|
|
poppler<22.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37052
|
|
poppler<22.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37050
|
|
poppler<0.76.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-18839
|
|
poppler<20.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23804
|
|
protobuf-c<1.4.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48468
|
|
advancecomp<2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2961
|
|
opendkim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-48521
|
|
grub2>=2.00<2.06.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-28736
|
|
grub2>=2.00<2.06.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-28735
|
|
grub2>=2.00<2.06.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28733
|
|
grub2>=2.00<2.06.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-28734
|
|
mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1451
|
|
mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1450
|
|
mp4v2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-29584
|
|
mp4v2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-29578
|
|
mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33720
|
|
mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33718
|
|
mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33716
|
|
mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33719
|
|
mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33717
|
|
njs<0.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19695
|
|
njs<0.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19692
|
|
njs<0.7.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-27730
|
|
njs<0.7.11 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-27729
|
|
njs<0.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27728
|
|
njs<0.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27727
|
|
nats-server>=2.2.0<2.8.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-28357
|
|
qpdf<10.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25786
|
|
gawk<5.1.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-4156
|
|
tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2731
|
|
tiff<4.5.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-26965
|
|
tiff>=3.9.0<4.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-3316
|
|
tiff<4.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3618
|
|
tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40090
|
|
consul>=1.15.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-2816
|
|
consul>=1.13.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-1297
|
|
consul<1.16.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3518
|
|
faad2<2.11.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38858
|
|
faad2<2.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38857
|
|
bitcoin<24.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-33297
|
|
bitcoin-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-37192
|
|
gnuplot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25969
|
|
screen<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24626
|
|
terraform>=1.0.8<1.5.7 overwrite-arbitrary-files https://nvd.nist.gov/vuln/detail/CVE-2023-4782
|
|
sniproxy<0.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25076
|
|
spice-server-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-23793
|
|
routinator<0.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39915
|
|
routinator>=0.9.0<0.12.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-39916
|
|
sofia-sip<1.13.15 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32307
|
|
xpdf-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-26930
|
|
xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2664
|
|
xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2663
|
|
xpdf-[0-9]* divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-2662
|
|
xpdf<4.05 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-3044
|
|
xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3436
|
|
xpdf-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-48545
|
|
tcpdump-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1801
|
|
quickjs-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31922
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43358
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43357
|
|
libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-26592
|
|
nuclei<2.9.9 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2023-37896
|
|
powerdns-recursor<4.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26437
|
|
go117-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
go118-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
go119-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
go120-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
go121<1.21.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
h2o-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
nghttp2<1.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
apache-tomcat>=9<9.0.81 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
apache-tomcat>=8<8.5.94 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
apache-tomcat<8.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36440
|
|
frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40302
|
|
frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43681
|
|
frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40318
|
|
frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31490
|
|
frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31489
|
|
frr<8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3748
|
|
frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41361
|
|
frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41360
|
|
frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41358
|
|
frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41359
|
|
frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38802
|
|
frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-41909
|
|
mupdf<1.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26683
|
|
mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21896
|
|
binutils<2.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48065
|
|
binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48064
|
|
binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47696
|
|
binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47695
|
|
binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47673
|
|
binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48063
|
|
binutils<2.40 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44840
|
|
binutils<2.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46174
|
|
binutils<2.34 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35342
|
|
binutils<2.34 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21490
|
|
binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19724
|
|
libdwarf<0.3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27545
|
|
libdwarf<0.3.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-28163
|
|
kilo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20335
|
|
h2o-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-30847
|
|
atasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34123
|
|
KeePass>=2.00<2.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-32784
|
|
curl>=7.69.0<8.4.0 heap-based-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38545
|
|
curl>=7.9.1<8.4.0 external-control-of-file-name-or-path https://nvd.nist.gov/vuln/detail/CVE-2023-38546
|
|
samba4>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961
|
|
samba4>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961
|
|
samba4>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669
|
|
samba4>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669
|
|
