head 1.761; access; symbols pkgsrc-2026Q1:1.752.0.2 pkgsrc-2026Q1-base:1.752 pkgsrc-2025Q4:1.686.0.2 pkgsrc-2025Q4-base:1.686 pkgsrc-2025Q3:1.555.0.2 pkgsrc-2025Q3-base:1.555 pkgsrc-2025Q2:1.450.0.2 pkgsrc-2025Q2-base:1.450 pkgsrc-2025Q1:1.337.0.2 pkgsrc-2025Q1-base:1.337 pkgsrc-2024Q4:1.291.0.2 pkgsrc-2024Q4-base:1.291 pkgsrc-2024Q3:1.263.0.2 pkgsrc-2024Q3-base:1.263 pkgsrc-2024Q2:1.212.0.2 pkgsrc-2024Q2-base:1.212 pkgsrc-2024Q1:1.157.0.2 pkgsrc-2024Q1-base:1.157 pkgsrc-2023Q4:1.100.0.2 pkgsrc-2023Q4-base:1.100; locks; strict; comment @# @; 1.761 date 2026.05.05.10.09.38; author pin; state Exp; branches; next 1.760; commitid H1s5vmSHdHk9VBEG; 1.760 date 2026.05.02.04.29.30; author pin; state Exp; branches; next 1.759; commitid FPpB85RrcTOq8cEG; 1.759 date 2026.04.27.08.18.32; author jperkin; state Exp; branches; next 1.758; commitid uZ5dr4B5O0Y0zzDG; 1.758 date 2026.04.27.07.10.38; author wiz; state Exp; branches; next 1.757; commitid TlFkdQ6k2s6vbzDG; 1.757 date 2026.04.19.20.00.29; author leot; state Exp; branches; next 1.756; commitid VlpXngDls8BBHBCG; 1.756 date 2026.04.19.19.28.09; author vins; state Exp; branches; next 1.755; commitid 74OEhGuqw47DwBCG; 1.755 date 2026.04.19.18.28.48; author vins; state Exp; branches; next 1.754; commitid q1hncX7cE3HccBCG; 1.754 date 2026.04.02.08.31.28; author wiz; state Exp; branches; next 1.753; commitid A2S1osrRfYC7rmAG; 1.753 date 2026.03.29.12.21.48; author leot; state Exp; branches; next 1.752; commitid qldBqvSN83X9QRzG; 1.752 date 2026.03.19.22.05.29; author leot; state Exp; branches; next 1.751; commitid BmbAXGRM4UFqoDyG; 1.751 date 2026.03.17.20.53.53; author bouyer; state Exp; branches; next 1.750; commitid dUPsAgsoWz5E3nyG; 1.750 date 2026.03.17.19.35.03; author bsiegert; state Exp; branches; next 1.749; commitid RLvJyAVAC5VQCmyG; 1.749 date 2026.03.16.16.36.49; author kim; state Exp; branches; next 1.748; commitid ncPufwtuNKjHFdyG; 1.748 date 2026.03.16.16.32.54; author kim; state Exp; branches; next 1.747; commitid K0TESWefgKklEdyG; 1.747 date 2026.03.16.16.23.38; author kim; state Exp; branches; next 1.746; commitid Rn0OSvdCIPZ9BdyG; 1.746 date 2026.03.16.16.09.39; author kim; state Exp; branches; next 1.745; commitid bZtQpOWxZ3GnwdyG; 1.745 date 2026.03.16.16.07.33; author hauke; state Exp; branches; next 1.744; commitid YjoiRJjEWqWFvdyG; 1.744 date 2026.03.15.17.48.16; author leot; state Exp; branches; next 1.743; commitid nZF2qcI2YEza66yG; 1.743 date 2026.03.15.17.39.34; author leot; state Exp; branches; next 1.742; commitid Ui21vZlb1nud36yG; 1.742 date 2026.03.05.16.49.34; author leot; state Exp; branches; next 1.741; commitid wUl642Pn76RN5OwG; 1.741 date 2026.03.02.22.42.24; author leot; state Exp; branches; next 1.740; commitid i2cP36nr3YSW8swG; 1.740 date 2026.03.02.22.13.05; author leot; state Exp; branches; next 1.739; commitid lGUEgl3otHBRYrwG; 1.739 date 2026.02.26.08.26.37; author leot; state Exp; branches; next 1.738; commitid lvP75ekPDrO3xRvG; 1.738 date 2026.02.26.08.24.44; author leot; state Exp; branches; next 1.737; commitid ZAq7Pr8f9JPuwRvG; 1.737 date 2026.02.25.22.00.55; author leot; state Exp; branches; next 1.736; commitid WfCA9XNPGesK4OvG; 1.736 date 2026.02.25.19.58.38; author leot; state Exp; branches; next 1.735; commitid Nu3RLqhquEPHoNvG; 1.735 date 2026.02.22.16.17.32; author taca; state Exp; branches; next 1.734; commitid vrfCjPRFQCCUgovG; 1.734 date 2026.02.22.00.40.56; author ryoon; state Exp; branches; next 1.733; commitid Dvuxg2JHfSqr5jvG; 1.733 date 2026.02.15.15.43.28; author spz; state Exp; branches; next 1.732; commitid pIEnJxesytnJiuuG; 1.732 date 2026.02.11.13.23.56; author leot; state Exp; branches; next 1.731; commitid wWnbkThqhZrhFXtG; 1.731 date 2026.02.08.14.09.55; author leot; state Exp; branches; next 1.730; commitid tFdtHBZH3u901AtG; 1.730 date 2026.02.08.14.08.07; author leot; state Exp; branches; next 1.729; commitid wh5pA9TA8ixk0AtG; 1.729 date 2026.02.08.14.01.54; author leot; state Exp; branches; next 1.728; commitid sNvbwccgBXyfYztG; 1.728 date 2026.02.07.10.35.49; author leot; state Exp; branches; next 1.727; commitid JSkSvgVjCsqiQqtG; 1.727 date 2026.02.07.10.00.30; author vins; state Exp; branches; next 1.726; commitid s4rXE8ooRtjmFqtG; 1.726 date 2026.02.03.12.40.13; author leot; state Exp; branches; next 1.725; commitid moTqVuOQ1nheGVsG; 1.725 date 2026.02.03.11.58.22; author leot; state Exp; branches; next 1.724; commitid Kfo8z03cq98SrVsG; 1.724 date 2026.01.30.11.05.48; author leot; state Exp; branches; next 1.723; commitid DetntyKJ5qgzhpsG; 1.723 date 2026.01.29.11.48.49; author leot; state Exp; branches; next 1.722; commitid KwJGsIMK0fkuyhsG; 1.722 date 2026.01.25.21.02.28; author leot; state Exp; branches; next 1.721; commitid OBa2JWAMID2tKOrG; 1.721 date 2026.01.22.09.37.24; author leot; state Exp; branches; next 1.720; commitid uBdhfEfnhplp3nrG; 1.720 date 2026.01.21.21.30.49; author leot; state Exp; branches; next 1.719; commitid D4xJfFaxhHH92jrG; 1.719 date 2026.01.21.18.08.52; author leot; state Exp; branches; next 1.718; commitid d3HTeoGeFrlPUhrG; 1.718 date 2026.01.21.17.53.47; author leot; state Exp; branches; next 1.717; commitid FxrGaYay8vaBPhrG; 1.717 date 2026.01.19.17.53.04; author leot; state Exp; branches; next 1.716; commitid GSUn8h6aWEnqT1rG; 1.716 date 2026.01.18.20.38.52; author leot; state Exp; branches; next 1.715; commitid 519x7I6LIy7eQUqG; 1.715 date 2026.01.18.11.24.19; author leot; state Exp; branches; next 1.714; commitid AmY7ppOAJyF0MRqG; 1.714 date 2026.01.18.11.20.32; author leot; state Exp; branches; next 1.713; commitid eaVKF1GFJ3kEKRqG; 1.713 date 2026.01.18.11.16.55; author leot; state Exp; branches; next 1.712; commitid eO51st7WJCNuJRqG; 1.712 date 2026.01.10.13.00.41; author leot; state Exp; branches; next 1.711; commitid TGuOr4ucxhSWyQpG; 1.711 date 2026.01.10.12.22.18; author leot; state Exp; branches; next 1.710; commitid JFZOnWdyDW2SlQpG; 1.710 date 2026.01.09.12.02.35; author leot; state Exp; branches; next 1.709; commitid cXZW1dnKoGhYgIpG; 1.709 date 2026.01.08.10.50.24; author leot; state Exp; branches; next 1.708; commitid CkcOUilXXmbnUzpG; 1.708 date 2026.01.07.22.12.04; author leot; state Exp; branches; next 1.707; commitid ftJUN9IWWy4cIvpG; 1.707 date 2026.01.07.21.12.27; author wiz; state Exp; branches; next 1.706; commitid KxsKULMotsitnvpG; 1.706 date 2026.01.06.13.49.41; author leot; state Exp; branches; next 1.705; commitid TRIMQPdvlM0QXkpG; 1.705 date 2026.01.06.12.16.44; author leot; state Exp; branches; next 1.704; commitid 69cXZlBeMZdYrkpG; 1.704 date 2026.01.06.10.24.28; author nia; state Exp; branches; next 1.703; commitid yardWL80pkUsPjpG; 1.703 date 2026.01.04.19.47.23; author leot; state Exp; branches; next 1.702; commitid WhkRyTdSxXio07pG; 1.702 date 2026.01.04.18.51.38; author leot; state Exp; branches; next 1.701; commitid 6JXEXvbtcJNpH6pG; 1.701 date 2026.01.03.21.50.20; author leot; state Exp; branches; next 1.700; commitid SwOH2dhk0AmHIZoG; 1.700 date 2026.01.03.21.37.25; author leot; state Exp; branches; next 1.699; commitid 5ut09lmnYEb8EZoG; 1.699 date 2026.01.03.21.36.23; author leot; state Exp; branches; next 1.698; commitid lbI9rvXtY5ZNDZoG; 1.698 date 2026.01.03.21.29.14; author leot; state Exp; branches; next 1.697; commitid O9haGcDIzDVuBZoG; 1.697 date 2026.01.03.21.19.16; author leot; state Exp; branches; next 1.696; commitid kn3UCwKRcOQ1yZoG; 1.696 date 2026.01.03.11.45.06; author nia; state Exp; branches; next 1.695; commitid m4AJLsp7MfN6nWoG; 1.695 date 2025.12.31.21.24.02; author leot; state Exp; branches; next 1.694; commitid lNLRAGuoY3iHFBoG; 1.694 date 2025.12.30.11.56.20; author leot; state Exp; branches; next 1.693; commitid ypmbLv8PD3nRyqoG; 1.693 date 2025.12.29.11.18.09; author leot; state Exp; branches; next 1.692; commitid dj9kKA9Yj1OznioG; 1.692 date 2025.12.29.11.17.06; author leot; state Exp; branches; next 1.691; commitid GruPQ3ObtbUonioG; 1.691 date 2025.12.27.21.45.49; author leot; state Exp; branches; next 1.690; commitid Eh4I2fbOcIg7V5oG; 1.690 date 2025.12.26.11.49.38; author leot; state Exp; branches; next 1.689; commitid G0nU663AdVlpEUnG; 1.689 date 2025.12.25.15.10.06; author leot; state Exp; branches; next 1.688; commitid OmtEF1RWfUKjNNnG; 1.688 date 2025.12.24.21.19.05; author leot; state Exp; branches; next 1.687; commitid 8EBCF7Hb5lMTRHnG; 1.687 date 2025.12.23.19.19.18; author bsiegert; state Exp; branches; next 1.686; commitid TIDp5jB9gCaSeznG; 1.686 date 2025.12.20.13.06.49; author leot; state Exp; branches; next 1.685; commitid LsBT0YwYrsb3h9nG; 1.685 date 2025.12.15.21.44.50; author leot; state Exp; branches; next 1.684; commitid 8SKEISJr3FQHiymG; 1.684 date 2025.12.14.20.53.56; author leot; state Exp; branches; next 1.683; commitid UNejQCyRcuvb3qmG; 1.683 date 2025.12.12.17.08.31; author leot; state Exp; branches; next 1.682; commitid 0z3eSXKFN8NRR8mG; 1.682 date 2025.12.10.10.09.08; author leot; state Exp; branches; next 1.681; commitid JLEyfu03lV4XBQlG; 1.681 date 2025.12.10.10.01.36; author leot; state Exp; branches; next 1.680; commitid F1C44rI1MvpgzQlG; 1.680 date 2025.12.08.13.16.00; author leot; state Exp; branches; next 1.679; commitid 2yz2zlzOlDf4IBlG; 1.679 date 2025.12.08.12.02.16; author leot; state Exp; branches; next 1.678; commitid MoVliXMEyQ0DiBlG; 1.678 date 2025.12.04.10.03.25; author leot; state Exp; branches; next 1.677; commitid EdlNhemO7WSUL4lG; 1.677 date 2025.12.03.10.36.26; author leot; state Exp; branches; next 1.676; commitid 31LwV4lxOfqcZWkG; 1.676 date 2025.12.03.09.27.15; author leot; state Exp; branches; next 1.675; commitid cOg2MhYgmodpBWkG; 1.675 date 2025.12.03.07.40.33; author wiz; state Exp; branches; next 1.674; commitid dN7io1ZZxHgT0WkG; 1.674 date 2025.12.02.17.50.40; author leot; state Exp; branches; next 1.673; commitid NFroOdAnq2fgqRkG; 1.673 date 2025.12.01.17.36.06; author leot; state Exp; branches; next 1.672; commitid Wf9QRTgNSbL9nJkG; 1.672 date 2025.11.30.16.48.41; author leot; state Exp; branches; next 1.671; commitid HZ7wZlX9WQMY8BkG; 1.671 date 2025.11.23.20.53.32; author leot; state Exp; branches; next 1.670; commitid o68wMmzcDvxRIIjG; 1.670 date 2025.11.22.20.51.38; author leot; state Exp; branches; next 1.669; commitid 51MKAJeSUN7eKAjG; 1.669 date 2025.11.22.11.47.20; author leot; state Exp; branches; next 1.668; commitid 71RdI7fUsCbtJxjG; 1.668 date 2025.11.19.21.57.39; author leot; state Exp; branches; next 1.667; commitid oNl0ZX0zGInScdjG; 1.667 date 2025.11.19.21.57.11; author leot; state Exp; branches; next 1.666; commitid qa58cyTkhiWIcdjG; 1.666 date 2025.11.17.13.38.05; author wiz; state Exp; branches; next 1.665; commitid wZVEAj2BKxmkvUiG; 1.665 date 2025.11.17.13.32.38; author gdt; state Exp; branches; next 1.664; commitid Ga4e7ZlST3hCtUiG; 1.664 date 2025.11.15.10.06.30; author leot; state Exp; branches; next 1.663; commitid d8wPPZ6PJmqNoDiG; 1.663 date 2025.11.14.10.15.02; author leot; state Exp; branches; next 1.662; commitid nVvpw24NsYmytviG; 1.662 date 2025.11.13.18.59.22; author leot; state Exp; branches; next 1.661; commitid 2ngoWIjAXe5vpqiG; 1.661 date 2025.11.13.09.29.16; author leot; state Exp; branches; next 1.660; commitid 4w2d6puKDrE8gniG; 1.660 date 2025.11.12.10.55.25; author leot; state Exp; branches; next 1.659; commitid KhC9gn0JTioALfiG; 1.659 date 2025.11.12.09.38.57; author leot; state Exp; branches; next 1.658; commitid ErAD8p6Pf3qqlfiG; 1.658 date 2025.11.11.11.02.30; author leot; state Exp; branches; next 1.657; commitid 11PTDKAeew7ZP7iG; 1.657 date 2025.11.05.22.22.26; author wiz; state Exp; branches; next 1.656; commitid F7HB0B05t5C5NphG; 1.656 date 2025.11.05.11.53.25; author wiz; state Exp; branches; next 1.655; commitid nz7tOafxOgjqjmhG; 1.655 date 2025.11.05.09.03.45; author leot; state Exp; branches; next 1.654; commitid 5tBzumobM5qinlhG; 1.654 date 2025.11.04.16.19.35; author leot; state Exp; branches; next 1.653; commitid ZlYOZQE2vvXAOfhG; 1.653 date 2025.11.03.09.53.03; author adam; state Exp; branches; next 1.652; commitid 1ckBvr1De23gI5hG; 1.652 date 2025.11.02.19.19.33; author vins; state Exp; branches; next 1.651; commitid 5MVK6PB2IPvtS0hG; 1.651 date 2025.11.02.16.01.22; author wiz; state Exp; branches; next 1.650; commitid rYGmI0EQDrjkMZgG; 1.650 date 2025.11.01.10.36.33; author leot; state Exp; branches; next 1.649; commitid P1W5bKDj1PiV0QgG; 1.649 date 2025.11.01.10.04.07; author leot; state Exp; branches; next 1.648; commitid F9I2UW2ZyBfWPPgG; 1.648 date 2025.10.31.22.00.38; author leot; state Exp; branches; next 1.647; commitid n6scpU2hQnIMPLgG; 1.647 date 2025.10.31.09.48.45; author leot; state Exp; branches; next 1.646; commitid Z8Q6zGxnR5Y2MHgG; 1.646 date 2025.10.30.11.08.22; author leot; state Exp; branches; next 1.645; commitid 7ipJMYtBBYcZfAgG; 1.645 date 2025.10.30.10.24.30; author leot; state Exp; branches; next 1.644; commitid UKP3bCPQrtlT0AgG; 1.644 date 2025.10.28.10.26.58; author leot; state Exp; branches; next 1.643; commitid MhntluJyrdIJ5kgG; 1.643 date 2025.10.28.09.33.00; author jperkin; state Exp; branches; next 1.642; commitid ku8KVehm1tYjNjgG; 1.642 date 2025.10.28.09.22.43; author leot; state Exp; branches; next 1.641; commitid dpBfZdo3zAclIjgG; 1.641 date 2025.10.27.07.40.01; author jnemeth; state Exp; branches; next 1.640; commitid k0HAo1MKl4pzcbgG; 1.640 date 2025.10.25.13.28.45; author kikadf; state Exp; branches; next 1.639; commitid kKAYhO5z2B7SbXfG; 1.639 date 2025.10.23.17.11.23; author he; state Exp; branches; next 1.638; commitid iS3rL4IqEdmluIfG; 1.638 date 2025.10.22.13.06.20; author he; state Exp; branches; next 1.637; commitid vI1HRGDmZh82azfG; 1.637 date 2025.10.21.21.19.59; author leot; state Exp; branches; next 1.636; commitid BQr2r3TRXfILVtfG; 1.636 date 2025.10.21.18.59.06; author leot; state Exp; branches; next 1.635; commitid Zg8pKq182nwX8tfG; 1.635 date 2025.10.21.12.32.16; author leot; state Exp; branches; next 1.634; commitid HgrClC86oCfz0rfG; 1.634 date 2025.10.20.08.44.31; author leot; state Exp; branches; next 1.633; commitid JRRep65uef3zMhfG; 1.633 date 2025.10.19.10.45.35; author leot; state Exp; branches; next 1.632; commitid jyVxBUkRX6c4uafG; 1.632 date 2025.10.17.08.00.36; author kikadf; state Exp; branches; next 1.631; commitid F7VoQLzYMHnWCTeG; 1.631 date 2025.10.17.07.28.15; author kikadf; state Exp; branches; next 1.630; commitid 4c75Y1iH30z4sTeG; 1.630 date 2025.10.17.06.25.07; author kikadf; state Exp; branches; next 1.629; commitid YZgxLB6X3hUv6TeG; 1.629 date 2025.10.17.06.23.05; author kikadf; state Exp; branches; next 1.628; commitid 9EranvSYeM2S5TeG; 1.628 date 2025.10.17.06.19.41; author kikadf; state Exp; branches; next 1.627; commitid jBbREzhkwqSI4TeG; 1.627 date 2025.10.17.06.18.11; author kikadf; state Exp; branches; next 1.626; commitid BjBNz2rCowV74TeG; 1.626 date 2025.10.17.06.16.05; author kikadf; state Exp; branches; next 1.625; commitid IBdtzumd7BHk3TeG; 1.625 date 2025.10.16.21.28.01; author leot; state Exp; branches; next 1.624; commitid SQtLzYnxlOeu8QeG; 1.624 date 2025.10.16.10.28.48; author leot; state Exp; branches; next 1.623; commitid eNjqRZ3N6wpiuMeG; 1.623 date 2025.10.15.20.52.43; author wiz; state Exp; branches; next 1.622; commitid IP8XnKsbj36fYHeG; 1.622 date 2025.10.15.20.48.56; author leot; state Exp; branches; next 1.621; commitid IuMVRkjCHyLVWHeG; 1.621 date 2025.10.15.20.47.00; author leot; state Exp; branches; next 1.620; commitid HYBayKjbONHoWHeG; 1.620 date 2025.10.15.11.58.39; author leot; state Exp; branches; next 1.619; commitid f6VsZbCM35b71FeG; 1.619 date 2025.10.15.11.05.07; author leot; state Exp; branches; next 1.618; commitid o9PwQXDExyJOIEeG; 1.618 date 2025.10.15.10.19.38; author leot; state Exp; branches; next 1.617; commitid 65ZfQCHVNP7dtEeG; 1.617 date 2025.10.15.09.42.30; author wiz; state Exp; branches; next 1.616; commitid fTKsTgG9XcKkgEeG; 1.616 date 2025.10.14.21.56.45; author leot; state Exp; branches; next 1.615; commitid XTYwaYnVr6BgmAeG; 1.615 date 2025.10.14.08.54.24; author leot; state Exp; branches; next 1.614; commitid toq4228jXfcC1weG; 1.614 date 2025.10.12.07.00.23; author wiz; state Exp; branches; next 1.613; commitid 94wyX9s41d8EsfeG; 1.613 date 2025.10.11.19.07.36; author wiz; state Exp; branches; next 1.612; commitid 9MFvaTYs9E9dwbeG; 1.612 date 2025.10.11.18.13.16; author leot; state Exp; branches; next 1.611; commitid 0563Js99x8oBdbeG; 1.611 date 2025.10.11.12.50.39; author wiz; state Exp; branches; next 1.610; commitid 2pWQ0ZVT5U6Pq9eG; 1.610 date 2025.10.11.12.02.09; author leot; state Exp; branches; next 1.609; commitid 3TxoL35IE7Tda9eG; 1.609 date 2025.10.11.10.35.07; author wiz; state Exp; branches; next 1.608; commitid mUtuE3ZDyudnG8eG; 1.608 date 2025.10.11.10.29.19; author leot; state Exp; branches; next 1.607; commitid nhnwezQ9wXjtE8eG; 1.607 date 2025.10.11.10.06.44; author leot; state Exp; branches; next 1.606; commitid KqTORyPmVuIHw8eG; 1.606 date 2025.10.11.09.17.46; author leot; state Exp; branches; next 1.605; commitid lr2QN3mJHTMUf8eG; 1.605 date 2025.10.10.20.59.04; author leot; state Exp; branches; next 1.604; commitid ZC21wtmEXX2ra4eG; 1.604 date 2025.10.10.19.10.16; author leot; state Exp; branches; next 1.603; commitid ySJVz5Bqlczcz3eG; 1.603 date 2025.10.10.17.56.29; author leot; state Exp; branches; next 1.602; commitid wvIP3D8OPOeO93eG; 1.602 date 2025.10.10.17.11.24; author leot; state Exp; branches; next 1.601; commitid eTGbiJkSktrrU2eG; 1.601 date 2025.10.10.16.26.23; author leot; state Exp; branches; next 1.600; commitid PZyMDNUFzZQSE2eG; 1.600 date 2025.10.10.15.54.08; author leot; state Exp; branches; next 1.599; commitid vg2fOtXqAVMNt2eG; 1.599 date 2025.10.10.10.27.47; author leot; state Exp; branches; next 1.598; commitid i4XLD6zuIXlSF0eG; 1.598 date 2025.10.10.10.03.02; author leot; state Exp; branches; next 1.597; commitid cyaQolboy2hkx0eG; 1.597 date 2025.10.09.17.31.44; author leot; state Exp; branches; next 1.596; commitid UWZL5QNfAr4l3VdG; 1.596 date 2025.10.09.17.22.15; author leot; state Exp; branches; next 1.595; commitid iybb2w1kDlL20VdG; 1.595 date 2025.10.09.17.00.30; author leot; state Exp; branches; next 1.594; commitid Fi55D2PoYXKFSUdG; 1.594 date 2025.10.09.13.41.50; author leot; state Exp; branches; next 1.593; commitid usQ70DHyvYItMTdG; 1.593 date 2025.10.09.13.05.41; author leot; state Exp; branches; next 1.592; commitid zGIZZ2RLOAo3ATdG; 1.592 date 2025.10.09.08.31.35; author leot; state Exp; branches; next 1.591; commitid I0H8kkQCxVP44SdG; 1.591 date 2025.10.08.20.48.19; author leot; state Exp; branches; next 1.590; commitid V410aLaL9MzOaOdG; 1.590 date 2025.10.08.20.47.41; author leot; state Exp; branches; next 1.589; commitid ZhzbAj1Hg7awaOdG; 1.589 date 2025.10.08.16.56.54; author leot; state Exp; branches; next 1.588; commitid VqemvglRZgRpTMdG; 1.588 date 2025.10.07.21.32.21; author leot; state Exp; branches; next 1.587; commitid qWsOWnWS6wmNrGdG; 1.587 date 2025.10.07.21.31.17; author leot; state Exp; branches; next 1.586; commitid ykzrAGUiRcpwrGdG; 1.586 date 2025.10.07.21.25.17; author leot; state Exp; branches; next 1.585; commitid Pb68UUIuJPaupGdG; 1.585 date 2025.10.06.20.34.35; author leot; state Exp; branches; next 1.584; commitid vkW1jHwDEL06aydG; 1.584 date 2025.10.06.09.56.20; author leot; state Exp; branches; next 1.583; commitid tqJneSbEjuUXCudG; 1.583 date 2025.10.06.09.52.13; author leot; state Exp; branches; next 1.582; commitid bLSgnYY21dpEBudG; 1.582 date 2025.10.05.17.57.20; author leot; state Exp; branches; next 1.581; commitid ZVkU6E0TSh92kpdG; 1.581 date 2025.10.05.11.01.56; author leot; state Exp; branches; next 1.580; commitid IHIHpuJgkJxx1ndG; 1.580 date 2025.10.05.07.26.26; author wiz; state Exp; branches; next 1.579; commitid V7jIuqcf0wbhPldG; 1.579 date 2025.10.04.21.20.11; author leot; state Exp; branches; next 1.578; commitid ZZFwLCxtcAICtidG; 1.578 date 2025.10.04.17.17.23; author kikadf; state Exp; branches; next 1.577; commitid QdaNAtBfuSLg8hdG; 1.577 date 2025.10.04.14.42.39; author kikadf; state Exp; branches; next 1.576; commitid hjJpZBdtzAqSggdG; 1.576 date 2025.10.04.14.17.39; author kikadf; state Exp; branches; next 1.575; commitid faOBX3WIit9L7gdG; 1.575 date 2025.10.04.06.32.51; author wiz; state Exp; branches; next 1.574; commitid sdp9tTUSwORhzddG; 1.574 date 2025.10.03.17.08.02; author leot; state Exp; branches; next 1.573; commitid 0zsM2OL6IFQb79dG; 1.573 date 2025.10.03.16.59.20; author leot; state Exp; branches; next 1.572; commitid lcysy1ZHAFyb49dG; 1.572 date 2025.10.03.16.35.51; author leot; state Exp; branches; next 1.571; commitid 9ir0DbDKlLE5W8dG; 1.571 date 2025.10.03.16.21.12; author leot; state Exp; branches; next 1.570; commitid HWSGgEHv6dm8R8dG; 1.570 date 2025.10.03.16.09.09; author kikadf; state Exp; branches; next 1.569; commitid kDFeefLJZDxIM8dG; 1.569 date 2025.10.02.14.26.29; author nia; state Exp; branches; next 1.568; commitid E3zfAcTRoQaLf0dG; 1.568 date 2025.10.01.21.04.57; author leot; state Exp; branches; next 1.567; commitid Q7u82xXVnkFnuUcG; 1.567 date 2025.10.01.20.24.53; author leot; state Exp; branches; next 1.566; commitid bWdVFGrl0J3IgUcG; 1.566 