(Nov 4) Multiple vulnerabilities were discovered in the dissectors for IEEE 802.15.4, NBAP, SIP and TCP, which could result in denial of service. The oldstable distribution (squeeze) is only affected by CVE-2013-6340. [More…]
Comment
Archive for Other
2889 results.
(Nov 4) Updated gc packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Nov 4) Cedric Krier discovered that the Tryton client does not sanitize the file extension supplied by the server when processing reports. As a result, a malicious server could send a report with a crafted file extension that causes the client to write any local file to which the [More…]
(Nov 2) A flaw was found in the way the Mozilla Network Security Service library (nss) read uninitialized data when there was a decryption failure. A remote attacker could use this flaw to cause a denial of service (application crash) for applications linked with the nss library. [More…]
(Oct 29) Updated qspice packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 29) An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 29) Updated postgresql and postgresql84 packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Oct 29) Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More…]
(Oct 31) Several security issues were fixed in Thunderbird.
(Oct 29) Firefox could be made to crash or run programs as your login if itopened a malicious website.
(Oct 31) Multiple security issues have been found in iceweasel, Debian’s version of the Mozilla Firefox web browser: multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code. [More…]
(Nov 1) A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. By sending a crafted ID_DER_ASN1_DN ID payload to a vulnerable pluto or [More…]
(Oct 30) An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 31) Updated kernel-rt packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG 2.4. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 24) Several security issues were fixed in MySQL.
(Oct 26) Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-2906 [More…]
(Oct 24) The update of librack-ruby in DSA-2783-1 also addressed CVE-2013-0183. The patch applied breaks rails applications like redmine (see Debian Bug #727187). Updated packages are available to address this problem. [More…]
(Oct 24) Apport could be made to expose privileged information.
(Oct 24) Suds could be made to overwrite files.
(Oct 27) It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the _session parameter in steps/utils/save_pref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and [More…]
(Oct 27) The Google Chrome Security Team discovered two issues (a race condition and a use-after-free issue) in the International Components for Unicode (ICU) library. [More…]
(Oct 23) Nova could be made to crash if it received specially crafted networkrequests.
(Oct 23) Swift could cause the system to crash if it received specially craftedrequests over the network.
(Oct 22) Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Oct 23) Keystone would improperly grant access to invalid tokens under certaincircumstances.
(Oct 23) Glance could be made to expose sensitive information over the networkunder certain circumstances.
(Oct 24) An updated libgcrypt package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More…]
(Oct 22) Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More…]
(Oct 23) python-glanceclient could be made to expose sensitive information over thenetwork.
(Oct 23) Cinder could be made to crash or expose sensitive information.