samba4>=4.17<4.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670
|
|
samba4>=4.18<4.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670
|
|
hs-http2<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
varnish-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487
|
|
apache<2.4.58 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-31122
|
|
apache<2.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43622
|
|
apache<2.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45802
|
|
minizip<1.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-45853
|
|
py{27,37,38,39,310,311,312}-configobj<5.0.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26112
|
|
modular-xorg-server<21.1.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-5367
|
|
modular-xorg-server<21.1.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5380
|
|
modular-xorg-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5574
|
|
py{27,38,39,310,311,312}-pip<23.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-5752
|
|
php{56,73,74,80,81,82}-roundcube<1.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-5631
|
|
exiv2>=0.28<0.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-44398
|
|
ltm<1.2.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36328
|
|
gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44441
|
|
qimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44442
|
|
gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44443
|
|
gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44444
|
|
tor<0.4.8.8 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE
|
|
tor<0.4.8.9 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE
|
|
yt-dlp<2023.11.14 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46121
|
|
webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-32919
|
|
webkit-gtk<2.38.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32933
|
|
webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46705
|
|
webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46725
|
|
webkit-gtk<2.42 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32359
|
|
webkit-gtk<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41983
|
|
webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852
|
|
gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37328
|
|
gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37329
|
|
gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0004.html
|
|
gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0005.html
|
|
gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474
|
|
gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475
|
|
gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476
|
|
gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-44429
|
|
gst-plugins1-bad<1.22.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-44446
|
|
vim<9.0.2106 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-48231
|
|
vim<9.0.2112 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-48237
|
|
gnutls<3.8.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-5981
|
|
vim<9.0.2121 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-48706
|
|
samba4>=4.0<4.18.9 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628
|
|
samba4>=4.19<4.19.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628
|
|
py{27,38,39,310,311,312}-cryptography>=3.1<41.0.6 NULL-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-49083
|
|
perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038
|
|
webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916
|
|
webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917
|
|
go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326
|
|
go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326
|
|
go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285
|
|
go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285
|
|
curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218
|
|
curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219
|
|
fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284
|
|
modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6377
|
|
modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6478
|
|
opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660
|
|
asterisk<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786
|
|
asterisk>=20<20.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786
|
|
asterisk>=21<21.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786
|
|
asterisk<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
asterisk>=19<20 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
jq<1.7.1 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50246
|
|
jq<1.7.1 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50268
|
|
webkit-gtk<2.42.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42883
|
|
webkit-gtk<2.42.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42890
|
|
openssh<9.6 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
putty<0.80 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
py{38,39,310,311,321}-asyncssh<2.14.2 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
py{38,39,310,311,321}-asyncssh<2.14.2 extension-negotiation-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46445
|
|
py{38,39,310,311,321}-asyncssh<2.14.2 session-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46446
|
|
libssh<0.106 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
py{38,39,310,311,321}-paramiko<3.4.0 session-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46446
|
|
proftpd<1.3.8b extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
dropbear<2022.83nb1 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
erlang<26.2.1 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
libssh2<1.11.0nb2 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
postfix<3.8.4 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51764
|
|
mysqld_exporter<0.15.1 auth-bypass https://pkg.go.dev/vuln/GO-2022-1130
|
|
mysqld_exporter<0.15.1 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571
|
|
postgres_exporter<0.15.0 auth-bypass https://pkg.go.dev/vuln/GO-2022-1130
|
|
postgres_exporter<0.15.0 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571
|
|
git-lfs<3.4.1 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571
|
|
exim<4.97.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51766
|
|
nuclei<3.1.3 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402
|
|
glow<1.5.1 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402
|
|
sendmail<8.18.0.2 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-51765
|
|
packer<1.9.5 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402
|
|
ssh-chat-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402
|
|
influxdb-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571
|
|
lazygit-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402
|
|
amfora-[0-9]* infinite-loop https://pkg.go.dev/vuln/GO-2021-0238
|
|
hub-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061
|
|
nats-server-[0-9]* permissions-checking https://pkg.go.dev/vuln/GO-2022-0386
|
|
obfs4proxy-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571
|
|
terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-2153
|
|
terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571
|
|
authelia-[0-9]* path-traversal https://pkg.go.dev/vuln/GO-2022-0355
|
|
authelia-[0-9]* out-of-bounds-read https://pkg.go.dev/vuln/GO-2021-0113
|
|
apisprout-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061
|
|
gitea-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402
|
|
gitea-[0-9]* improper-rendering https://pkg.go.dev/vuln/GO-2023-1988
|
|
openssh<9.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51385
|
|
libssh<0.10.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-6004
|
|