date 2025.10.01.20.16.54; author leot; state Exp; branches; next 1.565; commitid H9R3tTH4BBqVdUcG; 1.565 date 2025.10.01.19.56.01; author leot; state Exp; branches; next 1.564; commitid sUwdSkm8rEtK6UcG; 1.564 date 2025.10.01.19.32.17; author leot; state Exp; branches; next 1.563; commitid x17wv5hiTdSBYTcG; 1.563 date 2025.10.01.19.14.26; author leot; state Exp; branches; next 1.562; commitid DufWDZZSTEalSTcG; 1.562 date 2025.10.01.17.00.05; author wiz; state Exp; branches; next 1.561; commitid 3KCNh1qlJ0pr8TcG; 1.561 date 2025.09.28.15.31.41; author khorben; state Exp; branches; next 1.560; commitid OEUAXPT2bn8YJucG; 1.560 date 2025.09.27.08.19.50; author wiz; state Exp; branches; next 1.559; commitid Nw4MRkpQ8UJRnkcG; 1.559 date 2025.09.26.11.35.04; author gdt; state Exp; branches; next 1.558; commitid 1mEC9WHfnmeZudcG; 1.558 date 2025.09.26.10.38.10; author wiz; state Exp; branches; next 1.557; commitid 0CJo3Z5YfOcjbdcG; 1.557 date 2025.09.25.07.30.15; author wiz; state Exp; branches; next 1.556; commitid 8WYLiensEsJSa4cG; 1.556 date 2025.09.23.10.04.48; author wiz; state Exp; branches; next 1.555; commitid MNgUZVFnZHMW5PbG; 1.555 date 2025.09.16.15.38.44; author kim; state Exp; branches; next 1.554; commitid iW2fC68ruY9haXaG; 1.554 date 2025.09.15.22.09.20; author nia; state Exp; branches; next 1.553; commitid vUnwapQBMTbtmRaG; 1.553 date 2025.09.13.19.01.14; author wiz; state Exp; branches; next 1.552; commitid dOudsShKVkmUnAaG; 1.552 date 2025.09.13.17.39.52; author leot; state Exp; branches; next 1.551; commitid WlpB1UqO6kGTVzaG; 1.551 date 2025.09.13.17.38.25; author leot; state Exp; branches; next 1.550; commitid IYDAmonAtbpmVzaG; 1.550 date 2025.09.13.11.19.03; author leot; state Exp; branches; next 1.549; commitid eZJ7ifUkJA82PxaG; 1.549 date 2025.09.13.11.15.08; author leot; state Exp; branches; next 1.548; commitid J9fxzS9k8rJ0OxaG; 1.548 date 2025.09.13.11.06.49; author leot; state Exp; branches; next 1.547; commitid EffFfCnIflOUKxaG; 1.547 date 2025.09.12.07.48.23; author wiz; state Exp; branches; next 1.546; commitid sln0rzppv0lRGoaG; 1.546 date 2025.09.11.17.49.28; author leot; state Exp; branches; next 1.545; commitid wMO4OJdzE08f3kaG; 1.545 date 2025.09.11.09.39.43; author leot; state Exp; branches; next 1.544; commitid PFvIdoKJoCX9lhaG; 1.544 date 2025.09.10.10.12.56; author leot; state Exp; branches; next 1.543; commitid WixDI7OYCBWzy9aG; 1.543 date 2025.09.09.15.48.36; author leot; state Exp; branches; next 1.542; commitid 5jxQM65ufXSOr3aG; 1.542 date 2025.09.09.15.04.14; author leot; state Exp; branches; next 1.541; commitid eg6z737KV7Ptc3aG; 1.541 date 2025.09.07.19.28.15; author leot; state Exp; branches; next 1.540; commitid cyFjfYtQLgo7JO9G; 1.540 date 2025.09.04.17.46.07; author kikadf; state Exp; branches; next 1.539; commitid OEqnrFRYqZOMfq9G; 1.539 date 2025.09.01.15.27.04; author kikadf; state Exp; branches; next 1.538; commitid a8iANF8XNDyXz19G; 1.538 date 2025.09.01.15.03.39; author kikadf; state Exp; branches; next 1.537; commitid 3v5GDRxXa8kYr19G; 1.537 date 2025.09.01.12.10.30; author kikadf; state Exp; branches; next 1.536; commitid mVyYoBuOuo0Tu09G; 1.536 date 2025.09.01.12.09.03; author kikadf; state Exp; branches; next 1.535; commitid wxV1s15x8bHnu09G; 1.535 date 2025.08.31.09.48.07; author leot; state Exp; branches; next 1.534; commitid iYBulsNRAny1KR8G; 1.534 date 2025.08.31.09.47.15; author leot; state Exp; branches; next 1.533; commitid DnI65ZDLmOgCJR8G; 1.533 date 2025.08.31.09.46.21; author leot; state Exp; branches; next 1.532; commitid bdMWURk6llO1JR8G; 1.532 date 2025.08.31.09.44.21; author leot; state Exp; branches; next 1.531; commitid RkcnbzxnBrZyIR8G; 1.531 date 2025.08.30.17.55.40; author kikadf; state Exp; branches; next 1.530; commitid XhfCz6i5Cj2etM8G; 1.530 date 2025.08.28.12.06.18; author kikadf; state Exp; branches; next 1.529; commitid Ul8qKV1ljYIqBu8G; 1.529 date 2025.08.28.12.04.55; author kikadf; state Exp; branches; next 1.528; commitid ltBuFA86l9RVAu8G; 1.528 date 2025.08.28.12.03.51; author kikadf; state Exp; branches; next 1.527; commitid tKA1hbEfVALpAu8G; 1.527 date 2025.08.28.12.02.05; author kikadf; state Exp; branches; next 1.526; commitid IYwEYqELlKjWzu8G; 1.526 date 2025.08.28.12.00.49; author kikadf; state Exp; branches; next 1.525; commitid zkq4iPCJ1AKrzu8G; 1.525 date 2025.08.28.11.58.59; author kikadf; state Exp; branches; next 1.524; commitid tKUYycXs315Oyu8G; 1.524 date 2025.08.27.10.50.01; author leot; state Exp; branches; next 1.523; commitid 9r1UqUQMfqzedm8G; 1.523 date 2025.08.26.15.26.01; author leot; state Exp; branches; next 1.522; commitid QkhCnM0zjS2SLf8G; 1.522 date 2025.08.24.17.06.08; author kikadf; state Exp; branches; next 1.521; commitid uO3NOZils1Upn08G; 1.521 date 2025.08.24.08.16.53; author leot; state Exp; branches; next 1.520; commitid NC4ZTaFfjHYGsX7G; 1.520 date 2025.08.24.07.57.46; author leot; state Exp; branches; next 1.519; commitid HQa6zez6jYK4mX7G; 1.519 date 2025.08.23.18.19.22; author leot; state Exp; branches; next 1.518; commitid ZBP92nbIFqZlPS7G; 1.518 date 2025.08.23.13.15.38; author kikadf; state Exp; branches; next 1.517; commitid x5FTPSu0EN209R7G; 1.517 date 2025.08.22.10.35.49; author leot; state Exp; branches; next 1.516; commitid 3LVQBjro3cXjiI7G; 1.516 date 2025.08.22.10.30.52; author leot; state Exp; branches; next 1.515; commitid KSUg7OMsgPACgI7G; 1.515 date 2025.08.22.10.18.03; author wiz; state Exp; branches; next 1.514; commitid t7ycJWxMQh3ecI7G; 1.514 date 2025.08.22.09.49.55; author leot; state Exp; branches; next 1.513; commitid ybXjzPNqHLpr2I7G; 1.513 date 2025.08.22.09.37.46; author leot; state Exp; branches; next 1.512; commitid KlreWEC0Q14nYH7G; 1.512 date 2025.08.22.09.19.44; author kikadf; state Exp; branches; next 1.511; commitid gBubjcKv9vcbSH7G; 1.511 date 2025.08.22.09.07.13; author kikadf; state Exp; branches; next 1.510; commitid ecKzEu57kW6UNH7G; 1.510 date 2025.08.22.09.04.48; author kikadf; state Exp; branches; next 1.509; commitid dykH9vNfe305NH7G; 1.509 date 2025.08.22.09.02.23; author kikadf; state Exp; branches; next 1.508; commitid JCskF2iZYiqfMH7G; 1.508 date 2025.08.22.09.01.13; author kikadf; state Exp; branches; next 1.507; commitid 0sbLNO1oNhCPLH7G; 1.507 date 2025.08.22.08.59.49; author kikadf; state Exp; branches; next 1.506; commitid OuJqwYm6V1ElLH7G; 1.506 date 2025.08.22.08.57.57; author kikadf; state Exp; branches; next 1.505; commitid 3aVHqGgBhTcHKH7G; 1.505 date 2025.08.16.15.58.53; author osa; state Exp; branches; next 1.504; commitid J7fXfkhPs6TMgY6G; 1.504 date 2025.08.16.15.16.04; author leot; state Exp; branches; next 1.503; commitid w3WRySD45eQj2Y6G; 1.503 date 2025.08.15.21.49.39; author osa; state Exp; branches; next 1.502; commitid bSl09X3ff5OnfS6G; 1.502 date 2025.08.15.14.03.47; author wiz; state Exp; branches; next 1.501; commitid frJm7JI0JlXAFP6G; 1.501 date 2025.08.15.10.00.09; author leot; state Exp; branches; next 1.500; commitid KEZNtvp3wvaVjO6G; 1.500 date 2025.08.14.21.04.12; author wiz; state Exp; branches; next 1.499; commitid ix64bEe0YaZP1K6G; 1.499 date 2025.08.14.13.16.32; author leot; state Exp; branches; next 1.498; commitid 0U9x4YIzC0PsrH6G; 1.498 date 2025.08.14.12.57.51; author leot; state Exp; branches; next 1.497; commitid iWdr17W0KIz3lH6G; 1.497 date 2025.08.14.12.32.17; author leot; state Exp; branches; next 1.496; commitid akswpgAQqvg1cH6G; 1.496 date 2025.08.14.11.57.09; author kikadf; state Exp; branches; next 1.495; commitid v01YGCdiIJiQXG6G; 1.495 date 2025.08.14.10.16.01; author wiz; state Exp; branches; next 1.494; commitid P11VwqYh2XLurG6G; 1.494 date 2025.08.14.09.33.51; author kikadf; state Exp; branches; next 1.493; commitid K1vgHB0IzZiPcG6G; 1.493 date 2025.08.14.08.48.47; author kikadf; state Exp; branches; next 1.492; commitid UZC9GgdWk6NqXF6G; 1.492 date 2025.08.14.08.26.57; author kikadf; state Exp; branches; next 1.491; commitid 5Ib0yUKFRuxpPF6G; 1.491 date 2025.08.14.08.19.50; author kikadf; state Exp; branches; next 1.490; commitid Eshlys8R57PqNF6G; 1.490 date 2025.08.12.17.41.33; author morr; state Exp; branches; next 1.489; commitid quwvsQthij3oYs6G; 1.489 date 2025.08.11.13.34.44; author kikadf; state Exp; branches; next 1.488; commitid 6GfvSiltfV1GCj6G; 1.488 date 2025.08.10.03.35.46; author wiz; state Exp; branches; next 1.487; commitid AL0vTPfQAks5m86G; 1.487 date 2025.08.09.07.11.09; author leot; state Exp; branches; next 1.486; commitid UmqoGQWHOg05A16G; 1.486 date 2025.08.04.13.22.03; author kikadf; state Exp; branches; next 1.485; commitid vATZs1UCye6fMp5G; 1.485 date 2025.08.03.10.45.22; author wiz; state Exp; branches; next 1.484; commitid n7ozNKBpbXupXg5G; 1.484 date 2025.08.03.10.05.54; author leot; state Exp; branches; next 1.483; commitid aWKaaCxOazDTJg5G; 1.483 date 2025.08.02.16.10.18; author leot; state Exp; branches; next 1.482; commitid fJxzckD812EWMa5G; 1.482 date 2025.08.01.09.11.47; author nia; state Exp; branches; next 1.481; commitid nSZMNNV5H8Tqv05G; 1.481 date 2025.08.01.08.16.55; author jperkin; state Exp; branches; next 1.480; commitid q9mahtqkQ9FZb05G; 1.480 date 2025.07.30.19.36.13; author mrg; state Exp; branches; next 1.479; commitid lRGXIcsr0COw1O4G; 1.479 date 2025.07.29.18.46.07; author kikadf; state Exp; branches; next 1.478; commitid jSxTfXvbVNYQKF4G; 1.478 date 2025.07.28.20.06.32; author wiz; state Exp; branches; next 1.477; commitid 9k6HGmkqKhAQfy4G; 1.477 date 2025.07.24.08.27.31; author leot; state Exp; branches; next 1.476; commitid yqnc9mrwbq22wY3G; 1.476 date 2025.07.24.08.22.08; author leot; state Exp; branches; next 1.475; commitid LW4wz3YWHjljuY3G; 1.475 date 2025.07.22.09.47.18; author leot; state Exp; branches; next 1.474; commitid GpkxK0DZUdI90J3G; 1.474 date 2025.07.21.08.15.28; author leot; state Exp; branches; next 1.473; commitid pb8CJzJ9T78WxA3G; 1.473 date 2025.07.20.09.04.44; author leot; state Exp; branches; next 1.472; commitid B80ny8O2FbSNQs3G; 1.472 date 2025.07.20.07.43.58; author leot; state Exp; branches; next 1.471; commitid mWVpjTQDFDTaps3G; 1.471 date 2025.07.18.18.45.22; author wiz; state Exp; branches; next 1.470; commitid 0ViCEkXPhFEV7g3G; 1.470 date 2025.07.17.09.38.19; author leot; state Exp; branches; next 1.469; commitid ali3Hgg2dCsp853G; 1.469 date 2025.07.16.21.44.36; author wiz; state Exp; branches; next 1.468; commitid sOthD44zRuoqb13G; 1.468 date 2025.07.15.09.44.19; author leot; state Exp; branches; next 1.467; commitid uaUIh3DkE91seP2G; 1.467 date 2025.07.14.13.06.47; author leot; state Exp; branches; next 1.466; commitid 2VJL6GapDfBOnI2G; 1.466 date 2025.07.13.15.42.49; author taca; state Exp; branches; next 1.465; commitid QefZxK5kNdKphB2G; 1.465 date 2025.07.13.10.04.57; author leot; state Exp; branches; next 1.464; commitid YFsEPtSwyzIjpz2G; 1.464 date 2025.07.13.06.33.22; author kim; state Exp; branches; next 1.463; commitid k3RZwJdIU1bvey2G; 1.463 date 2025.07.12.18.10.01; author leot; state Exp; branches; next 1.462; commitid NjRObEdkMNHU7u2G; 1.462 date 2025.07.12.17.43.40; author leot; state Exp; branches; next 1.461; commitid 9a6V5W4T18WEYt2G; 1.461 date 2025.07.12.09.15.54; author wiz; state Exp; branches; next 1.460; commitid Im5azuR7avZvar2G; 1.460 date 2025.07.12.09.11.05; author wiz; state Exp; branches; next 1.459; commitid d5CGUw4ym6PT8r2G; 1.459 date 2025.07.11.07.20.23; author wiz; state Exp; branches; next 1.458; commitid D2ttbENypO7Syi2G; 1.458 date 2025.07.09.13.21.40; author wiz; state Exp; branches; next 1.457; commitid CPLR6DYWTZzQC42G; 1.457 date 2025.07.08.20.17.43; author wiz; state Exp; branches; next 1.456; commitid NN2b6th4GxZxXY1G; 1.456 date 2025.07.06.05.17.11; author wiz; state Exp; branches; next 1.455; commitid sfcAx3Tq2kbB2E1G; 1.455 date 2025.07.05.09.51.53; author wiz; state Exp; branches; next 1.454; commitid l1U5noCziR7QAx1G; 1.454 date 2025.07.04.01.45.53; author taca; state Exp; branches; next 1.453; commitid Ma4v6VDhSolvVm1G; 1.453 date 2025.07.03.04.52.22; author kim; state Exp; branches; next 1.452; commitid d6dzOthSlcn70g1G; 1.452 date 2025.07.01.17.34.35; author leot; state Exp; branches; next 1.451; commitid T4wUxF0gE2bAh41G; 1.451 date 2025.07.01.05.13.18; author kim; state Exp; branches; next 1.450; commitid tkJ1XEN7UI94b01G; 1.450 date 2025.06.29.09.16.45; author leot; state Exp; branches; next 1.449; commitid hcICtk0F7iTHAL0G; 1.449 date 2025.06.27.14.29.18; author leot; state Exp; branches; next 1.448; commitid oyA3TFyoQL04ox0G; 1.448 date 2025.06.27.14.15.40; author leot; state Exp; branches; next 1.447; commitid ggWmUTghgntnjx0G; 1.447 date 2025.06.23.21.20.19; author leot; state Exp; branches; next 1.446; commitid iEHdDgDAtyzTM30G; 1.446 date 2025.06.23.21.18.56; author leot; state Exp; branches; next 1.445; commitid pnqbUy2CsKqoM30G; 1.445 date 2025.06.22.19.46.16; author leot; state Exp; branches; next 1.444; commitid yUUbSvYYbSZCiVZF; 1.444 date 2025.06.22.16.52.33; author leot; state Exp; branches; next 1.443; commitid gPQMZcW1r7LSkUZF; 1.443 date 2025.06.22.14.58.30; author leot; state Exp; branches; next 1.442; commitid iaNeMCeX1PZWHTZF; 1.442 date 2025.06.22.13.58.04; author leot; state Exp; branches; next 1.441; commitid mlzK3tGIYIeenTZF; 1.441 date 2025.06.22.12.28.31; author leot; state Exp; branches; next 1.440; commitid GXHv0wDdgFHASSZF; 1.440 date 2025.06.22.12.17.25; author leot; state Exp; branches; next 1.439; commitid ptrHzQZoSorCOSZF; 1.439 date 2025.06.22.11.16.40; author kim; state Exp; branches; next 1.438; commitid Lm37k11qluRStSZF; 1.438 date 2025.06.22.09.19.06; author leot; state Exp; branches; next 1.437; commitid YTm5adUao0MxPRZF; 1.437 date 2025.06.22.06.35.11; author kim; state Exp; branches; next 1.436; commitid lV9Ay6PNLtSjVQZF; 1.436 date 2025.06.22.06.19.27; author kim; state Exp; branches; next 1.435; commitid BOgqFdTNHULJPQZF; 1.435 date 2025.06.21.17.07.33; author leot; state Exp; branches; next 1.434; commitid zzdpfMbu1zaesMZF; 1.434 date 2025.06.21.16.33.08; author leot; state Exp; branches; next 1.433; commitid ACJM7asTOSWqgMZF; 1.433 date 2025.06.21.15.41.12; author leot; state Exp; branches; next 1.432; commitid NhHEoQBEnjMAYLZF; 1.432 date 2025.06.21.15.33.56; author leot; state Exp; branches; next 1.431; commitid lgIOvxKqMAwYVLZF; 1.431 date 2025.06.21.12.00.04; author leot; state Exp; branches; next 1.430; commitid jrszibTmcN2NKKZF; 1.430 date 2025.06.20.19.51.21; author wiz; state Exp; branches; next 1.429; commitid X3e0p4KUPBwnoFZF; 1.429 date 2025.06.20.02.38.57; author markd; state Exp; branches; next 1.428; commitid mBvVR6iuEDq7GzZF; 1.428 date 2025.06.19.06.06.56; author wiz; state Exp; branches; next 1.427; commitid 9siq6A8hoVIuRsZF; 1.427 date 2025.06.18.13.44.44; author wiz; state Exp; branches; next 1.426; commitid ZQnJYjshwfdwqnZF; 1.426 date 2025.06.17.14.01.53; author leot; state Exp; branches; next 1.425; commitid AjEpIghYnRZwyfZF; 1.425 date 2025.06.17.13.44.43; author leot; state Exp; branches; next 1.424; commitid 3ipO2B9E3waGsfZF; 1.424 date 2025.06.17.10.44.12; author leot; state Exp; branches; next 1.423; commitid FNL0Zqdj1kcKseZF; 1.423 date 2025.06.17.06.28.15; author wiz; state Exp; branches; next 1.422; commitid PV5w9C7OnNyQ2dZF; 1.422 date 2025.06.17.06.24.33; author wiz; state Exp; branches; next 1.421; commitid FHi3vEq0vQHA1dZF; 1.421 date 2025.06.15.15.16.24; author wiz; state Exp; branches; next 1.420; commitid Rrk5I58xgavW10ZF; 1.420 date 2025.06.15.14.42.39; author wiz; state Exp; branches; next 1.419; commitid 6OeuMFCYQXOoQZYF; 1.419 date 2025.06.15.13.16.36; author wiz; state Exp; branches; next 1.418; commitid T3nX5JotY3zSmZYF; 1.418 date 2025.06.10.19.47.08; author kim; state Exp; branches; next 1.417; commitid 0MfAYqYa3QuNGnYF; 1.417 date 2025.06.10.19.45.22; author kim; state Exp; branches; next 1.416; commitid dLRNI0UMfGHbGnYF; 1.416 date 2025.06.10.19.43.02; author kim; state Exp; branches; next 1.415; commitid CiLUhDKXB5a3FnYF; 1.415 date 2025.06.10.19.28.41; author kim; state Exp; branches; next 1.414; commitid 23mZfgvSAIcBznYF; 1.414 date 2025.06.10.19.03.17; author kim; state Exp; branches; next 1.413; commitid jiaOSLnMpoSvrnYF; 1.413 date 2025.06.10.14.57.19; author wiz; state Exp; branches; next 1.412; commitid V2WLsxKZee4p5mYF; 1.412 date 2025.06.09.07.47.08; author leot; state Exp; branches; next 1.411; commitid rr7NH0XUYWLJJbYF; 1.411 date 2025.06.07.19.14.41; author bsiegert; state Exp; branches; next 1.410; commitid sXvR38tNX0pSBZXF; 1.410 date 2025.06.07.16.17.36; author leot; state Exp; branches; next 1.409; commitid HzsnvhSbjne5DYXF; 1.409 date 2025.06.07.13.33.24; author leot; state Exp; branches; next 1.408; commitid pUVuCQ4DbwjGIXXF; 1.408 date 2025.06.07.12.48.06; author leot; state Exp; branches; next 1.407; commitid utrhCzGUIzZbtXXF; 1.407 date 2025.06.07.12.43.16; author leot; state Exp; branches; next 1.406; commitid m2cLP8AgX2NsrXXF; 1.406 date 2025.06.07.12.40.37; author leot; state Exp; branches; next 1.405; commitid GsbYLRwbS0KyqXXF; 1.405 date 2025.06.06.07.52.17; author leot; state Exp; branches; next 1.404; commitid Jalad5AmHi0zRNXF; 1.404 date 2025.06.05.19.01.52; author wiz; state Exp; branches; next 1.403; commitid ULCw3kisoUBnBJXF; 1.403 date 2025.06.05.14.22.02; author leot; state Exp; branches; next 1.402; commitid V5Haul0QcPwq3IXF; 1.402 date 2025.06.04.21.07.46; author leot; state Exp; branches; next 1.401; commitid lq9vrlJSOF7vkCXF; 1.401 date 2025.06.04.21.06.33; author wiz; state Exp; branches; next 1.400; commitid DCfGxz4Re2Q3kCXF; 1.400 date 2025.06.04.14.28.22; author leot; state Exp; branches; next 1.399; commitid dGfSxPbHWsco7AXF; 1.399 date 2025.06.04.13.11.37; author leot; state Exp; branches; next 1.398; commitid WFgqE1b9PFpgHzXF; 1.398 date 2025.06.03.18.37.57; author leot; state Exp; branches; next 1.397; commitid zOAvKKP1VgZRwtXF; 1.397 date 2025.06.02.10.45.24; author leot; state Exp; branches; next 1.396; commitid VK34nTw1KFv5XiXF; 1.396 date 2025.06.02.08.38.53; author leot; state Exp; branches; next 1.395; commitid AAEym5eBKBvxfiXF; 1.395 date 2025.06.02.08.00.15; author wiz; state Exp; branches; next 1.394; commitid 0IqNb8yczFVi2iXF; 1.394 date 2025.06.01.13.42.57; author leot; state Exp; branches; next 1.393; commitid FCK1oDZAdePUXbXF; 1.393 date 2025.06.01.06.53.54; author wiz; state Exp; branches; next 1.392; commitid eVmmE8xnWnLyH9XF; 1.392 date 2025.05.31.19.26.01; author wiz; state Exp; branches; next 1.391; commitid lmJHIc2R2PbwT5XF; 1.391 date 2025.05.31.17.07.14; author leot; state Exp; branches; next 1.390; commitid g7LAvo4o3PR085XF; 1.390 date 2025.05.31.16.50.14; author leot; state Exp; branches; next 1.389; commitid vX414ijhBbWT15XF; 1.389 date 2025.05.29.21.08.48; author leot; state Exp; branches; next 1.388; commitid WlV1LyH50TXHwQWF; 1.388 date 2025.05.29.09.45.54; author leot; state Exp; branches; next 1.387; commitid c569rYc36F1DKMWF; 1.387 date 2025.05.29.08.58.30; author leot; state Exp; branches; next 1.386; commitid knB3b6FzXlgluMWF; 1.386 date 2025.05.29.08.47.33; author leot; state Exp; branches; next 1.385; commitid wg5BnIVEwqByqMWF; 1.385 date 2025.05.29.08.36.53; author leot; state Exp; branches; next 1.384; commitid 7LkeDZethsiNmMWF; 1.384 date 2025.05.29.08.18.55; author leot; state Exp; branches; next 1.383; commitid n7z0juLwlRGGgMWF; 1.383 date 2025.05.29.08.12.01; author leot; state Exp; branches; next 1.382; commitid 5U484hzwmpZ5eMWF; 1.382 date 2025.05.29.08.09.27; author leot; state Exp; branches; next 1.381; commitid BSuIayD4VYmydMWF; 1.381 date 2025.05.29.07.59.15; author kim; state Exp; branches; next 1.380; commitid fXOZy840RyOW9MWF; 1.380 date 2025.05.28.09.24.10; author wiz; state Exp; branches; next 1.379; commitid 67w8hWbwDwpVEEWF; 1.379 date 2025.05.26.12.50.36; author wiz; state Exp; branches; next 1.378; commitid AoiHLWavDa6URpWF; 1.378 date 2025.05.24.07.14.29; author kim; state Exp; branches; next 1.377; commitid 4P8nRyRfM7jT38WF; 1.377 date 2025.05.24.06.47.25; author kim; state Exp; branches; next 1.376; commitid NXB8SIy5x6JbU7WF; 1.376 date 2025.05.24.06.23.31; author wiz; state Exp; branches; next 1.375; commitid 0c8S9H9Ni5YYM7WF; 1.375 date 2025.05.23.14.51.39; author wiz; state Exp; branches; next 1.374; commitid EzDQO9D9xkMoD2WF; 1.374 date 2025.05.22.19.52.00; author rillig; state Exp; branches; next 1.373; commitid oJOLiTtEdKKrkWVF; 1.373 date 2025.05.21.15.08.49; author taca; state Exp; branches; next 1.372; commitid OVcS26pyTnI8NMVF; 1.372 date 2025.05.18.01.50.09; author markd; state Exp; branches; next 1.371; commitid QXVJsqI8cLdKskVF; 1.371 date 2025.05.16.16.13.45; author wiz; state Exp; branches; next 1.370; commitid o5tTJqJfgnZwj9VF; 1.370 date 2025.05.16.16.09.13; author wiz; state Exp; branches; next 1.369; commitid JjZjiQUCjIbXh9VF; 1.369 date 2025.05.16.05.43.13; author wiz; state Exp; branches; next 1.368; commitid qRB3CWZetep9P5VF; 1.368 date 2025.05.15.06.31.18; author wiz; state Exp; branches; next 1.367; commitid Ng0yJ5EtBMUE7YUF; 1.367 date 2025.05.13.20.47.39; author leot; state Exp; branches; next 1.366; commitid yOe5OeibqQttVMUF; 1.366 date 2025.05.13.05.52.54; author