Debian LTS Linux Distribution
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
It was reported that the BlueZ's HID and HOGP profile implementations don't specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target
libupnp, the portable SDK for UPnP Devices allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath
The following CVE(s) were reported against src:cups. CVE-2019-8842
A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that results in a heap buffer overwrite when magnifying MNG images.
There were several CVE bugs reported against src:netqmail. CVE-2005-1513
In httplib2, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts
Remote denial of service and several memory management issues were fixed in the epson2 driver.
The image view functionality in Horde Groupware Webmail Edition was affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker could have
The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting
The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
Several vulnerabilities were discovered in BIND, a DNS server implementation.
Two memory management issues were found in the asfdemux element of the GStreamer "ugly" plugin collection, which can be triggered via a maliciously crafted file.
Two memory handling issues were found in gst-plugins-good0.10, a collection of GStreamer plugins from the "good" set:
It was discovered that there was both an invalid memory and heap overflow vulnerability in dosfstools, a collection of utilities for making and checking MS-DOS FAT filesystems.
Several vulnerabilities were discovered in package salt, a configuration management and infrastructure automation software.
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
Various minor vulnerabilities have been addredd in libexif, a library to parse EXIF metadata files.