p5-Spreadsheet-ParseExcel<0.6600 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-7101
|
|
filezilla<3.66.4 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795
|
|
libheif<1.17.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49462
|
|
libde265<1.0.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49468
|
|
gst-plugins1-bad<1.22.8 buffer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0011.html
|
|
modular-xorg-server<21.1.11 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6816
|
|
coreutils<9.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-0684
|
|
gnutls<3.8.3 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-0553
|
|
py{27,38,39,310,311,312}-Pillow<10.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-50447
|
|
postgresql-server>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
nodejs>=16<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
py{27,37,38,39,310,311,312}-aiohttp<3.9.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-23334
|
|
py{27,37,38,39,310,311,312}-aiohttp<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23829
|
|
curl<8.6.0 out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-52071
|
|
mbedtls<2.28.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170
|
|
mbedtls>=3<3.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170
|
|
mbedtls<2.28.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775
|
|
mbedtls>=3<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775
|
|
opensc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-5992
|
|
py{27,37,38,39,310,311,312}-octoprint-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23637
|
|
glpi<10.0.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51446
|
|
glpi<10.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-23645
|
|
graphviz<10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-46045
|
|
expat<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52425
|
|
expat<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52426
|
|
webkit-gtk<2.42.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-23222
|
|
py{37,38,39,310,311,312}-django>=3.2<3.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680
|
|
py{37,38,39,310,311,312}-django>=4.1<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680
|
|
py{37,38,39,310,311,312}-django>=4.2<4.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680
|
|
libuv>=1.24.0<1.48 address-check-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-24806
|
|
postgresql-server>=12<12.18 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985
|
|
postgresql-server>=13<13.14 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985
|
|
postgresql-server>=14<14.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985
|
|
postgresql-server>=15<15.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985
|
|
postgresql-server>=16<16.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985
|
|
asterisk-13.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
|
|
unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
|
|
unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
|
|
bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-4408
|
|
bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5517
|
|
bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5679
|
|
bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50387
|
|
bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50868
|
|
bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-4408
|
|
bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5517
|
|
bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5679
|
|
bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50387
|
|
bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50868
|
|
dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50387
|
|
dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50868
|
|
powerdns-recursor<4.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50387
|
|
powerdns-recursor<4.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50868
|
|
nss<3.98.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-5388
|
|
py{27,37,38,39,310,311,312}-dns<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29483
|
|
py{27,37,38,39,310,311,312}-cryptography<42.0.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-26130
|
|
libcares<1.27.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25629
|
|
ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941
|
|
ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941
|
|
ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944
|
|
ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944
|
|
ruby{27,30,31}-actionpack71>=7.1<7.1.3.1 denial-of-service https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946
|
|
ruby{27,30,31,32,33}-actionpack70>=7.0<7.0.8.1 cross-site-scripting https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947
|
|
ruby{27,30,31,32,33}-actionpack71>=7.1<7.1.3.2 cross-site-scripting https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947
|
|
ruby{27,30,31,32,33}-activestorage61>=6.1<6.1.7.7 information-leak https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945
|
|
ruby{27,30,31,32,33}-activestorage70>=7.0<7.0.8.1 information-leak https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945
|
|
ruby{27,30,31}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942
|
|
ruby{27,30,31}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942
|
|
py{27,37,38,39,310,311,312}-cbor2<5.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26134
|
|
wolfssl<5.6.6 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-6936
|
|
mantis<2.26.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-23830
|
|
wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24478
|
|
wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24476
|
|
wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24479
|
|
routinator<0.13.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-1622
|
|
yasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2024-25760
|
|
fontforge<20230101nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25081
|
|
fontforge<20230101nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25082
|
|
opendmarc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-25768
|
|
py{37,38,39,310,311,312}-django>=3<3.2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351
|
|
py{37,38,39,310,311,312}-django>=4<4.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351
|
|
py{37,38,39,310,311,312}-django>=5<5.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351
|
|
go121<1.21.8 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45289
|
|
go121<1.21.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24783
|
|
go122<1.22.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45289
|
|
go122<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24783
|
|
py{37,38,39,310,311,312}-fonttools>4.28.2<4.43.0 xml-external-entity-vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-45139
|
|
expat<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28757
|
|
python38<3.8.19 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597
|
|
python39<3.9.19 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597
|
|
python310<3.10.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597
|
|
python311-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597
|
|
python312-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597
|
|
gnutls<3.8.4 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2024-28834
|
|
ruby31-base>=3.1<3.1.4nb3 buffer-overread https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
|
|
ruby31-base>=3.1<3.1.4nb3 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
|
|
ruby32-base>=3.2<3.2.3nb1 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
|
|
ruby33>=3.3<3.3.0nb1 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
|