wiz; state Exp; branches; next 1.365; commitid Ic4TMIxUpYQtYHUF; 1.365 date 2025.05.13.05.50.03; author wiz; state Exp; branches; next 1.364; commitid 7AN6Z4lJLPmtXHUF; 1.364 date 2025.05.12.17.22.41; author wiz; state Exp; branches; next 1.363; commitid mvATIImTbZy8PDUF; 1.363 date 2025.05.12.16.05.52; author leot; state Exp; branches; next 1.362; commitid B5wBmTl3BPvHoDUF; 1.362 date 2025.05.12.15.49.44; author wiz; state Exp; branches; next 1.361; commitid wZXKRz0Iw5CcjDUF; 1.361 date 2025.05.09.17.55.11; author wiz; state Exp; branches; next 1.360; commitid OvIzRYZLDDRh6gUF; 1.360 date 2025.05.08.08.56.37; author leot; state Exp; branches; next 1.359; commitid ex3irzvrgccn95UF; 1.359 date 2025.05.07.15.30.10; author wiz; state Exp; branches; next 1.358; commitid 9Mspy3q9sAWqmZTF; 1.358 date 2025.05.04.11.20.27; author nia; state Exp; branches; next 1.357; commitid akd0b7iThe4V4ATF; 1.357 date 2025.05.04.11.05.29; author nia; state Exp; branches; next 1.356; commitid 5JQOijkrdkIBZzTF; 1.356 date 2025.05.04.11.02.59; author nia; state Exp; branches; next 1.355; commitid aUNhsn8XbTDTYzTF; 1.355 date 2025.05.03.20.18.12; author jschauma; state Exp; branches; next 1.354; commitid S2Ty90OU03S64vTF; 1.354 date 2025.04.30.17.36.48; author wiz; state Exp; branches; next 1.353; commitid M9wsKdLYdTmSh6TF; 1.353 date 2025.04.27.06.23.16; author wiz; state Exp; branches; next 1.352; commitid 2PZZ9IuSgTUOEESF; 1.352 date 2025.04.24.10.14.52; author wiz; state Exp; branches; next 1.351; commitid hU2nMTIMYB5c2iSF; 1.351 date 2025.04.22.10.27.09; author wiz; state Exp; branches; next 1.350; commitid YgDc6NWVluYpa2SF; 1.350 date 2025.04.18.20.07.44; author wiz; state Exp; branches; next 1.349; commitid TeiHHOnExVcBvzRF; 1.349 date 2025.04.18.19.10.43; author wiz; state Exp; branches; next 1.348; commitid 6s3FndEQEwJWbzRF; 1.348 date 2025.04.18.04.41.06; author wiz; state Exp; branches; next 1.347; commitid CvrmKLYlpweJnuRF; 1.347 date 2025.04.17.17.01.21; author wiz; state Exp; branches; next 1.346; commitid 23AkS5jO3mbCvqRF; 1.346 date 2025.04.14.05.28.00; author wiz; state Exp; branches; next 1.345; commitid PwQ5cyQlYlnKLYQF; 1.345 date 2025.04.08.14.02.00; author wiz; state Exp; branches; next 1.344; commitid CkDMOwEaoss0OfQF; 1.344 date 2025.04.07.15.05.25; author wiz; state Exp; branches; next 1.343; commitid 8SDwSsE1NERIb8QF; 1.343 date 2025.04.07.14.15.37; author wiz; state Exp; branches; next 1.342; commitid AgnnvTWDvUTHU7QF; 1.342 date 2025.04.04.20.29.41; author wiz; state Exp; branches; next 1.341; commitid MdMnLsrtvUZ15MPF; 1.341 date 2025.04.03.07.46.15; author wiz; state Exp; branches; next 1.340; commitid cqZDdePpD639TzPF; 1.340 date 2025.04.02.17.16.48; author wiz; state Exp; branches; next 1.339; commitid bTAjmG9YJP1Q4vPF; 1.339 date 2025.03.30.14.29.31; author wiz; state Exp; branches; next 1.338; commitid j1hVjOFcut8rf6PF; 1.338 date 2025.03.30.14.23.37; author vins; state Exp; branches; next 1.337; commitid hqj1O16DdaHgd6PF; 1.337 date 2025.03.26.23.29.58; author wiz; state Exp; branches; next 1.336; commitid ZfjVNFQ6JD9MmDOF; 1.336 date 2025.03.26.18.32.36; author wiz; state Exp; branches; next 1.335; commitid JfO04q0eZDaRIBOF; 1.335 date 2025.03.21.20.12.31; author wiz; state Exp; branches; next 1.334; commitid PNwZPkwHdsg6rYNF; 1.334 date 2025.03.21.09.14.22; author wiz; state Exp; branches; next 1.333; commitid HVI8SS1ClW3dNUNF; 1.333 date 2025.03.17.07.22.17; author wiz; state Exp; branches; next 1.332; commitid 6V6epmy2Fe8yioNF; 1.332 date 2025.03.16.15.18.00; author morr; state Exp; branches; next 1.331; commitid 2wgblIaiOOF4YiNF; 1.331 date 2025.03.14.18.58.57; author wiz; state Exp; branches; next 1.330; commitid IFqTAn4dlAhKf4NF; 1.330 date 2025.03.13.08.03.35; author wiz; state Exp; branches; next 1.329; commitid wBpUxKRNHNjTESMF; 1.329 date 2025.03.10.15.48.22; author wiz; state Exp; branches; next 1.328; commitid 0VrzIDzTAD6pkxMF; 1.328 date 2025.03.10.13.57.53; author wiz; state Exp; branches; next 1.327; commitid 14iNW0bzaiQmIwMF; 1.327 date 2025.03.05.16.59.37; author morr; state Exp; branches; next 1.326; commitid L3G4UGIIvzbRSTLF; 1.326 date 2025.02.27.10.59.53; author nia; state Exp; branches; next 1.325; commitid V1xVYqBalgDi56LF; 1.325 date 2025.02.26.12.20.56; author nia; state Exp; branches; next 1.324; commitid kovprXhoL969zYKF; 1.324 date 2025.02.26.11.59.15; author nia; state Exp; branches; next 1.323; commitid WTFCuOjCBzZFrYKF; 1.323 date 2025.02.26.11.52.29; author nia; state Exp; branches; next 1.322; commitid gmoxygMnW8Y6pYKF; 1.322 date 2025.02.26.11.45.06; author nia; state Exp; branches; next 1.321; commitid 7u4v7C1gYE2TmYKF; 1.321 date 2025.02.26.09.47.07; author nia; state Exp; branches; next 1.320; commitid 4iDWfI2nLhXrIXKF; 1.320 date 2025.02.25.19.53.17; author wiz; state Exp; branches; next 1.319; commitid sjjuI9gZ3oIg6TKF; 1.319 date 2025.02.23.11.24.45; author wiz; state Exp; branches; next 1.318; commitid knit34cESPxLlAKF; 1.318 date 2025.02.22.16.18.09; author taca; state Exp; branches; next 1.317; commitid U1Be8Ee1iNUx0uKF; 1.317 date 2025.02.21.21.46.47; author wiz; state Exp; branches; next 1.316; commitid OFTeNf4bQi7bRnKF; 1.316 date 2025.02.21.21.40.08; author wiz; state Exp; branches; next 1.315; commitid ap5muZ049m0TOnKF; 1.315 date 2025.02.19.10.22.33; author wiz; state Exp; branches; next 1.314; commitid TzV0vW6kAhiq84KF; 1.314 date 2025.02.18.21.49.49; author morr; state Exp; branches; next 1.313; commitid Uv3SHbvX4TJjYZJF; 1.313 date 2025.02.18.16.47.52; author nia; state Exp; branches; next 1.312; commitid sCHKiOGEq3KAiYJF; 1.312 date 2025.02.17.15.47.14; author nia; state Exp; branches; next 1.311; commitid TRqDhZaHzDCRZPJF; 1.311 date 2025.02.17.15.35.28; author nia; state Exp; branches; next 1.310; commitid OcjGg5UocUULVPJF; 1.310 date 2025.02.17.09.28.20; author nia; state Exp; branches; next 1.309; commitid DlpdnEVNfynWTNJF; 1.309 date 2025.02.17.09.12.40; author nia; state Exp; branches; next 1.308; commitid jGzXe5J24IinONJF; 1.308 date 2025.02.17.09.07.51; author nia; state Exp; branches; next 1.307; commitid N5u1dd4jCbHNMNJF; 1.307 date 2025.02.16.22.41.13; author wiz; state Exp; branches; next 1.306; commitid mCiV8hHgewVIjKJF; 1.306 date 2025.02.12.21.10.22; author rillig; state Exp; branches; next 1.305; commitid XUVg96NMoLmFWdJF; 1.305 date 2025.02.12.18.27.49; author rillig; state Exp; branches; next 1.304; commitid lVPKaFl6eD0N2dJF; 1.304 date 2025.02.12.09.18.18; author jperkin; state Exp; branches; next 1.303; commitid VJK0tlbMhPSi0aJF; 1.303 date 2025.02.11.21.28.54; author wiz; state Exp; branches; next 1.302; commitid Tov1pPGAbUIZ46JF; 1.302 date 2025.02.09.22.15.43; author rillig; state Exp; branches; next 1.301; commitid iCkYWNNFSxKKoQIF; 1.301 date 2025.02.09.20.33.16; author rillig; state Exp; branches; next 1.300; commitid wWTcUZZ3azrONPIF; 1.300 date 2025.02.06.18.39.14; author wiz; state Exp; branches; next 1.299; commitid tzYoiyaNedBMirIF; 1.299 date 2025.02.02.09.36.33; author taca; state Exp; branches; next 1.298; commitid 1zbf52EDHjixqSHF; 1.298 date 2025.01.29.15.32.47; author taca; state Exp; branches; next 1.297; commitid ol1EMj7IzxpOwoHF; 1.297 date 2025.01.27.23.12.15; author morr; state Exp; branches; next 1.296; commitid BpmNJl2NwGjr8bHF; 1.296 date 2025.01.22.22.28.33; author rillig; state Exp; branches; next 1.295; commitid cIyjL93kEHkT2xGF; 1.295 date 2025.01.15.12.28.39; author wiz; state Exp; branches; next 1.294; commitid bDTkOCXzhkAqXzFF; 1.294 date 2025.01.14.20.42.02; author wiz; state Exp; branches; next 1.293; commitid jSy4PVGB5IVEIuFF; 1.293 date 2025.01.14.13.26.59; author wiz; state Exp; branches; next 1.292; commitid 9CRFKwyOndlrjsFF; 1.292 date 2025.01.12.01.01.55; author morr; state Exp; branches; next 1.291; commitid jDWMAiQZD6rWf8FF; 1.291 date 2024.12.22.21.03.13; author wiz; state Exp; branches; next 1.290; commitid G1PEguylRf7QzxCF; 1.290 date 2024.12.20.10.27.01; author wiz; state Exp; branches; next 1.289; commitid nT0HVj5bM4Sx7eCF; 1.289 date 2024.12.18.21.36.40; author jschauma; state Exp; branches; next 1.288; commitid pwUCTTqJRAi7T1CF; 1.288 date 2024.12.16.18.33.59; author prlw1; state Exp; branches; next 1.287; commitid Iq2cm7e35CByWKBF; 1.287 date 2024.12.16.18.30.08; author prlw1; state Exp; branches; next 1.286; commitid LlZLmz8jJB2iVKBF; 1.286 date 2024.12.16.18.17.23; author prlw1; state Exp; branches; next 1.285; commitid R2PjsyB0bqBrQKBF; 1.285 date 2024.12.13.22.06.35; author wiz; state Exp; branches; next 1.284; commitid 8fP3vw0RngkudoBF; 1.284 date 2024.12.11.09.43.45; author wiz; state Exp; branches; next 1.283; commitid gBBgY8b8LRQHa4BF; 1.283 date 2024.12.07.06.53.52; author wiz; state Exp; branches; next 1.282; commitid AL3QE9Vxu62lmxAF; 1.282 date 2024.12.05.08.04.38; author wiz; state Exp; branches; next 1.281; commitid gdkCdM1U24ECOhAF; 1.281 date 2024.11.28.08.31.24; author wiz; state Exp; branches; next 1.280; commitid ObRzcRZgOA0KbozF; 1.280 date 2024.11.25.12.02.28; author leot; state Exp; branches; next 1.279; commitid yQeOf7w6gdFKr1zF; 1.279 date 2024.11.23.08.28.44; author wiz; state Exp; branches; next 1.278; commitid ltCVvQ5Uw8COkKyF; 1.278 date 2024.11.18.23.01.27; author wiz; state Exp; branches; next 1.277; commitid QtGZx4ihPHi8kbyF; 1.277 date 2024.11.16.11.58.12; author wiz; state Exp; branches; next 1.276; commitid WHO4BJJFucuyIRxF; 1.276 date 2024.11.16.08.50.48; author wiz; state Exp; branches; next 1.275; commitid 9Dx6nI3hRV5fGQxF; 1.275 date 2024.11.15.18.05.32; author jakllsch; state Exp; branches; next 1.274; commitid C5MCRYZQHngkMLxF; 1.274 date 2024.11.12.23.16.37; author wiz; state Exp; branches; next 1.273; commitid KRbuTqPcxv0hBpxF; 1.273 date 2024.11.10.08.30.25; author wiz; state Exp; branches; next 1.272; commitid bJa8zDP76QwiL4xF; 1.272 date 2024.11.06.08.20.32; author wiz; state Exp; branches; next 1.271; commitid IGOdcH1VsndQPywF; 1.271 date 2024.10.31.11.02.38; author wiz; state Exp; branches; next 1.270; commitid InpzCYVrUvxsVNvF; 1.270 date 2024.10.29.20.52.03; author wiz; state Exp; branches; next 1.269; commitid 4aArtZq7rkXCfBvF; 1.269 date 2024.10.27.16.52.09; author thor; state Exp; branches; next 1.268; commitid ALz32dvE48MeZjvF; 1.268 date 2024.10.20.21.06.20; author wiz; state Exp; branches; next 1.267; commitid VhgfrGqWAzBsCruF; 1.267 date 2024.10.10.21.48.26; author wiz; state Exp; branches; next 1.266; commitid 5LgbB4fcl9SNaatF; 1.266 date 2024.10.09.20.23.35; author wiz; state Exp; branches; next 1.265; commitid F4KvyORQYA8JJ1tF; 1.265 date 2024.10.07.19.01.19; author wiz; state Exp; branches; next 1.264; commitid Cr0Lu5X6XW6tlLsF; 1.264 date 2024.10.03.20.17.10; author he; state Exp; branches; next 1.263; commitid vG5FfkH115LeTfsF; 1.263 date 2024.09.27.07.09.23; author wiz; state Exp; branches; next 1.262; commitid 8Mdywe7LbTnaJprF; 1.262 date 2024.09.26.10.35.12; author wiz; state Exp; branches; next 1.261; commitid VGF3rKH0DF0LTirF; 1.261 date 2024.09.25.14.35.10; author wiz; state Exp; branches; next 1.260; commitid RfZMktxyEWp3gcrF; 1.260 date 2024.09.11.21.27.29; author wiz; state Exp; branches; next 1.259; commitid qwQH3BuwrmimZqpF; 1.259 date 2024.09.11.06.07.22; author wiz; state Exp; branches; next 1.258; commitid KEwvPuTy5fyLTlpF; 1.258 date 2024.09.10.11.28.08; author spz; state Exp; branches; next 1.257; commitid mQHxZKCJvN0OFfpF; 1.257 date 2024.09.10.07.55.14; author wiz; state Exp; branches; next 1.256; commitid RHgv8Spy9NxIwepF; 1.256 date 2024.09.09.20.24.57; author wiz; state Exp; branches; next 1.255; commitid 07saU1yBsgQVHapF; 1.255 date 2024.09.06.08.49.32; author wiz; state Exp; branches; next 1.254; commitid IsnbEzdUheDoXIoF; 1.254 date 2024.09.03.18.33.51; author morr; state Exp; branches; next 1.253; commitid kMKrkxKMzcMShooF; 1.253 date 2024.08.26.20.13.42; author wiz; state Exp; branches; next 1.252; commitid IkHZA6uMt4B06nnF; 1.252 date 2024.08.26.17.02.01; author wiz; state Exp; branches; next 1.251; commitid 9iRHoaltYGVb2mnF; 1.251 date 2024.08.23.08.28.01; author wiz; state Exp; branches; next 1.250; commitid PVV6gUYZIJ7UhVmF; 1.250 date 2024.08.23.07.15.07; author wiz; state Exp; branches; next 1.249; commitid RLejl6Fyg6LTSUmF; 1.249 date 2024.08.19.21.11.01; author wiz; state Exp; branches; next 1.248; commitid xmRchoDCcmqFDtmF; 1.248 date 2024.08.17.04.49.31; author wiz; state Exp; branches; next 1.247; commitid X2d0i4sv9J0Qg8mF; 1.247 date 2024.08.16.18.16.03; author wiz; state Exp; branches; next 1.246; commitid u0gHDmJuKlszL4mF; 1.246 date 2024.08.15.22.33.53; author wiz; state Exp; branches; next 1.245; commitid WAcbMgGQJhC2eYlF; 1.245 date 2024.08.13.14.37.31; author wiz; state Exp; branches; next 1.244; commitid gMoc8gCDJrVAEFlF; 1.244 date 2024.08.12.13.04.05; author wiz; state Exp; branches; next 1.243; commitid H6g8VCdYQipxaxlF; 1.243 date 2024.08.07.22.35.45; author nia; state Exp; branches; next 1.242; commitid hWyQ26MeecNDuWkF; 1.242 date 2024.08.07.22.29.01; author nia; state Exp; branches; next 1.241; commitid ilnreiajsuEdsWkF; 1.241 date 2024.08.06.15.10.10; author nia; state Exp; branches; next 1.240; commitid aznz8fznmQ2L3MkF; 1.240 date 2024.08.06.15.07.17; author nia; state Exp; branches; next 1.239; commitid 76D2dJ06IfYO2MkF; 1.239 date 2024.08.06.15.06.59; author wiz; state Exp; branches; next 1.238; commitid n3Hp1UVrmd6t2MkF; 1.238 date 2024.08.06.14.44.53; author nia; state Exp; branches; next 1.237; commitid woMciAJQ9CwMULkF; 1.237 date 2024.08.06.14.41.23; author nia; state Exp; branches; next 1.236; commitid mcvpOpoSCBcVTLkF; 1.236 date 2024.08.05.06.37.07; author wiz; state Exp; branches; next 1.235; commitid cIPTtw7YzYOGfBkF; 1.235 date 2024.08.02.22.37.32; author morr; state Exp; branches; next 1.234; commitid BAIkjiSmpwucFikF; 1.234 date 2024.07.31.08.09.00; author wiz; state Exp; branches; next 1.233; commitid SuiemYKdL7RbVXjF; 1.233 date 2024.07.27.21.04.33; author wiz; state Exp; branches; next 1.232; commitid f7jLJLIBxJMWkwjF; 1.232 date 2024.07.27.06.08.17; author wiz; state Exp; branches; next 1.231; commitid SD0c2o86TNPHnrjF; 1.231 date 2024.07.26.21.03.55; author wiz; state Exp; branches; next 1.230; commitid eB2dVc8vpbGZmojF; 1.230 date 2024.07.26.14.15.14; author wiz; state Exp; branches; next 1.229; commitid VVo9OUs6uzSI6mjF; 1.229 date 2024.07.25.06.27.11; author wiz; state Exp; branches; next 1.228; commitid jSW5t6ayliJ4ybjF; 1.228 date 2024.07.24.07.30.12; author wiz; state Exp; branches; next 1.227; commitid 57q4TsKVIZlLV3jF; 1.227 date 2024.07.23.06.04.37; author wiz; state Exp; branches; next 1.226; commitid BSvMSVjkdj6uuViF; 1.226 date 2024.07.22.06.24.18; author adam; state Exp; branches; next 1.225; commitid WOZWGpqsOMRiDNiF; 1.225 date 2024.07.19.05.53.56; author wiz; state Exp; branches; next 1.224; commitid TQxzR3E8unXFypiF; 1.224 date 2024.07.17.18.59.45; author wiz; state Exp; branches; next 1.223; commitid TT0Z4ZOAXBhlYdiF; 1.223 date 2024.07.17.12.17.08; author wiz; state Exp; branches; next 1.222; commitid lpnK4ouhowZbKbiF; 1.222 date 2024.07.15.06.10.51; author wiz; state Exp; branches; next 1.221; commitid vSSih5R0IjWzMThF; 1.221 date 2024.07.15.06.06.01; author wiz; state Exp; branches; next 1.220; commitid xBMWz8EcPgQTKThF; 1.220 date 2024.07.14.12.59.10; author wiz; state Exp; branches; next 1.219; commitid bLhOCc0I3jaC4OhF; 1.219 date 2024.07.14.06.16.33; author wiz; state Exp; branches; next 1.218; commitid Deaq2l3un7ovQLhF; 1.218 date 2024.07.12.07.09.03; author adam; state Exp; branches; next 1.217; commitid qkod3VtVCc8BcwhF; 1.217 date 2024.07.10.06.15.28; author wiz; state Exp; branches; next 1.216; commitid 1jV7YgqIEu22YfhF; 1.216 date 2024.07.08.03.38.52; author jnemeth; state Exp; branches; next 1.215; commitid b4pscwwMQPWsaZgF; 1.215 date 2024.07.04.06.35.01; author wiz; state Exp; branches; next 1.214; commitid eIOLQ0GmbBgMgugF; 1.214 date 2024.07.02.20.22.56; author adam; state Exp; branches; next 1.213; commitid o1ZMnaIMFkmSUigF; 1.213 date 2024.06.28.18.59.47; author wiz; state Exp; branches; next 1.212; commitid VYFugWSkQKpbAMfF; 1.212 date 2024.06.25.06.14.02; author wiz; state Exp; branches; next 1.211; commitid SvpFIp5RWu4xrkfF; 1.211 date 2024.06.24.12.26.31; author gdt; state Exp; branches; next 1.210; commitid sSDl4k2CJG8nxefF; 1.210 date 2024.06.22.12.52.25; author kim; state Exp; branches; next 1.209; commitid YT62e3qH8c4oJYeF; 1.209 date 2024.06.18.06.50.04; author wiz; state Exp; branches; next 1.208; commitid 9RIVGb3JjWoKRqeF; 1.208 date 2024.06.17.18.56.34; author adam; state Exp; branches; next 1.207; commitid JU5O4rGqkAz8VmeF; 1.207 date 2024.06.11.06.08.04; author wiz; state Exp; branches; next 1.206; commitid XHwGJfwb9Ig9RwdF; 1.206 date 2024.06.09.18.32.17; author wiz; state Exp; branches; next 1.205; commitid EEnz4PsnHAUF2ldF; 1.205 date 2024.06.07.06.49.54; author wiz; state Exp; branches; next 1.204; commitid lyjmEnBIjHtDd1dF; 1.204 date 2024.06.06.07.46.05; author wiz; state Exp; branches; next 1.203; commitid uu9ymKcZ1XJUyTcF; 1.203 date 2024.06.05.12.16.55; author wiz; state Exp; branches; next 1.202; commitid gHzRFOiL316O5NcF; 1.202 date 2024.05.23.10.52.37; author wiz; state Exp; branches; next 1.201; commitid X7pbDMiy0m5R27bF; 1.201 date 2024.05.23.10.09.16; author tm; state Exp; branches; next 1.200; commitid Fmd9uwuoo3dKN6bF; 1.200 date 2024.05.22.11.47.41; author wiz; state Exp; branches; next 1.199; commitid nipg6WAIO5sLnZaF; 1.199 date 2024.05.19.11.59.02; author wiz; state Exp; branches; next 1.198; commitid vOiwP8fYPzNBxBaF; 1.198 date 2024.05.15.13.13.19; author wiz; state Exp; branches; next 1.197; commitid kCD4OkstMZo256aF; 1.197 date 2024.05.15.08.18.54; author wiz; state Exp; branches; next 1.196; commitid 6CbwDmBhhDRWr4aF; 1.196 date 2024.05.15.07.53.36; author wiz; state Exp; branches; next 1.195; commitid S7bZ7MlExA3qj4aF; 1.195 date 2024.05.14.23.06.15; author wiz; state Exp; branches; next 1.194; commitid rUIXP8Mm6aDuo1aF; 1.194 date 2024.05.11.13.07.13; author morr; state Exp; branches; next 1.193; commitid DhhXRuzeT911bA9F; 1.193 date 2024.05.09.08.57.23; author wiz; state Exp; branches; next 1.192; commitid 0UJz9m6WkDBdRi9F; 1.192 date 2024.05.09.06.48.37; author wiz; state Exp; branches; next 1.191; commitid ljR236C5gjxX8i9F; 1.191 date 2024.05.09.06.41.48; author wiz; state Exp; branches; next 1.190; commitid ulglagakVsiC6i9F; 1.190 date 2024.05.08.21.49.11; author khorben; state Exp; branches; next 1.189; commitid RSAb2Men4wIY9f9F; 1.189 date 2024.05.08.11.19.51; author he; state Exp; branches; next 1.188; commitid EH9BhckNaywtFb9F; 1.188 date 2024.05.07.11.07.14; author wiz; state Exp; branches; next 1.187; commitid nSJGKQ8c2kwJD39F; 1.187 date 2024.05.06.05.49.59; author wiz; state Exp; branches; next 1.186; commitid dk3KynlQleXUUT8F; 1.186 date 2024.05.05.07.32.19; author wiz; state Exp; branches; next 1.185; commitid MN9UMgaemtfZvM8F; 1.185 date 2024.05.03.06.00.22; author wiz; state Exp; branches; next 1.184; commitid KoQf6k25A9In4w8F; 1.184 date 2024.05.02.14.51.53; author wiz; state Exp; branches; next 1.183; commitid 2LkQERFsOQUL2r8F; 1.183 date 2024.04.29.21.31.42; author wiz; state Exp; branches; next 1.182; commitid z0rOIZhr19FUl58F; 1.182 date 2024.04.29.06.06.11; author wiz; state Exp; branches; next 1.181; commitid 5u0JZsVHPXmoe08F; 1.181 date 2024.04.27.06.10.26; author wiz; state Exp; branches; next 1.180; commitid 74CqDzxyxjeDjK7F; 1.180 date 2024.04.25.15.14.49; author taca; state Exp; branches; next 1.179; commitid AXE281IyHNzEox7F; 1.179 date 2024.04.25.07.24.08; author wiz; state Exp; branches; next 1.178; commitid yUfP47gAvEz4Nu7F; 1.178 date 2024.04.23.12.12.07; author wiz; state Exp; branches; next 1.177; commitid kfRRSgrSoW9Org7F; 1.177 date 2024.04.23.07.16.08; author wiz; state Exp; branches; next 1.176; commitid 8yo3BInLRwDhOe7F; 1.176 date 2024.04.21.06.54.04; author wiz; state Exp; branches; next 1.175; commitid siD6J8JoIsTMKY6F; 1.175 date 2024.04.19.05.58.51; author wiz; state Exp; branches; next 1.174; commitid rxeiuYrNeizNvI6F; 1.174 date 2024.04.15.22.12.14; author wiz; state Exp; branches; next 1.173; commitid uSrUikbDLUnK1i6F; 1.173 date 2024.04.13.08.14.24; author wiz; state Exp; branches; next 1.172; commitid aycJeFrwxCRisX5F; 1.172 date 2024.04.13.03.12.37; author taca; state Exp; branches; next 1.171; commitid FKGtZxGWrmDCMV5F; 1.171 date 2024.04.13.03.10.35; author taca; state Exp; branches; next 1.170; commitid rgQp0hv6hNfuLV5F; 1.170 date 2024.04.12.07.28.33; author wiz; state Exp; branches; next 1.169; commitid LYrg3EtbopMpeP5F; 1.169 date 2024.04.11.06.46.19; author wiz; state Exp; branches; next 1.168; commitid jejdZvqVA5M42H5F; 1.168 date 2024.04.10.19.49.30; author nia; state Exp; branches; next 1.167; commitid dKtq5sRyQ95IoD5F; 1.167 date 2024.04.10.07.27.00; author wiz; state Exp; branches; next 1.166; commitid w8puIeOOQqr2iz5F; 1.166 date 2024.04.08.06.31.39; author wiz; state Exp; branches; next 1.165; commitid VK1RyXr3R1M13j5F; 1.165 date 2024.04.08.06.21.05; author wiz; state Exp; branches; next 1.164; commitid 8ZJuLvbT4KyoZi5F; 1.164 