|Paid content will be excluded from the download.
| Matches : 3040
|Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.
Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer protocol. For Debian 7 this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default . TLS compression is disabled , although this is normally already disabled by the OpenSSL system library. Finally it adds th ...
lighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.
Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service.
Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.
A cross-site scripting vulnerability was discovered in the rich text editor of the Movable Type blogging engine.
Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package - leading to the creation of files outside the directory of the source being unpacked. The update to the stable distribution incorporates non-security changes that were targeted for the point release 7.5.
A vulnerability has been discovered in OpenSSL"s support for the TLS/DTLS Hearbeat extension. Up to 64KB of memory from either client or server can be recovered by an attacker This vulnerability might allow an attacker to compromise the private key and other sensitive data in memory. All users are urged to upgrade their openssl packages and restart applications as soon as possible. According to t ...
This revision to the recent OpenSSL update, DSA-2896-1, checks for some services that may use OpenSSL in a way that they expose the vulnerability. Such services are proposed to be restarted during the upgrade to help in the actual deployment of the fix. The list of services that are checked is not comprehensive. For a more detailed check, it is recommended to use the checkrestart tool from the deb ...
Several vulnerabilities where discovered in PuTTY, a Telnet/SSH client for X. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4206 Mark Wooding discovered a heap-corrupting buffer underrun bug in the modmul function which performs modular multiplication. As the modmul function is called during validation of any DSA signature received by PuTTY, including ...
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   303
© 2013 SecPod Technologies