date 2024.04.08.06.06.36; author wiz; state Exp; branches; next 1.163; commitid gwODe3dclkHqUi5F; 1.163 date 2024.04.07.21.36.33; author wiz; state Exp; branches; next 1.162; commitid Lh21P3oIbkWq5g5F; 1.162 date 2024.04.07.14.00.53; author taca; state Exp; branches; next 1.161; commitid EhbgHHzlEuMNyd5F; 1.161 date 2024.04.05.20.11.27; author wiz; state Exp; branches; next 1.160; commitid 74o2MWEfCzocGZ4F; 1.160 date 2024.04.05.07.02.57; author wiz; state Exp; branches; next 1.159; commitid 9y9hYAhBGPmJjV4F; 1.159 date 2024.04.03.21.01.03; author wiz; state Exp; branches; next 1.158; commitid VKDdkVIeyrAe1K4F; 1.158 date 2024.04.03.19.23.02; author rhialto; state Exp; branches; next 1.157; commitid 3AJgQocKmoOxtJ4F; 1.157 date 2024.03.29.18.22.44; author wiz; state Exp; branches; next 1.156; commitid VYQltq0t1NvTi54F; 1.156 date 2024.03.29.18.13.24; author wiz; state Exp; branches; next 1.155; commitid uncgGcMyFuBIf54F; 1.155 date 2024.03.27.13.33.34; author wiz; state Exp; branches; next 1.154; commitid 9yB5e7OqYkLCLN3F; 1.154 date 2024.03.25.03.09.27; author jnemeth; state Exp; branches; next 1.153; commitid lbblN9Rj7IGCnu3F; 1.153 date 2024.03.23.15.16.59; author taca; state Exp; branches; next 1.152; commitid BDS584qvqTpati3F; 1.152 date 2024.03.23.14.50.53; author taca; state Exp; branches; next 1.151; commitid xlKetWTtIHI5ki3F; 1.151 date 2024.03.23.14.30.25; author taca; state Exp; branches; next 1.150; commitid o1fMQEDaQsX3di3F; 1.150 date 2024.03.22.20.14.03; author wiz; state Exp; branches; next 1.149; commitid g60pI8cRyzjY8c3F; 1.149 date 2024.03.21.09.01.30; author wiz; state Exp; branches; next 1.148; commitid qyuIZ4NPKUJds03F; 1.148 date 2024.03.14.09.16.29; author wiz; state Exp; branches; next 1.147; commitid xgFOptRMzPioL62F; 1.147 date 2024.03.09.20.19.47; author wiz; state Exp; branches; next 1.146; commitid TM9bPdw1clPPAw1F; 1.146 date 2024.03.05.01.02.00; author joerg; state Exp; branches; next 1.145; commitid IQ6FDPMOLkZFjU0F; 1.145 date 2024.03.04.13.56.42; author wiz; state Exp; branches; next 1.144; commitid ox0P5DPzrpEnDQ0F; 1.144 date 2024.03.03.12.55.49; author wiz; state Exp; branches; next 1.143; commitid 7dGIG8h6UdplkI0F; 1.143 date 2024.02.27.13.37.50; author tm; state Exp; branches; next 1.142; commitid lbWNSREKFokPI40F; 1.142 date 2024.02.24.15.06.38; author taca; state Exp; branches; next 1.141; commitid yNuL0g2Xm18qjHZE; 1.141 date 2024.02.24.15.05.22; author taca; state Exp; branches; next 1.140; commitid nRHCD9nhEGHYiHZE; 1.140 date 2024.02.24.15.03.48; author taca; state Exp; branches; next 1.139; commitid ibyppC9AxOGriHZE; 1.139 date 2024.02.24.15.02.49; author taca; state Exp; branches; next 1.138; commitid jIaEhzlsmMg7iHZE; 1.138 date 2024.02.24.15.01.53; author taca; state Exp; branches; next 1.137; commitid VhlFA44L4yOLhHZE; 1.137 date 2024.02.24.15.00.58; author taca; state Exp; branches; next 1.136; commitid hmaAikZxgiFthHZE; 1.136 date 2024.02.23.12.59.46; author wiz; state Exp; branches; next 1.135; commitid XYvYMen21cKODyZE; 1.135 date 2024.02.21.08.02.28; author wiz; state Exp; branches; next 1.134; commitid 0OcRBry0vZWQ3hZE; 1.134 date 2024.02.19.10.23.37; author wiz; state Exp; branches; next 1.133; commitid 9RqZ9JeBDdedU1ZE; 1.133 date 2024.02.19.09.26.04; author leot; state Exp; branches; next 1.132; commitid bEpZjnn8WF5Hz1ZE; 1.132 date 2024.02.17.13.51.03; author wiz; state Exp; branches; next 1.131; commitid VThm6nnyAC2p7NYE; 1.131 date 2024.02.17.13.27.26; author wiz; state Exp; branches; next 1.130; commitid PyRG7gV37FtjZMYE; 1.130 date 2024.02.15.22.47.21; author wiz; state Exp; branches; next 1.129; commitid JTEsQaVlwOCk9AYE; 1.129 date 2024.02.14.15.48.12; author wiz; state Exp; branches; next 1.128; commitid HOB0UFHGxSjxRpYE; 1.128 date 2024.02.13.22.25.11; author wiz; state Exp; branches; next 1.127; commitid R3FOpBMY7AFH5kYE; 1.127 date 2024.02.13.15.24.30; author taca; state Exp; branches; next 1.126; commitid 3RiBiTTvCD3tLhYE; 1.126 date 2024.02.13.14.13.37; author taca; state Exp; branches; next 1.125; commitid Ro79YbraKMk8nhYE; 1.125 date 2024.02.13.13.59.36; author he; state Exp; branches; next 1.124; commitid aLxdmnlBfmJBhhYE; 1.124 date 2024.02.12.08.54.31; author wiz; state Exp; branches; next 1.123; commitid AbVx1KDA3lOwD7YE; 1.123 date 2024.02.12.04.35.57; author jnemeth; state Exp; branches; next 1.122; commitid UweWmWHKeci0d6YE; 1.122 date 2024.02.11.10.07.10; author wiz; state Exp; branches; next 1.121; commitid sWfufGJwbzDu40YE; 1.121 date 2024.02.09.20.31.43; author wiz; state Exp; branches; next 1.120; commitid Sd1uh2StJOtJANXE; 1.120 date 2024.02.09.06.59.03; author wiz; state Exp; branches; next 1.119; commitid 9cS4N3DhFZRR5JXE; 1.119 date 2024.02.09.03.02.21; author wiz; state Exp; branches; next 1.118; commitid iIhTKdfesZKKMHXE; 1.118 date 2024.02.07.18.01.16; author wiz; state Exp; branches; next 1.117; commitid WVruEUdsAM47PwXE; 1.117 date 2024.02.07.16.35.29; author wiz; state Exp; branches; next 1.116; commitid dDA00AC35yYIlwXE; 1.116 date 2024.02.05.20.08.49; author nia; state Exp; branches; next 1.115; commitid sLLmwdB4N2kUAhXE; 1.115 date 2024.02.05.20.00.56; author nia; state Exp; branches; next 1.114; commitid I7ct7RTRe4Q5yhXE; 1.114 date 2024.02.05.19.58.14; author nia; state Exp; branches; next 1.113; commitid PQEmQF3JhcgixhXE; 1.113 date 2024.02.03.16.39.14; author tm; state Exp; branches; next 1.112; commitid w027kn5pwhZPu0XE; 1.112 date 2024.01.24.20.16.09; author wiz; state Exp; branches; next 1.111; commitid 3reDQwYcozTh1KVE; 1.111 date 2024.01.22.16.53.00; author adam; state Exp; branches; next 1.110; commitid 6iQwHblE9cvHXsVE; 1.110 date 2024.01.22.09.15.45; author wiz; state Exp; branches; next 1.109; commitid 7Rgld0kQtcqLqqVE; 1.109 date 2024.01.20.20.44.00; author wiz; state Exp; branches; next 1.108; commitid Oahw2d2wbbYPieVE; 1.108 date 2024.01.20.12.13.53; author wiz; state Exp; branches; next 1.107; commitid 4od4zZErVTiPtbVE; 1.107 date 2024.01.19.13.01.40; author wiz; state Exp; branches; next 1.106; commitid 13QKo6ubQsjhM3VE; 1.106 date 2024.01.16.11.20.04; author wiz; state Exp; branches; next 1.105; commitid r9CEohu3LrOjjFUE; 1.105 date 2024.01.01.00.11.56; author wiz; state Exp; branches; next 1.104; commitid A0GPXj9uPae36GSE; 1.104 date 2023.12.30.12.04.21; author wiz; state Exp; branches; next 1.103; commitid GKoRb3E7IREo6uSE; 1.103 date 2023.12.29.20.29.51; author wiz; state Exp; branches; next 1.102; commitid jDl2ZSZnqWhPVoSE; 1.102 date 2023.12.29.19.42.58; author wiz; state Exp; branches; next 1.101; commitid hzfPaAGBJ9cMFoSE; 1.101 date 2023.12.29.13.12.03; author wiz; state Exp; branches; next 1.100; commitid oR4KB3lVyjcBvmSE; 1.100 date 2023.12.26.19.46.34; author wiz; state Exp; branches; next 1.99; commitid EAMsImJYiChZM0SE; 1.99 date 2023.12.26.19.27.49; author wiz; state Exp; branches; next 1.98; commitid 4qSDX0T1ATbzG0SE; 1.98 date 2023.12.24.12.47.46; author bsiegert; state Exp; branches; next 1.97; commitid nELkaEDgfZ2QwIRE; 1.97 date 2023.12.24.09.53.03; author wiz; state Exp; branches; next 1.96; commitid E8gWI99e9sukzHRE; 1.96 date 2023.12.23.20.23.40; author thor; state Exp; branches; next 1.95; commitid qaxKBv6onKwf5DRE; 1.95 date 2023.12.23.20.18.16; author bsiegert; state Exp; branches; next 1.94; commitid e9wm1GdoNX2L3DRE; 1.94 date 2023.12.23.19.34.09; author wiz; state Exp; branches; next 1.93; commitid FvMtbR1QH3XyOCRE; 1.93 date 2023.12.23.19.12.50; author thor; state Exp; branches; next 1.92; commitid uIWaywMGVSekHCRE; 1.92 date 2023.12.23.14.59.24; author wiz; state Exp; branches; next 1.91; commitid 8UjAyr6MvpyqiBRE; 1.91 date 2023.12.22.19.17.31; author bsiegert; state Exp; branches; next 1.90; commitid leGlwvpTshn1LuRE; 1.90 date 2023.12.22.18.31.00; author bsiegert; state Exp; branches; next 1.89; commitid MOaLuPoBIPp4vuRE; 1.89 date 2023.12.22.17.35.19; author wiz; state Exp; branches; next 1.88; commitid gTdsMINloefVbuRE; 1.88 date 2023.12.21.07.04.57; author wiz; state Exp; branches; next 1.87; commitid kZF8aCtKfuQGJiRE; 1.87 date 2023.12.20.18.48.02; author wiz; state Exp; branches; next 1.86; commitid PDJ9ZtAQQXTPEeRE; 1.86 date 2023.12.20.17.10.08; author wiz; state Exp; branches; next 1.85; commitid yF7YBpfXHoTh7eRE; 1.85 date 2023.12.20.17.06.04; author wiz; state Exp; branches; next 1.84; commitid y7irH3rzFZKO5eRE; 1.84 date 2023.12.18.21.16.47; author wiz; state Exp; branches; next 1.83; commitid 0ZPz7Mqqv0pTxZQE; 1.83 date 2023.12.18.19.25.13; author wiz; state Exp; branches; next 1.82; commitid vVaVdWgpYfVuVYQE; 1.82 date 2023.12.18.10.27.11; author thor; state Exp; branches; next 1.81; commitid h8q7yk604LW0XVQE; 1.81 date 2023.12.18.08.56.42; author wiz; state Exp; branches; next 1.80; commitid wII1Zind2JSVrVQE; 1.80 date 2023.12.16.07.08.54; author wiz; state Exp; branches; next 1.79; commitid hSteedBTjpeYUEQE; 1.79 date 2023.12.15.13.19.02; author wiz; state Exp; branches; next 1.78; commitid Vp6mFozzsQiYZyQE; 1.78 date 2023.12.15.13.13.23; author wiz; state Exp; branches; next 1.77; commitid Thn5UDjJHzM2YyQE; 1.77 date 2023.12.13.15.55.24; author wiz; state Exp; branches; next 1.76; commitid e2jXSWDWDcKwVjQE; 1.76 date 2023.12.13.07.48.08; author wiz; state Exp; branches; next 1.75; commitid kYUjDrvgZoYkehQE; 1.75 date 2023.12.08.19.56.46; author wiz; state Exp; branches; next 1.74; commitid icXSwUkIQBAkqHPE; 1.74 date 2023.12.07.00.19.46; author taca; state Exp; branches; next 1.73; commitid mB9vExsetdz3WsPE; 1.73 date 2023.12.06.08.07.49; author wiz; state Exp; branches; next 1.72; commitid l5QPCNZKHSG6znPE; 1.72 date 2023.12.05.13.47.19; author wiz; state Exp; branches; next 1.71; commitid whK28SvI1PzothPE; 1.71 date 2023.11.23.10.59.49; author wiz; state Exp; branches; next 1.70; commitid oUwYyD1j5p02WINE; 1.70 date 2023.11.20.20.26.34; author wiz; state Exp; branches; next 1.69; commitid z4b4J6iUaN8qaoNE; 1.69 date 2023.11.17.09.49.25; author wiz; state Exp; branches; next 1.68; commitid 2nVJ7e391R4NJWME; 1.68 date 2023.11.17.08.05.29; author nia; state Exp; branches; next 1.67; commitid J8lxW09AfXZfaWME; 1.67 date 2023.11.16.18.10.44; author nia; state Exp; branches; next 1.66; commitid CdvVQwYKWcmTxRME; 1.66 date 2023.11.16.18.02.50; author nia; state Exp; branches; next 1.65; commitid qQg9bafsNyb9vRME; 1.65 date 2023.11.16.09.42.02; author wiz; state Exp; branches; next 1.64; commitid wUAhqlbxGFADHOME; 1.64 date 2023.11.15.21.18.05; author wiz; state Exp; branches; next 1.63; commitid tqXieMfnSai4CKME; 1.63 date 2023.11.15.09.41.18; author wiz; state Exp; branches; next 1.62; commitid WpZhezWS8lC3LGME; 1.62 date 2023.11.10.08.08.45; author wiz; state Exp; branches; next 1.61; commitid Q37zlLq8spudp2ME; 1.61 date 2023.11.09.14.00.08; author wiz; state Exp; branches; next 1.60; commitid aIvYcxYntDhLnWLE; 1.60 date 2023.11.06.14.01.32; author wiz; state Exp; branches; next 1.59; commitid MnJz0JTDLAbhuyLE; 1.59 date 2023.11.06.13.19.23; author wiz; state Exp; branches; next 1.58; commitid FrcwLHQQd7QNfyLE; 1.58 date 2023.11.01.12.31.03; author wiz; state Exp; branches; next 1.57; commitid 87pIV8ZKrPq79UKE; 1.57 date 2023.10.28.07.39.48; author wiz; state Exp; branches; next 1.56; commitid k9azphkSVI3fFmKE; 1.56 date 2023.10.25.09.09.17; author wiz; state Exp; branches; next 1.55; commitid qCcYfghdEfDOfZJE; 1.55 date 2023.10.22.10.05.48; author wiz; state Exp; branches; next 1.54; commitid SfqJLzw3qKdbFBJE; 1.54 date 2023.10.20.18.49.33; author wiz; state Exp; branches; next 1.53; commitid GsugVvZ7MnUPCoJE; 1.53 date 2023.10.20.18.36.59; author wiz; state Exp; branches; next 1.52; commitid DANklzIqkDDzyoJE; 1.52 date 2023.10.19.13.31.51; author wiz; state Exp; branches; next 1.51; commitid B5090t0GWTuVTeJE; 1.51 date 2023.10.19.13.30.11; author wiz; state Exp; branches; next 1.50; commitid 20ras370fUymTeJE; 1.50 date 2023.10.19.08.56.37; author wiz; state Exp; branches; next 1.49; commitid Hlqa0GZRw1UundJE; 1.49 date 2023.10.17.11.44.02; author prlw1; state Exp; branches; next 1.48; commitid Y0WLvbz7QeyAmYIE; 1.48 date 2023.10.16.10.28.51; author he; state Exp; branches; next 1.47; commitid 3qiVvKn6Fs0UYPIE; 1.47 date 2023.10.14.09.40.47; author wiz; state Exp; branches; next 1.46; commitid 9PmsgIsVWH7FMzIE; 1.46 date 2023.10.11.11.16.45; author wiz; state Exp; branches; next 1.45; commitid kAj8YshEIIkxpcIE; 1.45 date 2023.10.10.20.17.44; author tm; state Exp; branches; next 1.44; commitid c8Z3XcBKL736r7IE; 1.44 date 2023.10.10.20.07.15; author tm; state Exp; branches; next 1.43; commitid eFXjpJEf3Tovn7IE; 1.43 date 2023.10.10.19.58.12; author tm; state Exp; branches; next 1.42; commitid wgI0Aj4U2z8mk7IE; 1.42 date 2023.10.10.19.47.43; author wiz; state Exp; branches; next 1.41; commitid ZHjqXUb8waVOg7IE; 1.41 date 2023.10.10.19.46.11; author tm; state Exp; branches; next 1.40; commitid D5hyxPVZKvphg7IE; 1.40 date 2023.10.10.19.32.44; author tm; state Exp; branches; next 1.39; commitid 7bgbO1sj8qnHb7IE; 1.39 date 2023.10.10.19.25.06; author tm; state Exp; branches; next 1.38; commitid FyxtCjfys6U497IE; 1.38 date 2023.10.10.19.14.01; author tm; state Exp; branches; next 1.37; commitid 1E4VJn2kNEAg57IE; 1.37 date 2023.10.10.18.53.57; author tm; state Exp; branches; next 1.36; commitid FPgp43rLYN7oY6IE; 1.36 date 2023.10.10.18.47.32; author tm; state Exp; branches; next 1.35; commitid nw87lcOiL6VaW6IE; 1.35 date 2023.10.10.17.55.00; author tm; state Exp; branches; next 1.34; commitid d774H3zvVyyaE6IE; 1.34 date 2023.10.10.17.33.56; author tm; state Exp; branches; next 1.33; commitid XPcn2nlNYoqUw6IE; 1.33 date 2023.10.10.17.24.50; author tm; state Exp; branches; next 1.32; commitid KwhNtXBiWwaOt6IE; 1.32 date 2023.10.10.14.32.06; author tm; state Exp; branches; next 1.31; commitid Zb5NW04BXSLvw5IE; 1.31 date 2023.10.10.14.09.14; author tm; state Exp; branches; next 1.30; commitid BVLNxentVhlFo5IE; 1.30 date 2023.10.10.13.56.11; author tm; state Exp; branches; next 1.29; commitid AMloq0C3ZGU7k5IE; 1.29 date 2023.10.10.12.12.17; author tm; state Exp; branches; next 1.28; commitid Y4gVKnEyxynxK4IE; 1.28 date 2023.10.10.10.17.47; author tm; state Exp; branches; next 1.27; commitid wQPGr5tesgqb74IE; 1.27 date 2023.10.10.10.11.13; author nia; state Exp; branches; next 1.26; commitid rhcZLKvfdY9454IE; 1.26 date 2023.10.10.09.58.01; author nia; state Exp; branches; next 1.25; commitid GqdMfHWs7eUx04IE; 1.25 date 2023.10.10.09.27.28; author nia; state Exp; branches; next 1.24; commitid QF2O6ceqPqu2Q3IE; 1.24 date 2023.10.10.09.24.03; author nia; state Exp; branches; next 1.23; commitid NTsohdaW0mwOO3IE; 1.23 date 2023.10.10.09.20.06; author nia; state Exp; branches; next 1.22; commitid qXsKo6bkF6vrN3IE; 1.22 date 2023.10.09.21.46.58; author tm; state Exp; branches; next 1.21; commitid imdVcpKq5eLBXZHE; 1.21 date 2023.10.09.21.34.03; author tm; state Exp; branches; next 1.20; commitid HYlAw6OkPmHhTZHE; 1.20 date 2023.10.09.21.26.19; author tm; state Exp; branches; next 1.19; commitid BgrmyyrIRp0AQZHE; 1.19 date 2023.10.09.19.09.42; author tm; state Exp; branches; next 1.18; commitid btec2F7dan8E5ZHE; 1.18 date 2023.10.09.17.36.25; author wiz; state Exp; branches; next 1.17; commitid V3fHpBwAB2vKzYHE; 1.17 date 2023.10.08.20.05.45; author tm; state Exp; branches; next 1.16; commitid OwkxzwEuO3ELqRHE; 1.16 date 2023.10.08.19.58.41; author tm; state Exp; branches; next 1.15; commitid M6Sr6gG5myTnoRHE; 1.15 date 2023.10.08.17.58.17; author schmonz; state Exp; branches; next 1.14; commitid F6yR5t1TNrmaJQHE; 1.14 date 2023.10.06.08.38.32; author prlw1; state Exp; branches; next 1.13; commitid icWQaVECM1R3HxHE; 1.13 date 2023.10.05.19.06.44; author tm; state Exp; branches; next 1.12; commitid XORlJmpbjv8FctHE; 1.12 date 2023.10.05.18.53.36; author tm; state Exp; branches; next 1.11; commitid PMopcMehr19d8tHE; 1.11 date 2023.10.05.18.34.29; author tm; state Exp; branches; next 1.10; commitid YTXkWGamgTmy1tHE; 1.10 date 2023.10.05.14.13.03; author tm; state Exp; branches; next 1.9; commitid QiuFQTkw7hm1ArHE; 1.9 date 2023.10.05.13.48.21; author tm; state Exp; branches; next 1.8; commitid QoqATM353siwrrHE; 1.8 date 2023.10.05.13.21.51; author tm; state Exp; branches; next 1.7; commitid tZPzpO00Q2MlirHE; 1.7 date 2023.10.04.16.27.27; author wiz; state Exp; branches; next 1.6; commitid 55BKSitd4HU6mkHE; 1.6 date 2023.10.03.21.46.00; author wiz; state Exp; branches; next 1.5; commitid VyL3X8cCpiYp9eHE; 1.5 date 2023.09.29.22.09.50; author wiz; state Exp; branches; next 1.4; commitid WVV5PRNfEzLvpIGE; 1.4 date 2023.09.29.17.45.30; author wiz; state Exp; branches; next 1.3; commitid ZaHJBmHc8KaPWGGE; 1.3 date 2023.09.29.09.44.28; author wiz; state Exp; branches; next 1.2; commitid TVcLTyt23OTOhEGE; 1.2 date 2023.09.29.09.37.31; author wiz; state Exp; branches; next 1.1; commitid ndjWNYvsEhepfEGE; 1.1 date 2023.09.29.09.13.27; author wiz; state Exp; branches; next ; commitid 2QVHZbHfpXGO6EGE; desc @@ 1.761 log @eilmeldung-1.5.0: no longer affected @ text @# $NetBSD: pkg-vulnerabilities,v 1.760 2026/05/02 04:29:30 pin Exp $ # #FORMAT 1.0.0 # # Please read "Handling packages with security problems" in the pkgsrc # guide before editing this file. # # Note: NEVER remove entries from this file; this should document *all* # known package vulnerabilities so it is entirely appropriate to have # multiple entries in this file for a single package, and to contain # entries for packages which have been removed from pkgsrc. # # New entries should be added at the end of this file. # # Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after # making changes to this file. # # The command to run for this update is "./pkg-vuln-update.sh", but it needs # access to the private GPG key for pkgsrc-security. # # If you have comments/additions/corrections, please contact # pkgsrc-security@@NetBSD.org. # # Note: If this file format changes, please do not forget to update # pkgsrc/mk/scripts/genreadme.awk which also parses this file. # # package type of exploit URL cfengine<1.5.3nb3 remote-root-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-013.txt.asc navigator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html navigator<4.74 remote-user-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc communicator<4.75 remote-user-access http://www.cert.org/advisories/CA-2000-15.html communicator<4.74 remote-user-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc pine<4.30 remote-user-shell http://www.securityfocus.com/bid/1709 pine<4.21nb1 denial-of-service http://www.securityfocus.com/advisories/2646 imap-uw<4.7c6 denial-of-service http://www.securityfocus.com/advisories/2646 screen<3.9.5nb1 local-root-shell http://www.securityfocus.com/advisories/2634 ntop<1.1 remote-root-shell http://www.securityfocus.com/advisories/2520 wu-ftpd<2.6.1 remote-root-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-010.txt.asc wu-ftpd<2.4.2b18.2 remote-root-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc xlockmore<4.17 local-root-file-view https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-003.txt.asc lsof<4.41 local-root-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-005.txt.asc wu-ftpd<2.6.0 remote-root-shell https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc racoon<20001004a local-root-file-view http://mail-index.NetBSD.org/tech-net/2000/09/24/0000.html global<3.56 remote-user-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=11165 apache<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 apache6<1.3.14 remote-user-access http://httpd.apache.org/dist/httpd/CHANGES_1.3 thttpd<2.20 remote-user-access http://www.dopesquad.net/security/advisories/20001002-thttpd-ssi.txt bind<8.2.2.7 denial-of-service http://www.isc.org/products/BIND/bind-security.html gnupg<1.0.4 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001017 pine<=4.21 remote-root-shell https://www.freebsd.org/security/advisories/FreeBSD-SA-00:59.pine.asc navigator{,3}<4.76 remote-root-shell https://www.freebsd.org/security/advisories/FreeBSD-SA-00:66.netscape.asc openssh<2.3.0 weak-authentication http://www.openbsd.org/errata27.html#sshforwarding ethereal<=0.8.13 remote-root-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Ffromthread%3D1%26end%3D2000-11-25%26mid%3D145761%26start%3D2000-11-19%26list%3D1%26threads%3D0%26 php<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-gd<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-ldap<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-mysql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-pgsql<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 php-snmp<3.0.17 remote-user-shell http://www.php.net/ChangeLog.php3 racoon<20001211a denial-of-service http://www.kame.net/ LPRng<3.6.25 remote-root-shell http://www.cert.org/advisories/CA-2000-22.html jakarta-tomcat<3.1.1 remote-server-admin http://jakarta.apache.org/site/news.html jakarta-tomcat<3.2.3 cross-site-html http://www.securityfocus.com/bid/2982 fsh<1.1 local-root-file-view https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1135 bitchx<1.0.3.17nb1 remote-user-shell http://www.securityfocus.com/bid/2087 namazu<1.3.0.11 remote-file-creation http://www.namazu.org/security.html.en zope<2.2.5 weak-authentication http://www.zope.org/Products/Zope/ bind<8.2.3 remote-root-shell http://www.cert.org/advisories/CA-2001-02.html suse{,32}_base<6.4nb2 local-root-shell http://www.suse.com/de/support/security/2001_001_glibc_txt.txt ja-micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv micq<0.4.6.1 remote-user-shell http://www.freebsd.org/security/#adv ssh<1.2.27nb1 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html ssh6<=1.2.31 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html openssh<2.3.0 remote-root-shell http://razor.bindview.com/publish/advisories/adv_ssh1crc.html camediaplay<20010211 local-user-shell http://www.itojun.org/itojun.html analog<4.16 remote-user-shell http://www.analog.cx/security2.html gnupg<1.0.4nb3 weak-authentication http://www.gnupg.org/whatsnew.html#rn20001130 xemacs<21.1.14 remote-user-shell http://list-archive.xemacs.org/xemacs-announce/200102/msg00000.html sudo<1.6.3p6 local-root-shell http://www.openbsd.org/errata36.html#sudo Mesa-glx<=20000813 local-root-shell http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-029.php3?dis=7.2 apache<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html apache6<1.3.19 remote-user-access http://httpd.apache.org/dist/httpd/Announcement.html exmh<2.3 local-symlink-race http://www.beedub.com/exmh/symlink.html samba<2.0.8 local-symlink-race http://www.securityfocus.com/templates/archive.pike?list=1&mid=177370 hylafax<4.1b3 local-root-shell http://www.securityfocus.com/archive/1/176716 squirrelmail<1.0.5 remote-user-access http://www.geocrawler.com/lists/3/SourceForge/599/500/5567091/ kdelibs-2.1 local-root-shell http://dot.kde.org/988663144/ icecast<1.3.10 remote-user-access http://www.securityfocus.com/bid/2264 joe<2.8nb1 local-file-write http://www.securityfocus.com/bid/1959 joe<2.8nb1 local-user-shell http://www.securityfocus.com/bid/2437 openssh<2.9.2 remote-file-write http://www.openbsd.org/errata.html#sshcookie w3m<0.2.1.0.19nb1 remote-user-shell http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html samba<2.0.10 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html samba-2.2.0nb1 local-root-shell http://www.samba.org/samba/whatsnew/macroexploit.html fetchmail<5.8.8 remote-user-access http://www.securityfocus.com/vdb/?id=2877 openldap<1.2.12 denial-of-service http://www.cert.org/advisories/CA-2001-18.html horde<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 imp<1.2.6 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D198495 fetchmail<5.8.17 remote-user-shell http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26mid%3D203165 windowmaker<0.65.1 remote-user-shell http://www.debian.org/security/2001/dsa-074 sendmail<8.11.6 local-root-shell https://ftp.sendmail.org/RELEASE_NOTES gnut<0.4.27 remote-script-inject http://www.gnutelliums.com/linux_unix/gnut/ screen<3.9.10 local-root-shell http://lists.opensuse.org/opensuse-security-announce/2000-Sep/0005.html openssh<2.9.9.2 remote-user-access http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=216702&start=2001-09-23&end=2001-09-29 w3m<0.2.1.0.19nb2 weak-authentication http://mi.med.tohoku.ac.jp/~satodai/w3m-dev/200109.month/2226.html procmail<3.20 local-root-shell http://www.somelist.com/mail.php/282/view/1200950 slrn<0.9.7.2nb1 remote-script-inject http://slrn.sourceforge.net/patches/index.html#subsect_decode nvi-m17n<1.79.19991117 local-user-shell http://www.securityfocus.com/archive/1/221880 mgetty<1.1.22 denial-of-service https://www.freebsd.org/security/advisories/FreeBSD-SA-00:71.mgetty.asc kdeutils-2.2.1 local-root-shell http://lists.kde.org/?l=kde-announce&m=100535642201983&w=2 imp<2.2.7 remote-file-view http://www.securityfocus.com/archive/1/225686 libgtop<1.0.12nb1 remote-user-shell http://www.intexxia.com/ wu-ftpd<=2.6.1 remote-root-shell http://msgs.securepoint.com/cgi-bin/get/bugtraq0111/199.html radius-3.6B remote-user-shell http://xforce.iss.net/alerts/advise87.php exim<3.34 remote-user-shell http://www.exim.org/pipermail/exim-announce/2001q4/000048.html stunnel<3.22 remote-user-shell http://www.stunnel.org/patches/desc/formatbug_ml.html mutt<1.2.5.1 remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.1* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html mutt-1.3.2[0-4]* remote-user-shell http://www.mutt.org/announce/mutt-1.2.5.1-1.3.25.html cyrus-sasl<1.5.27 remote-code-execution http://www.securityfocus.com/bid/3498 openldap<2.0.20 denial-of-service http://www.openldap.org/lists/openldap-announce/200201/msg00002.html xchat<1.8.7 remote-command-injection http://xchat.org/ enscript<1.6.1nb1 local-file-write http://www.securityfocus.com/bid/3920 rsync<2.5.2 remote-code-execution http://lists.samba.org/pipermail/rsync-announce/2002-January/000005.html squirrelmail-1.2.[0-3] remote-code-execution http://www.securityfocus.com/bid/3952 gnuchess<5.03 remote-user-shell http://linux.oreillynet.com/pub/a/linux/2002/01/28/insecurities.html ucd-snmp<4.2.3 weak-authentication http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3 denial-of-service http://www.cert.org/advisories/CA-2002-03.html ucd-snmp<4.2.3nb1 remote-user-shell http://www.securityfocus.com/archive/1/248141 squid<2.4.4 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_1.txt ap-php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php<3.0.18nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.1pl2 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.3pl1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html ap-php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.3pl1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.4.1nb1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.5 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.0.6 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.0 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.1.1 remote-code-execution http://security.e-matters.de/advisories/012002.html php-4.3.0 remote-code-execution http://www.php.net/release_4_3_1.php radiusd-cistron<1.6.6 denial-of-service http://www.kb.cert.org/vuls/id/936683 radiusd-cistron<1.6.6 remote-code-execution http://www.kb.cert.org/vuls/id/589523 openssh<3.0.2.1nb2 local-root-shell http://www.pine.nl/advisories/pine-cert-20020301.txt htdig<3.1.6 denial-of-service http://online.securityfocus.com/bid/3410 htdig<3.1.6 local-user-file-view http://online.securityfocus.com/bid/3410 fileutils<4.1.7 local-file-removal http://mail.gnu.org/pipermail/bug-fileutils/2002-March/002433.html zlib<1.1.4 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt rsync<2.5.3 remote-user-file-view http://lists.samba.org/pipermail/rsync-announce/2002-March/000006.html suse{,32}_base<6.4nb5 denial-of-service http://www.zlib.org/advisory-2002-03-11.txt icecast<1.3.11 remote-root-shell http://www.debian.org/security/2001/dsa-089 sun-{jre,jdk}<1.3.1.0.2 remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba analog<5.22 remote-script-inject http://www.analog.cx/docs/whatsnew.html jakarta-tomcat<3.2.3nb1 cross-site-scripting http://httpd.apache.org/info/css-security/ sudo<1.6.6 local-root-shell http://www.sudo.ws/sudo/alerts/prompt.html squirrelmail<1.2.6 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00414.html analog<5.23 denial-of-service http://www.analog.cx/security5.html icecast<1.3.12 denial-of-service http://online.securityfocus.com/bid/4415 qpopper<4.0.4 denial-of-service http://online.securityfocus.com/bid/4295 qpopper<4.0.4nb1 local-root-shell http://online.securityfocus.com/bid/4614 imap-uw<2001.1 local-root-shell http://online.securityfocus.com/bid/4713 fetchmail<5.9.10 remote-user-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146 gaim<0.58 local-user-file-view http://online.securityfocus.com/archive/1/272180 mozilla<1.0rc3 remote-user-file-view http://groups.google.com/groups?as_umsgid=3CD095D4.9050003%40mozilla.org&hl=en ethereal<0.9.4 remote-user-access http://www.ethereal.com/appnotes/enpa-sa-00004.html bind-9.[01].* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.0* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-9.2.1rc* denial-of-service http://www.cert.org/advisories/CA-2002-15.html bind-8.3.0 denial-of-service http://www.isc.org/products/BIND/bind8.html xchat<1.8.9 remote-user-shell http://www.linuxsecurity.com/advisories/redhat_advisory-2107.html apache<1.3.26 remote-root-shell https://httpd.apache.org/info/security_bulletin_20020617.txt apache6<1.3.26 remote-root-shell https://httpd.apache.org/info/security_bulletin_20020617.txt apache>=2<2.0.39 remote-root-shell https://httpd.apache.org/info/security_bulletin_20020617.txt irssi<0.8.5 denial-of-service http://online.securityfocus.com/archive/1 #ap-ssl<2.8.10 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt ap-ssl<2.8.10 remote-root-shell http://www.modssl.org/news/changelog.html apache<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt apache6<1.3.26nb1 remote-root-shell http://www.apache-ssl.org/advisory-20020620.txt bind<4.9.7nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat12<=1.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html #compat13<=1.3.3nb1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html compat14<1.4.3.2 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html openssh<3.4 remote-root-shell https://nvd.nist.gov/vuln/detail/CVE-2002-0639 #bind<=9.2.1 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html bind<8.3.3 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html socks5<1.0.2nb2 remote-root-shell http://online.securityfocus.com/archive/1/9842 socks5-1.0.[3-9]* remote-root-shell http://online.securityfocus.com/archive/2/9842 socks5-1.0.1[0-1]* remote-root-shell http://online.securityfocus.com/archive/2/9842 ipa<1.2.7 local-access http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=17434 ethereal<0.9.5 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00005.html squid<2.4.7 remote-user-shell http://www.squid-cache.org/Advisories/SQUID-2002_3.txt nn<6.6.4 remote-user-shell http://online.securityfocus.com/bid/5160 inn<2.3.0 remote-user-shell http://online.securityfocus.com/bid/2620 cvsup-gui<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html cvsup<=16.1.d remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html xpilot<4.5.1 remote-user-shell http://online.securityfocus.com/bid/4534 gnut<0.4.28 remote-user-shell http://online.securityfocus.com/bid/3267/ wwwoffle<2.7c denial-of-service http://bespin.org/~qitest1/adv/wwwoffle-2.7b.asc png<1.2.4 remote-user-shell https://nvd.nist.gov/vuln/detail/CVE-2002-0728 php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html ap-php-4.2.[01] remote-user-shell http://security.e-matters.de/advisories/022002.html srp_client<1.7.5 unknown http://www-cs-students.stanford.edu/~tjw/srp/download.html hylafax<4.1.3 remote-root-shell http://www.securityfocus.com/bid/3357 openssl<0.9.6e remote-root-shell http://www.openssl.org/news/secadv_20020730.txt libmm<1.2.1 local-root-shell http://online.securityfocus.com/bid/5352 openssl<0.9.6f denial-of-service http://www.openssl.org/news/secadv_20020730.txt png<=1.0.12 remote-user-shell http://online.securityfocus.com/bid/5409 kdelibs-2.1.* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.1* weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-2.2.2{,nb1} weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 kdelibs-3.0.[12] weak-ssl-authentication http://online.securityfocus.com/archive/1/286290/2002-08-08/2002-08-14/2 arla<0.35.9 denial-of-service http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html arla<0.35.9 remote-root-shell http://www.stacken.kth.se/lists/arla-drinkers/2002-08/msg00019.html ethereal<0.9.6 remote-root-shell http://www.ethereal.com/appnotes/enpa-sa-00006.html bind<4.9.10 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat14-crypto<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat14<1.4.3.2 remote-root-shell http://www.kb.cert.org/vuls/id/738331 compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 netbsd32_compat15<1.5.3.1 remote-root-shell http://www.kb.cert.org/vuls/id/738331 postgresql-server<7.2.2 remote-code-execution http://online.securityfocus.com/archive/1/288998 gaim<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 gaim-gnome<0.59.1 remote-code-execution http://sourceforge.net/tracker/index.php?func=detail&aid=584252&group_id=235&atid=100235 mozilla<1.1 remote-file-read http://archives.neohapsis.com/archives/bugtraq/2002-07/0259.html mozilla<1.1 remote-file-read http://www.geocities.co.jp/SiliconValley/1667/advisory03e.html freebsd_lib<=2.2.7 remote-root-shell http://www.pine.nl/advisories/pine-cert-20020601.html opera<6.03 remote-user-shell http://www.opera.com/linux/changelog/log603.html wmnet<1.06nb3 local-root-shell http://www.securiteam.com/unixfocus/5HP0F1P8AM.html apache-2.0.3[0-9]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 apache-2.0.4[0-1]* denial-of-service http://www.apacheweek.com/issues/02-09-27#apache2042 fetchmail<6.1.0 remote-code-execution http://security.e-matters.de/advisories/032002.html unzip<=5.42 local-file-write http://online.securityfocus.com/archive/1/196445 apache-2.0.3[0-9]* remote-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache-2.0.4[0-2]* remote-file-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 net-snmp<5.0.5 denial-of-service http://sourceforge.net/forum/forum.php?forum_id=215540 sendmail<8.12.6nb1 local-user-shell http://www.sendmail.org/smrsh.adv.txt apache<1.3.27 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache<1.3.27 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache<1.3.27 local-file-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache6<1.3.27 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache6<1.3.27 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache6<1.3.27 local-file-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 gv<3.5.8nb2 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569 logsurfer<1.5.2 local-user-shell http://www.cert.dfn.de/eng/team/wl/logsurf/ suse{,32}_base<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html suse{,32}_devel<7.3nb1 remote-code-execution http://www.suse.com/de/security/2002_031_glibc.html kdegraphics<2.2.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdegraphics-3.0.[123]* remote-code-execution http://www.kde.org/info/security/advisory-20021008-1.txt kdenetwork-3.0.[123]* remote-file-read http://www.kde.org/info/security/advisory-20021008-2.txt gtar-base<1.13.25 local-file-write http://online.securityfocus.com/archive/1/196445 kth-krb4<1.2.1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-002-kadm4.txt inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/6049 inn<2.3.3 local-user-shell http://online.securityfocus.com/bid/4501 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5825 fetchmail<6.1.0 denial-of-service http://online.securityfocus.com/bid/5826 fetchmail<6.1.0 remote-user-shell http://online.securityfocus.com/bid/5827 squirrelmail<1.2.8 remote-script-inject http://online.securityfocus.com/bid/5763 bind<4.9.10nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html bind<8.3.3nb1 remote-root-shell http://www.isc.org/products/BIND/bind-security.html samba-2.2.[2-6]* remote-root-shell http://www.samba.org/samba/whatsnew/samba-2.2.7.html windowmaker<0.80.2 remote-user-shell http://www.windowmaker.org/ ssh<3.2.2 local-root-shell http://www.kb.cert.org/vuls/id/740619 w3m<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html w3m-img<0.3.2.1 remote-file-write http://mi.med.tohoku.ac.jp/%7Esatodai/w3m-dev/200211.month/3492.html Canna-server-bin<3.5.2nb3 remote-root-shell http://canna.sourceforge.jp/sec/Canna-2002-01.txt windowmaker<0.80.2 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277 kdelibs-2.1.* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.1* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-2.2.2{,nb[123]} remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.[123]* remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdelibs-3.0.4 remote-user-shell http://www.kde.org/info/security/advisory-20021111-1.txt kdenetwork-2.[12]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.[123]* remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt kdenetwork-3.0.4{,nb1} remote-root-shell http://www.kde.org/info/security/advisory-20021111-2.txt cyrus-imapd<2.0.17 remote-code-execution http://www.securityfocus.com/bid/6298 cyrus-imapd-2.1.9{,nb1} remote-code-execution http://www.securityfocus.com/bid/6298 imap-uw<2002.1rc1 remote-code-execution http://www.kb.cert.org/vuls/id/961489 cyrus-sasl-2.1.9{,nb[12]} remote-code-execution http://online.securityfocus.com/archive/1/302603 fetchmail<6.2.0 remote-code-execution http://security.e-matters.de/advisories/052002.html mysql-client<3.23.49nb2 remote-code-execution http://security.e-matters.de/advisories/042002.html mysql-server<3.23.49nb1 remote-code-execution http://security.e-matters.de/advisories/042002.html pine<4.50 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320 w3m{,-img}<0.3.2.2 remote-file-read http://sourceforge.net/project/shownotes.php?group_id=39518&release_id=126233 ethereal<0.9.8 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00007.html wget<1.8.2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 wget<1.8.2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 ssh<=3.2.2 denial-of-service http://www.rapid7.com/advisories/R7-0009.txt cups<1.1.18 remote-root-shell http://www.idefense.com/advisory/12.19.02.txt png<1.2.5nb2 remote-code-execution https://ftp.mizar.org/packages/libpng/png-group/archives/png-implement.200212 leafnode<1.9.30 denial-of-service http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0123.html cups<1.1.18 local-code-execution http://online.securityfocus.com/bid/6475 xpdf<=2.01 local-code-execution http://online.securityfocus.com/bid/6475 mhonarc<2.5.14 cross-site-scripting http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200212220120.gBM1K8502180@@mcguire.earlhood.com libmcrypt<2.5.5 remote-user-shell http://online.securityfocus.com/archive/1/305162/2003-01-01/2003-01-07/0 kdebase<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegames<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdegraphics<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdelibs<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdemultimedia<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdenetwork<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdepim<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdesdk<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt kdeutils<3.0.5.1 remote-code-execution http://www.kde.org/info/security/advisory-20021220-1.txt cvs<1.11.4nb1 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=51 gabber<0.8.7nb4 privacy-leak http://online.securityfocus.com/archive/1/307430 spamassassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html p5-Mail-SpamAssassin<2.43nb2 remote-code-execution http://cert.uni-stuttgart.de/archive/bugtraq/2003/01/msg00254.html squirrelmail<1.2.11 cross-site-scripting http://www.squirrelmail.org/ openssl<0.9.6gnb1 weak-encryption http://www.openssl.org/news/secadv_20030219.txt php-4.1.[3-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.[0-2]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.3{,nb1} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 sendmail<8.11.6nb3 remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7] remote-code-execution http://www.cert.org/advisories/CA-2003-07.html sendmail-8.12.[0-7]nb* remote-code-execution http://www.cert.org/advisories/CA-2003-07.html snort<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-pgsql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 snort-mysql<1.9.1 remote-code-execution http://www.kb.cert.org/vuls/id/916785 hypermail<2.1.7 remote-code-execution http://www.hypermail.org/mail-archive/2003/Feb/0025.html zlib<1.1.4nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107 ethereal-0.8.[7-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html ethereal-0.9.[0-9] remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00008.html qpopper<4.0.5 remote-user-shell http://archives.neohapsis.com/archives/bugtraq/2003-03/0152.html ircII<20030313 remote-code-execution http://eterna23.net/ircii/ samba<2.2.8 remote-code-execution http://us1.samba.org/samba/whatsnew/samba-2.2.8.html openssl<0.9.6gnb2 remote-key-theft http://www.openssl.org/news/secadv_20030317.txt openssl<0.9.6gnb2 remote-use-of-secret http://www.openssl.org/news/secadv_20030319.txt mutt<1.4.1 remote-code-execution http://www.securityfocus.com/archive/1/315771/2003-03-19/2003-03-25/0 rxvt<2.7.10 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 eterm<0.9.2 remote-code-execution http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2 apcupsd<3.8.6 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 apcupsd-3.10.[0-4] remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 ap-php-4.1.[3-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.[0-2]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ja-samba<2.2.7.1.1.1 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030317-2.html bitchx<1.0.3.19nb1 remote-code-execution http://www.securityfocus.com/archive/1/315057 apache-2.0.[0-3][0-9] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apache-2.0.4[0-4] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apcupsd<3.8.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 apcupsd-3.10.[0-4] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 setiathome<3.08 remote-code-execution http://spoor12.edup.tudelft.nl/SkyLined%20v4.2/?Advisories/Seti@@home samba<=2.2.8 remote-root-access http://lists.samba.org/pipermail/samba-announce/2003-April/000065.html mgetty+sendfax<1.1.29 file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392 mgetty+sendfax<1.1.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391 ja-samba<2.2.7.2.1.0 remote-code-execution http://www.samba.gr.jp/news-release/2003/20030409-2.html kde<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdelibs<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdebase<3.1.1nb1 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt kdegraphics<3.1.1nb2 remote-code-execution http://www.kde.org/info/security/advisory-20030409-1.txt snort<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-pgsql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 snort-mysql<2.0.0 remote-code-execution http://www.securityfocus.com/archive/1/318669 poppassd<4.0.5nb1 local-root-shell http://www.securityfocus.com/archive/1/319811/2003-04-26/2003-05-02/0 ethereal<0.9.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00009.html gnupg<1.2.2 weak-authentication http://www.securityfocus.com/archive/1/320444 lv<4.49.5 local-code-execution http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=190941 bitchx<1.0.3.19nb2 denial-of-service http://www.securityfocus.com/archive/1/321093 suse{,32}_libpng<7.3nb1 remote-user-shell http://www.suse.com/de/security/2003_004_libpng.html apache-2.0.3[7-9] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 apache-2.0.4[0-5] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 suse{,32}_base<7.3nb4 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html suse{,32}_devel<7.3nb2 remote-code-execution http://www.suse.com/de/security/2003_027_glibc.html cups<1.1.19 denial-of-service http://www.cups.org/str.php?L75 speakfreely<=7.5 remote-code-execution http://www.securityfocus.com/archive/1/324257/2003-06-06/2003-06-12/0 ethereal<0.9.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00010.html xpdf<2.02pl1 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.07 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html acroread5<5.08 remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-July/006342.html ImageMagick<5.5.7.1 local-symlink-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455 apache-2.0.3[7-9] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 apache-2.0.4[0-6] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 falcons-eye<1.9.3nb3 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358 xconq<7.4.1nb1 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0607 mhonarc<2.6.4 cross-site-scripting http://savannah.nongnu.org/bugs/?func=detailbug&bug_id=3128&group_id=1968 wu-ftpd<2.6.2nb1 remote-root-shell http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt lftp<2.5.3 remote-user-shell http://freshmeat.net/releases/87364/ postfix<1.1.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468 postfix<1.1.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540 xfstt<1.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0581 xfstt<1.5.1 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0625 stunnel<3.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 stunnel-4.0[0-3]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 ssh2<3.2.5 weak-authentication http://www.ssh.com/company/newsroom/article/454/ horde<2.2.4rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 imp<3.2.2rc1 privacy-leak http://www.securityfocus.com/archive/1/333114/2003-08-13/2003-08-19/0 gopher<3.0.6 remote-root-shell http://www.securityfocus.com/archive/1/328843/2003-08-18/2003-08-24/2 unzip<5.50nb2 weak-path-validation http://www.securityfocus.com/archive/1/334070/2003-08-18/2003-08-24/2 xmule-[0-9]* remote-user-shell http://lists.netsys.com/pipermail/full-disclosure/2003-August/008449.html sendmail-8.12.[0-8]nb* denial-of-service http://www.sendmail.org/dnsmap1.html exim<3.36 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html exim>=4<4.22 remote-code-execution http://www.exim.org/pipermail/exim-announce/2003q3/000094.html leafnode<1.9.42 denial-of-service http://www.securityfocus.com/archive/1/336186 p5-Apache-Gallery<0.7 local-user-shell http://www.securityfocus.com/archive/1/336583/2003-09-06/2003-09-12/0 pine<4.58 remote-code-execution http://www.idefense.com/advisory/09.10.03.txt net-snmp<5.0.9 privacy-leak http://sourceforge.net/forum/forum.php?forum_id=308015 gtkhtml<1.1.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0541 sane-backends<1.0.11 weak-authentication https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773 sane-backends<1.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774 sane-backends<1.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775 sane-backends<1.0.11 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776 sane-backends<1.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777 sane-backends<1.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778 apache<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 apache6<1.3.28 denial-of-service http://www.kb.cert.org/vuls/id/379828 mysql-server<3.23.49nb5 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-September/009819.html openssh<3.7.1 denial-of-service http://www.openssh.org/txt/buffer.adv openssh+gssapi<3.6.1.2.20030430nb2 denial-of-service http://www.openssh.org/txt/buffer.adv sendmail<8.12.10 unknown http://www.sendmail.org/8.12.10.html thttpd<2.23.0.1nb1 remote-code-execution http://marc.theaimsgroup.com/?l=thttpd&m=106402145912879&w=2 openssh<3.7.1.2 remote-code-execution http://www.openssh.com/txt/sshpam.adv proftpd<1.2.8nb2 remote-root-shell http://xforce.iss.net/xforce/alerts/id/154 cfengine-2.0.[0-7]* remote-code-execution http://www.securityfocus.com/archive/1/339083/2003-09-22/2003-09-28/0 mplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 gmplayer<1.0rc1nb1 remote-code-execution http://www.mplayerhq.hu/homepage/news.html#vuln01 marbles<1.0.2nb3 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0830 ncftp3<3.1.6 remote-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 openssl<0.9.6k remote-root-shell http://www.openssl.org/news/secadv_20030930.txt vmware3<3.2.1pl1 local-root-shell http://marc.theaimsgroup.com/?l=gentoo-announce&m=106181867621048&w=2 fetchmail<6.2.4nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0790 kdelibs<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ kdebase<2.2.2 denial-of-service http://www.kde.org/info/security/ kdebase<2.2.2 remote-code-execution http://www.kde.org/info/security/ silc-client<0.9.13 denial-of-service http://silcnet.org/txt/security_20031016_1.txt silc-server<0.9.14 denial-of-service http://silcnet.org/txt/security_20031016_1.txt sylpheed-claws-0.9.4{,nb1} denial-of-service http://www.guninski.com/sylph.html vtun<2.6nb1 privacy-leak https://ftp.netbsd.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/vtun-26to30.patch libnids<=1.17 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 apache<1.3.28nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache6<1.3.28nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache-2.0.[0-3][0-9] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 apache-2.0.4[0-7] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 sun-{jre,jdk}13<1.0.9 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity sun-{jre,jdk}14<2.0 privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity thttpd<2.24 remote-code-execution http://www.texonet.com/advisories/TEXONET-20030908.txt coreutils<5.0nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853 coreutils<5.0nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854 hylafax<4.1.8 remote-code-execution http://www.securiteam.com/unixfocus/6O00D0K8UI.html quagga<0.96.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 zebra<0.93bnb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 pan<0.13.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855 ethereal<0.9.15 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00011.html mozilla{,-bin}<1.5 remote-code-execution https://www.mozilla.org/projects/security/known-vulnerabilities.html screen<4.0.1nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0972 gnupg<1.2.3nb2 weak-authentication http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html rsync<2.5.7 remote-user-shell http://www.mail-archive.com/rsync@@lists.samba.org/msg08782.html audit-packages<1.26 no-exploit-but-less-integrity-so-please-upgrade http://mail-index.netbsd.org/tech-pkg/2003/11/30/0001.html cvs<1.11.10 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=84 lftp<2.6.10 remote-code-execution http://lists.netsys.com/pipermail/full-disclosure/2003-December/014824.html opera<7.23 remote-file-delete http://opera.rainyblue.org/modules/cjaycontent/index.php?id=1 mgetty+sendfax<=1.1.30 file-permissions http://mail-index.netbsd.org/tech-pkg/2003/11/18/0003.html cvs<1.11.11 privilege-escalation https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=88 ethereal<0.10.0 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00012.html bind<8.4.3 cache-poisoning http://www.kb.cert.org/vuls/id/734644 mpg321<0.2.10nb3 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969 mailman<2.1.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965 racoon<20040116a remote-sa-delete http://www.securityfocus.com/archive/1/349756 gaim<0.75nb1 remote-code-execution http://security.e-matters.de/advisories/012004.html freeradius<0.9.3 denial-of-service http://www.freeradius.org/security.html#0.9.2 libtool-base<1.5.2nb3 local-symlink-race http://www.securityfocus.com/archive/1/352519 jitterbug<1.6.2nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028 mpg123<0.59.18nb3 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-esound<0.59.18nb1 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-nas<0.59.18nb3 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 clamav<0.66 denial-of-service http://www.securityfocus.com/archive/1/353186 mutt<1.4.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0078 metamail<2.7nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104 xboing<2.4nb2 privilege-escalation http://www.debian.org/security/2004/dsa-451 libxml2<2.6.6 remote-user-shell http://lists.gnome.org/archives/xml/2004-February/msg00070.html automake<1.8.3 privilege-escalation http://www.securityfocus.com/archive/1/356574/2004-03-05/2004-03-11/2 apache>=2<2.0.49 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache>=2<2.0.49 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache>=2<2.0.49 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache6<1.3.29nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 gdk-pixbuf<0.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0111 openssl<0.9.6l denial-of-service http://www.openssl.org/news/secadv_20031104.txt openssl<0.9.6m denial-of-service http://www.openssl.org/news/secadv_20040317.txt isakmpd<=20030903nb1 denial-of-service http://www.rapid7.com/advisories/R7-0018.html ghostscript-gnu<7.07 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-nox11<7.07 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-x11<7.07 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 python22<2.2.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 python22-pth<2.2.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 squid<2.5.5 weak-acl-enforcement http://www.squid-cache.org/Advisories/SQUID-2004_1.txt ethereal<0.10.3 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00013.html mplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 gmplayer<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 mencoder<1.0rc3nb2 remote-code-execution http://www.securityfocus.com/archive/1/359025 heimdal<0.6.1 remote-trust http://www.pdc.kth.se/heimdal/advisory/2004-04-01/ uulib<0.5.20 archive-code-execution http://www.securityfocus.com/bid/9758 racoon<20040408a weak-authentication http://www.vuxml.org/freebsd/d8769838-8814-11d8-90d1-0020ed76ef5a.html xchat<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7] remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.[0-7]nb* remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-2.0.8nb1 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html xchat-gnome<1.8.11nb7 remote-code-execution http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html cvs<1.11.15 remote-file-write https://ccvs.cvshome.org/servlets/NewsItemView?newsItemID=102 neon<0.24.5 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 tla<1.2.1rc1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 cadaver<0.22.1 remote-code-execution http://marc.theaimsgroup.com/?l=openpkg-announce&m=108213423102539&w=2 lha<1.14i local-code-execution http://www2m.biglobe.ne.jp/~dolphin/lha/lha-unix.htm mplayer>=1.0rc0<1.0rc4 remote-code-execution http://www.mplayerhq.hu/homepage/design6/news.html xine-lib-1rc[0-2]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 xine-lib-1rc3[ab]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-1 rsync<2.6.1 remote-file-write http://rsync.samba.org/#security_apr04 exim<3.36nb2 remote-code-execution http://www.guninski.com/exim1.html exim>=4<4.30 remote-code-execution http://www.guninski.com/exim1.html exim-exiscan-4.[0-2]* remote-code-execution http://www.guninski.com/exim1.html pine<4.58nb4 local-symlink-race http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=22226 xine-lib-1rc[0-3]* remote-file-write http://www.xinehq.de/index.php/security/XSA-2004-3 global<4.6 remote-exec http://savannah.gnu.org/forum/forum.php?forum_id=2029 opera<7.50 remote-file-write http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities&flashstatus=true lha<114.9nb2 remote-code-execution http://www.securityfocus.com/bid/10243 apache<1.3.31 weak-authentication https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache<1.3.31 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache<1.3.31 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache6<1.3.31 weak-authentication https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache6<1.3.31 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache6<1.3.31 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 kdelibs<3.2.2nb2 remote-file-write http://www.kde.org/info/security/advisory-20040517-1.txt subversion-base<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 subversion-base<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap{2,22}-subversion<1.0.3 denial-of-service http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 ap{2,22}-subversion<1.0.3 remote-code-execution http://subversion.tigris.org/servlets/ReadMsg?list=announce&msgNo=125 neon<0.24.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 cvs-1.11.[0-9] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cvs-1.11.1[0-5] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cadaver<0.22.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 ap-ssl<2.8.18 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 squirrelmail<1.4.3 cross-site-scripting http://www.securityfocus.com/bid/10246/ ethereal<0.10.4 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00014.html apache-2.0.49{,nb1} remote-code-execution http://www.securityfocus.com/bid/10355 roundup<0.7.3 remote-file-read http://cvs.sourceforge.net/viewcvs.py/*checkout*/roundup/roundup/CHANGES.txt?rev=1.533.2.21 cvs-1.11.[0-9] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.[0-9]nb* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.1[0-6]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 subversion-base<1.0.5 denial-of-service http://www.contactor.se/~dast/svn/archive-2004-06/0331.shtml racoon<20040617a weak-authentication http://www.securitytracker.com/alerts/2004/Jun/1010495.html mit-krb5<1.3.4 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-001-an_to_ln.txt imp<3.2.4 cross-site-scripting http://securityfocus.com/bid/10501/info/ gmplayer<1.0rc4nb2 remote-code-execution http://www.open-security.org/advisories/5 ethereal<0.10.5 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00015.html courier-auth<0.45 remote-code-execution http://www.securityfocus.com/bid/9845 courier-imap<3.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 sqwebmail<4.0.0 remote-code-execution http://www.securityfocus.com/bid/9845 ap-ssl<2.8.19 remote-code-execution http://www.mail-archive.com/modssl-users@@modssl.org/msg16853.html ap{2,22}-subversion<1.0.6 weak-acl-enforcement http://www.contactor.se/~dast/svn/archive-2004-07/0814.shtml samba<2.2.10 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html samba>=3<3.0.5 remote-code-execution http://www.samba.org/samba/whatsnew/samba-3.0.5.html ja-samba<2.2.9.1.0nb1 remote-code-execution http://www.samba.org/samba/whatsnew/samba-2.2.10.html acroread5<5.09 arbitrary-code-execution http://kb2.adobe.com/cps/322/322914.html png<1.2.6rc1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-7.3{,nb1} remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng-9.1 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt suse{,32}_libpng<=6.4 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt mozilla{,-gtk2}{,-bin}<1.7.2 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 mozilla{,-gtk2}{,-bin}<1.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 firefox{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 firefox{,-gtk2}{,-bin}<0.9.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 thunderbird{,-gtk2}{,-bin}<0.7.2 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 thunderbird{,-gtk2}{,-bin}<0.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 cfengine-2.0.* remote-code-execution http://www.securityfocus.org/advisories/7045 cfengine-2.1.[0-7] remote-code-execution http://www.securityfocus.org/advisories/7045 spamassassin<2.64 denial-of-service http://marc.theaimsgroup.com/?l=spamassassin-announce&m=109168121628767&w=2 kdelibs<3.2.3nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 kdelibs<3.2.3nb2 local-account-compromise https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 kdelibs<3.2.3nb2 http-frame-spoof https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 kdebase<3.2.3nb1 http-frame-spoof https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 opera<7.54 remote-file-read http://www.greymagic.com/security/advisories/gm008-op/ opera<7.54 www-address-spoof http://secunia.com/advisories/12162/ rsync<2.6.2nb1 remote-file-access http://samba.org/rsync/#security_aug04 lukemftpd-[0-9]* remote-root-access https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc tnftpd<20040810 remote-root-access https://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc demime<1.1d denial-of-service http://scifi.squawk.com/demime.html kdelibs<3.2.3nb2 www-session-fixation http://www.kde.org/info/security/advisory-20040823-1.txt fidogate<4.4.9nb1 local-file-write http://sourceforge.net/tracker/index.php?func=detail&aid=1013726&group_id=10739&atid=310739 qt3-libs<3.3.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=0 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=1 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=2 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=3 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=4 gaim<0.82 remote-code-execution http://gaim.sourceforge.net/security/index.php?id=5 gaim<0.82 denial-of-service http://gaim.sourceforge.net/security/index.php?id=6 zlib<1.2.1nb2 denial-of-service http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html imlib2<1.1.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802 mit-krb5<1.3.4nb2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt mit-krb5<1.3.4nb2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-003-asn1.txt mpg123<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-esound<0.59.18nb2 remote-user-shell http://www.securityfocus.com/archive/1/374433 mpg123-nas<0.59.18nb4 remote-user-shell http://www.securityfocus.com/archive/1/374433 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=29964 apache-2.0.[0-4]* denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 apache-2.0.50 denial-of-service http://issues.apache.org/bugzilla/show_bug.cgi?id=30134 samba-3.0.[0-6]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 samba-3.0.[0-6]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 heimdal<0.6.3 remote-root-access http://www.pdc.kth.se/heimdal/advisory/2004-09-13/ MozillaFirebird{,-gtk2}{,-bin}<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2<0.10 remote-code-execution http://secunia.com/advisories/12526/ firefox-gtk2-bin<0.10 remote-code-execution http://secunia.com/advisories/12526/ mozilla<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-bin<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ mozilla-gtk2<1.7.3 remote-code-execution http://secunia.com/advisories/12526/ thunderbird<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-bin<0.8 remote-code-execution http://secunia.com/advisories/12526/ thunderbird-gtk2<0.8 remote-code-execution http://secunia.com/advisories/12526/ xpm<3.4knb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xpm<3.4knb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 XFree86-libs<4.4.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 XFree86-libs<4.4.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 xorg-libs<6.7.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xorg-libs<6.7.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 openmotif<2.1.30nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 openmotif<2.1.30nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 sudo-1.6.8 local-file-read http://www.sudo.ws/sudo/alerts/sudoedit.html apache-2.0.[0-4]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 gdk-pixbuf<0.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gtk2+<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gdk-pixbuf<0.22 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gtk2+<2.4.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gdk-pixbuf<0.22 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gtk2+<2.4.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gdk-pixbuf<0.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 gtk2+<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 wv<=1.0.0nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 apache-2.0.51 weak-acl-enforcement http://nagoya.apache.org/bugzilla/show_bug.cgi?id=31315 apache-1.3.2[5-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.30* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.31{,nb[1-4]} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache<1.3.33 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 apache6-1.3.2[5-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.30* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.31{,nb[1-4]} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6<1.3.33 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 ImageMagick<6.0.6.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827 ap{2,22}-subversion<1.0.8 metadata-leak http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt squid<2.5.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832 MozillaFirebird{,-gtk2}{,-bin}<0.10.1 local-file-write https://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox<0.10.1 local-file-write https://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-bin<0.10.1 local-file-write https://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2<0.10.1 local-file-write https://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2-bin<0.10.1 local-file-write https://www.mozilla.org/press/mozilla-2004-10-01-02.html gzip-base<1.2.4b remote-code-execution http://www.securityfocus.com/bid/3712 squid<2.5.7 denial-of-service http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities tiff<3.6.1nb4 remote-code-execution http://scary.beasts.org/security/CESA-2004-006.txt tiff<3.6.1nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 tiff<3.6.1nb4 denial-of-service http://securitytracker.com/id?1011674 ap-ssl<2.8.20 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 sox<12.17.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557 ssmtp<2.61 remote-user-access http://lists.debian.org/debian-security-announce-2004/msg00084.html kdegraphics-3.2.* denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt kdegraphics-3.3.{0,0nb1,1} denial-of-service http://www.kde.org/info/security/advisory-20041021-1.txt samba-2.2.[1-9] denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.10 denial-of-service http://us1.samba.org/samba/history/samba-2.2.11.html samba-2.2.[1-9] remote-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 samba-2.2.{10,11} remote-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 ja-samba<2.2.12.0.9.1 remote-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 postgresql-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql73-server-7.3.[1-7]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 postgresql74-server-7.4.[1-5]{,nb*} local-symlink-race http://www.postgresql.org/about/news.234 cabextract<1.1 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0916 mpg123<0.59.18nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-esound<0.59.18nb4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-nas<0.59.18nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 socat<1.4.0.3 privilege-escalation http://www.nosystem.com.ar/advisories/advisory-07.txt ruby-base<1.6.8nb7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0983 gnats<4 privilege-escalation http://www.securityfocus.com/archive/1/326337 mozilla<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ mozilla-bin<1.7.3nb1 local-file-write http://secunia.com/advisories/12956/ mozilla-gtk2<1.7.3nb2 local-file-write http://secunia.com/advisories/12956/ MozillaFirebird{,-gtk2}{,-bin}<1.0 local-file-write http://secunia.com/advisories/12956/ firefox<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-bin<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2<1.0 local-file-write http://secunia.com/advisories/12956/ firefox-gtk2-bin<1.0 local-file-write http://secunia.com/advisories/12956/ thunderbird<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-gtk2<0.8nb1 local-file-write http://secunia.com/advisories/12956/ thunderbird-bin<0.8nb1 local-file-write http://secunia.com/advisories/12956/ sudo<1.6.8pl3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1051 gnats<4.0.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623 freeradius<1.0.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0938 freeradius<1.0.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0960 freeradius<1.0.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0961 samba<2.2.12nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba<2.2.12nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba<2.2.12nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 samba-3.0.[0-6]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba-3.0.[0-7]{,nb*} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba-3.0.[0-9]{,nb*} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 ja-samba-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 ja-samba<2.2.12.0.9.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 ja-samba<2.2.12.0.9.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 squirrelmail<1.4.3anb1 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 ja-squirrelmail<1.4.3anb3 cross-site-scripting http://article.gmane.org/gmane.mail.squirrelmail.user/21169 snownews<1.5 unsafe-umask http://kiza.kcore.de/software/snownews/changes#150 liferea<0.6.2 unsafe-umask http://sourceforge.net/project/shownotes.php?release_id=282434 libxml2<2.6.14 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 libxml<1.8.17nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 sun-{jre,jdk}13<1.0.12nb1 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 xpdf<3.00pl1 remote-code-execution http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml php-curl<4.3.2 local-file-read http://www.securityfocus.com/bid/11557 jabberd-2.0s[23]* remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd-2.0s4 remote-code-execution http://www.securityfocus.com/archive/1/382250 jabberd<1.4.2nb4 denial-of-service http://www.securityfocus.com/archive/1/375955 imlib<1.9.15 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025 imlib<1.9.15nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 kdelibs<3.3.2nb1 plain-text-password-exposure http://www.kde.org/info/security/advisory-20041209-1.txt kdegraphics<3.3.2 denial-of-service http://www.kde.org/info/security/advisory-20041209-2.txt kdelibs<3.3.2nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt kdebase<3.3.2nb1 cross-site-scripting http://www.kde.org/info/security/advisory-20041213-1.txt phpmyadmin>=2.6.0pl2<2.6.1rc1 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2004-4/ phpmyadmin>=2.4<2.6.1rc1 remote-file-read https://www.phpmyadmin.net/security/PMASA-2004-4/ namazu<2.0.14 cross-site-scripting http://www.namazu.org/security.html.en {ap-,}php<4.3.10 remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* remote-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php<4.3.10 local-code-execution http://www.hardened-php.net/advisories/012004.txt {ap-,}php-5.0.2* local-code-execution http://www.hardened-php.net/advisories/012004.txt cyrus-imapd-2.2.[4-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-5]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-7]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[7-8]{,nb*} remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd-2.2.[0-9]{,nb*} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd-2.2.1[0-1]{,nb*} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd<2.1.18 remote-code-execution http://security.e-matters.de/advisories/152004.txt cyrus-imapd<2.1.18 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 ethereal-0.9.* remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html ethereal-0.10.[0-7]{,nb*} remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00016.html tcpdump<3.8.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989 tcpdump<3.8.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057 tcpdump<3.8.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183 tcpdump<3.8.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184 mc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 gmc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 mc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 gmc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 mc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 gmc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 netpbm<9.26 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0924 pwlib<1.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097 leafnode<1.9.48 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2004-01 lbreakout<2.4beta2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0158 ap-python<2.7.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973 logcheck<1.1.1 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0404 zope<2.5.2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0688 flim<1.14.3 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422 gnome-vfs<1.0.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494 cups<1.1.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 openoffice<1.1.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 openoffice-linux<1.1.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 imlib<1.9.15 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817 apache-2.0.51* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0811 mysql-server<3.23.59 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9] privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9]nb* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8] privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8]nb* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01] privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01]nb* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server<3.23.49 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9]nb* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9]nb* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20nb* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server<3.23.49 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9]nb* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9] denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9]nb* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20nb* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 cyrus-sasl<2.1.19 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0884 cups<1.1.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 cups<1.1.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889 cups<1.1.21 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923 apache-2.0.3[5-9] privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.3[5-9]nb* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9] privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9]nb* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2] privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2]nb[1-4] weak-cryptography https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 openmotif<2.1.30nb3 denial-of-service http://www.ics.com/developers/index.php?cont=xpm_security_alert catdoc<0.91.5.2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193 gd<2.0.22 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941 gd<2.0.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0990 ImageMagick<6.1.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981 lesstif<0.93.96 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 lesstif<0.93.96 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 lesstif<0.94.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xorg-libs<6.8.1nb4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 XFree86-libs<4.4.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xpm<3.4nb4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 groff<1.19.1nb2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969 zip<2.3nb3 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1010 openssl<0.9.6mnb2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0975 mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=166&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=167&type=vulnerabilities mplayer<1.0rc5pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=168&type=vulnerabilities cscope<15.4nb4 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0996 acroread5<5.10 remote-code-execution http://www.adobe.com/support/techdocs/331153.html a2ps<4.13.0.2nb5 unsafe-shell-escape https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170 a2ps<4.13.0.2nb7 local-symlink-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377 mc<4.6.1rc2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023 tiff<3.6.1nb6 buffer-overrun http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities xpdf<3.00pl2 remote-code-execution http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities xzgv<0.8.0.1 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994 xine-lib-1rc[2-5]* remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-4 xine-lib<1rc6 remote-code-execution http://www.xinehq.de/index.php/security/XSA-2004-5 gpdf<2.8.1 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 koffice<1.3.5 integer-overflow http://kde.org/areas/koffice/releases/1.3.4-release.php opera<7.54pl1 remote-code-execution http://archives.neohapsis.com/archives/bugtraq/2004-11/0250.html wget<1.9 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 p5-Tk<804.027nb2 remote-code-execution http://scary.beasts.org/security/CESA-2004-001.txt xine-lib<1rc6anb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1187 xine-lib<1rc6anb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1188 {ap-,}php<4.3.9 remote-memory-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0958 {ap-,}php-5.0.[01]* remote-memory-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0958 {ap-,}php<4.3.9 remote-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0959 {ap-,}php-5.0.[01]* remote-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0959 {ap-,}php<4.3.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065 {ap-,}php-5.0.[012]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065 {ap-,}php<4.3.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019 {ap-,}php-5.0.[012]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019 kdelibs<3.3.2 remote-code-execution http://www.kde.org/info/security/advisory-20041220-1.txt kdegraphics<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20041223-1.txt mit-krb5<1.3.6 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-004-pwhist.txt snort-2.1.[3-9]* denial-of-service http://www.webservertalk.com/message416634.html snort-mysql-2.1.[3-9]* denial-of-service http://www.webservertalk.com/message416634.html snort-pgsql-2.1.[3-9]* denial-of-service http://www.webservertalk.com/message416634.html snort-2.2.0 denial-of-service http://www.webservertalk.com/message416634.html snort-mysql-2.2.0 denial-of-service http://www.webservertalk.com/message416634.html snort-pgsql-2.2.0 denial-of-service http://www.webservertalk.com/message416634.html tcpdump<0.21 privilege-escalation http://www.atstake.com/research/advisories/2003/a080703-2.txt asp2php-[0-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1261 chbg<=1.5 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/chbg.txt xlreader<0.9.0nb1 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/xlreader.txt cups<1.1.23rc1 denial-of-service http://www.cups.org/str.php?L1023 cups<1.1.23rc1 remote-code-execution http://www.cups.org/str.php?L1024 mozilla<1.7.5 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt mozilla-bin<1.7.5 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt mozilla-gtk2<1.7.5 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt thunderbird<1.0 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt thunderbird-bin<1.0 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt thunderbird-gtk2<1.0 remote-code-execution http://isec.pl/vulnerabilities/isec-0020-mozilla.txt cups<1.1.23 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 perl{,-thread}<5.6.2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452 perl{,-thread}-5.6.[0-9]* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 perl{,-thread}-5.8.[0-4]{,nb*}* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452 perl{,-thread}-5.8.[0-4]{,nb*}* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 perl{,-thread}-5.8.5{,nb[123456]} local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976 perl{,-thread}-5.8.6 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976 kdelibs<3.3.2nb6 remote-code-execution http://www.kde.org/info/security/advisory-20050101-1.txt xine-lib<1rc6anb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300 xine-lib-1rc8{,nb1} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300 nasm<0.98.39 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1287 bugzilla<2.18rc3nb1 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=272620 exim<3.36nb7 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html exim>=4<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html exim-exiscan<4.43nb2 remote-code-execution http://www.exim.org/mail-archives/exim-announce/2005/msg00000.html vim<6.3.045 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk<6.3.045 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk2<6.3.045 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-kde<6.3.045 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-motif<6.3.045 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-xaw<6.3.045 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 pcal<4.7nb1 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1289 tnftp<20050103 remote-code-execution http://tigger.uic.edu/~jlongs2/holes/tnftp.txt napshare<1.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1286 yamt<0.5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1302 cups-1.1.2[12]* denial-of-service http://www.cups.org/str.php?L1042+P0+S-1+C0+I0+E0+Q1042 dillo<0.8.3nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0012 tiff<3.6.1nb6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 mpg123<0.59.18nb7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-esound<0.59.18nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-nas<0.59.18nb6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123<0.59.18nb7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-esound<0.59.18nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-nas<0.59.18nb6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 hylafax<4.2.1 weak-acl-enforcement http://www.hylafax.org/4.2.1.html teTeX-bin<2.0.2nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 teTeX-bin<2.0.2nb4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 awstats<6.3 local-code-execution http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities ImageMagick<6.1.8.8 remote-code-execution http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities xpdf<3.00pl3 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities cups<1.1.23nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities kdegraphics<3.3.2nb3 remote-code-execution http://www.kde.org/info/security/advisory-20050119-1.txt mysql-client<3.23.58nb3 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.[0-9]{,nb*} local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.1[0-9]* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.2[0-2]* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.23 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.[0-8]{,nb*} local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.9 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 ethereal<0.10.9 denial-of-service http://ethereal.com/appnotes/enpa-sa-00017.html ethereal<0.10.9 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00017.html koffice<1.3.5nb4 remote-code-execution http://www.kde.org/info/security/advisory-20050120-1.txt squid<2.5.7nb5 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_1.txt squid<2.5.7nb6 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094 squid<2.5.7nb7 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2005_2.txt squid<2.5.7nb8 denial-of-service http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting unarj<2.65nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947 unarj<2.65nb1 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027 suse{,32}_libtiff<9.1nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 suse{,32}_x11<9.1nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 suse{,32}_gtk2<9.1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 suse{,32}_gtk2<9.1nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 suse{,32}_gtk2<9.1nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 suse{,32}_gtk2<9.1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 webmin<1.160 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0559 teTeX-bin<2.0.2nb5 remote-code-execution http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities sun-{jre,jdk}14<2.6 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 sun-{jre,jdk}13<1.0.13 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 evolution12<1.2.4nb4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution14<1.4.6nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution<2.0.3nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 enscript<1.6.3nb1 remote-code-execution http://www.securityfocus.org/advisories/7879 bind-8.4.[4-5]{,nb*} denial-of-service http://www.kb.cert.org/vuls/id/327633 bind-9.3.0 denial-of-service http://www.kb.cert.org/vuls/id/938617 squid<2.5.7nb9 cache-poisoning http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting p5-DBI<1.46nb2 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077 f2c<20001205nb8 local-file-write http://www.debian.org/security/2005/dsa-661 squid<2.5.7nb10 buffer-overrun http://www.squid-cache.org/Advisories/SQUID-2005_3.txt zope25-Silva<0.9.2.8 privilege-escalation http://mail.zope.org/pipermail/zope-announce/2005-February/001653.html postgresql-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql73-server-7.3.[1-8]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql74-server-7.4.[1-6]{,nb*} privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php postgresql80-server-8.0.0* privilege-escalation http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} local-root-exploit https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155 perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156 gpdf<2.8.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 gpdf<2.8.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 python22<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python22-pth<2.2.3nb5 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-pth<2.3.4nb7 remote-code-execution http://www.python.org/security/PSF-2005-001/ python23-nth<2.3.4nb2 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ python24-pth<2.4nb4 remote-code-execution http://www.python.org/security/PSF-2005-001/ py{15,20,21,22,23,24,25,26,27,31}-xmlrpc<=0.9.8 remote-code-execution http://www.python.org/security/PSF-2005-001/ opera<7.54pl2 remote-code-execution http://secunia.com/advisories/13818/ opera<=7.54pl2 www-address-spoof http://secunia.com/advisories/14154/ firefox{,-bin,-gtk2,-gtk2-bin}<=1.0 www-address-spoof http://secunia.com/advisories/14163/ mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5 www-address-spoof http://secunia.com/advisories/14163/ kdebase<=3.3.2nb1 www-address-spoof http://secunia.com/advisories/14162/ apache-2.0.5[0-2]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 fprot-workstation-bin<4.5.3 local-code-execution http://www.f-secure.com/security/fsc-2005-1.shtml mailman<2.1.4nb3 remote-file-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202 awstats<=6.3nb3 denial-of-service http://www.securityfocus.com/archive/1/390368 awstats<=6.3nb3 remote-code-execution http://www.securityfocus.com/archive/1/390368 sympa<=4.1.2nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0073 bidwatcher<1.3.17 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0158 kdeedu<=3.3.2 privilege-escalation http://www.kde.org/info/security/advisory-20050215-1.txt emacs-21.[0-2]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3nb[0-6] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.[0-2]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3nb[0-1] remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs<20.7nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs<21.4.17 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs-nox11<21.4.17 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xview-lib<3.2.1nb4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0076 clamav<0.82 denial-of-service http://www.securityfocus.com/bid/12408?ref=rss phpmyadmin<2.6.1pl1 cross-site-scripting http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408 phpmyadmin<2.6.1pl1 privacy-leak http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408 curl<7.12.2nb1 remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities curl-7.1{2.3,2.3nb1,3.0} remote-code-execution http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=7 gaim<1.0.2 denial-of-service http://gaim.sourceforge.net/security/index.php?id=8 gaim<1.0.2 buffer-overrun http://gaim.sourceforge.net/security/index.php?id=9 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=10 gaim<1.1.3 denial-of-service http://gaim.sourceforge.net/security/index.php?id=11 gaim<1.1.4 denial-of-service http://gaim.sourceforge.net/security/index.php?id=12 unzip<5.52 privilege-escalation http://www.securityfocus.com/archive/1/391677 kdebase<3.3.2 command-injection http://www.kde.org/info/security/advisory-20050101-1.txt kdebase<3.0.5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0078 squid<2.5.8nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-20 squirrelmail-1.2.6* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 ja-squirrelmail-1.2.6* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 gcpio<2.5nb1 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572 squid<2.5.8 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0173 squid<2.5.8 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2479 squid<2.5.7nb4 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194 squid<2.5.7nb12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718 php<3.0.19 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 php<3.0.19 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 mailman<2.1.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177 ap-python<2.7.9 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088 squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 ja-squirrelmail<1.4.4 cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-19 squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 ja-squirrelmail-1.4.3* cross-site-scripting http://www.squirrelmail.org/security/issue/2005-01-14 mailman<2.1.5 weak-password-generator https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1143 htdig<3.1.6nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0085 postgresql-lib<7.3.9 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql73-lib<7.3.9 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql74-lib<7.4.7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql80-lib<8.0.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 # intagg not installed #postgresql73-lib-7.3.[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql74-lib-7.4.[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql80-lib-8.0.[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 postgresql-lib-7.3.[0-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql73-lib<7.3.9nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql74-lib<7.4.7nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql80-lib<8.0.1nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 gftp<2.0.18 remote-file-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 gftp-gtk1<2.0.18 remote-file-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 vim-share<6.3.046 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069 imap-uw<2004b remote-user-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0198 unace<1.2.2nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0160 unace<1.2.2nb1 no-path-validation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0161 wu-ftpd<2.6.2nb3 denial-of-service http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities cups<1.1.23nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206 ImageMagick<6.2.0.3 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 cyrus-sasl<2.1.19 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0373 kdenetwork<=3.1.5 local-domain-spoofing http://www.kde.org/info/security/advisory-20050228-1.txt realplayer<10.6 remote-code-execution http://service.real.com/help/faq/security/050224_player RealPlayerGold<10.0.2 remote-code-execution http://service.real.com/help/faq/security/050224_player firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 window-injection-spoofing https://www.mozilla.org/security/announce/mfsa2005-13.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 ssl-icon-spoofing https://www.mozilla.org/security/announce/mfsa2005-14.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 heap-overflow https://www.mozilla.org/security/announce/mfsa2005-15.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 dialog-spoofing https://www.mozilla.org/security/announce/mfsa2005-16.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 source-spoofing https://www.mozilla.org/security/announce/mfsa2005-17.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-18.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 data-leak https://www.mozilla.org/security/announce/mfsa2005-19.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 possible-data-leak https://www.mozilla.org/security/announce/mfsa2005-20.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 download-source-spoofing https://www.mozilla.org/security/announce/mfsa2005-23.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 cross-site-scripting https://www.mozilla.org/security/announce/mfsa2005-26.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-27.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 local-file-delete https://www.mozilla.org/security/announce/mfsa2005-28.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 domain-name-spoofing https://www.mozilla.org/security/announce/mfsa2005-29.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 window-injection-spoofing https://www.mozilla.org/security/announce/mfsa2005-13.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 ssl-icon-spoofing https://www.mozilla.org/security/announce/mfsa2005-14.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 heap-overflow https://www.mozilla.org/security/announce/mfsa2005-15.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 source-spoofing https://www.mozilla.org/security/announce/mfsa2005-17.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-18.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 possible-data-leak https://www.mozilla.org/security/announce/mfsa2005-20.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 cross-site-scripting https://www.mozilla.org/security/announce/mfsa2005-26.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-27.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 local-file-delete https://www.mozilla.org/security/announce/mfsa2005-28.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 domain-name-spoofing https://www.mozilla.org/security/announce/mfsa2005-29.html thunderbird{,-bin,-gtk2}<1.0.1 source-spoofing https://www.mozilla.org/security/announce/mfsa2005-17.html thunderbird{,-bin,-gtk2}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-18.html sylpheed<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-claws<1.0.3 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24250 ethereal<0.10.10 remote-code-execution http://ethereal.com/appnotes/enpa-sa-00018.html xpm<3.4knb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 openmotif<2.1.30nb4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 lesstif<0.94.0nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 libexif<0.6.11nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664 putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html putty<0.57 remote-code-execution http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html mysql-server<4.0.24 remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server<4.0.24 remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server<4.0.24 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.[0-9]{nb*,} local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.10{nb*,} remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.10{nb*,} remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.10{nb*,} local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 kdelibs<3.3.2nb8 denial-of-service http://www.kde.org/info/security/advisory-20050316-1.txt kdelibs<3.3.2nb8 domain-name-spoofing http://www.kde.org/info/security/advisory-20050316-2.txt kdelibs<3.3.2nb8 local-file-write http://www.kde.org/info/security/advisory-20050316-3.txt sun-{jre,jdk}14<2.7 remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57740-1 xli<1.17.0nb2 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638 xli<1.17.0nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639 xli<1.17.0nb4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wine>20000000<20050419 insecure-temp-file http://www.securityfocus.com/archive/1/393150/2005-03-14/2005-03-20/0 ImageMagick<6.1.8 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 ImageMagick<6.0 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 ImageMagick<6.0 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 ImageMagick<6.1.8 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 ImageMagick<6.0 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762 ipsec-tools<0.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-30.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-31.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-32.html sylpheed<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-claws<1.0.4 buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 sylpheed-gtk2-[01].* buffer-overflow http://www.tmtm.org/cgi-bin/w3ml/sylpheed/msg/24429 gnupg<1.4.1 information-leak http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000191.html mit-krb5<1.4nb1 remote-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt {g,}mc<4.5.56 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 {g,}mc<4.5.56 remote-unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004 {g,}mc<4.5.56 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1009 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1090 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1091 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1092 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1093 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1174 {g,}mc<4.5.56 remote-unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1175 {g,}mc<4.5.56 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176 horde-3.0.[0-3]* cross-site-scripting http://secunia.com/advisories/14730/ gsharutils<4.2.1nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1772 gsharutils<4.2.1nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1773 squid<2.5.9nb1 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626 gtk2+<2.6.4nb1 denial-of-service http://secunia.com/advisories/14775/ gdk-pixbuf<0.22.0nb5 denial-of-service http://secunia.com/advisories/14776/ phpmyadmin<2.6.2rc1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-3 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=13 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=14 gaim<1.2.1 denial-of-service http://gaim.sourceforge.net/security/?id=15 xorg-libs<6.8.2nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 XFree86-libs<=4.5.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 {ap-,}php<4.3.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php<4.3.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 {ap-,}php-5.0.[0123]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php-5.0.[0123]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 netscape7-[0-9]* privacy-leak http://secunia.com/advisories/14804/ netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/14996/ gsharutils<4.2.1nb6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0990 mysql-server<3.23.59 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957 sun-{jre,jdk}15-* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}14-* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 kdelibs-3.4.0{,nb1,nb2} buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 kdelibs<3.3.2nb10 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 gnome-vfs2-cdda-2.10.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2<2.6.0nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2-cdda<2.8.4nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs<1.0.5nb8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 libcdaudio<0.99.12nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gld<1.5 remote-code-execution http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0005.html pine<4.62nb2 local-file-write http://secunia.com/advisories/14899/ openoffice<1.1.4nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-linux<1.1.5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-bin<1.1.4nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 postgrey<1.21 denial-of-service http://secunia.com/advisories/14958/ php-exif<4.3.11 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042 php-exif<4.3.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043 cvs<1.11.20 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753 realplayer<10.6 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html RealPlayerGold<10.0.4 remote-code-execution http://www.service.real.com/help/faq/security/security041905.html heimdal<0.6.4 remote-code-execution http://www.pdc.kth.se/heimdal/advisory/2005-04-20/ mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 mplayer<1.0rc6nb2 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 gmplayer<1.0rc6nb3 remote-code-execution http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 quanta-3.1.* remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev<3.3.2nb1 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt kdewebdev-3.4.0 remote-code-execution http://www.kde.org/info/security/advisory-20050420-1.txt firefox{-bin,-gtk2,-gtk2-bin}<1.0.3 privacy-leak https://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-gtk1}<1.0.2nb1 privacy-leak https://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-34.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-35.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-35.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting https://www.mozilla.org/security/announce/mfsa2005-36.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting https://www.mozilla.org/security/announce/mfsa2005-36.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-37.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-37.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting https://www.mozilla.org/security/announce/mfsa2005-38.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting https://www.mozilla.org/security/announce/mfsa2005-38.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-39.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 missing-argument-check https://www.mozilla.org/security/announce/mfsa2005-40.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 missing-argument-check https://www.mozilla.org/security/announce/mfsa2005-40.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-41.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-41.html gzip-base<1.2.4anb1 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228 gzip-base<1.2.4anb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 xine-lib<1.0nb2 remote-code-execution http://xinehq.de/index.php/security/XSA-2004-8 imp<3.2.8 cross-site-scripting http://secunia.com/advisories/15077/ lsh<1.4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0826 lsh<1.4.3nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0814 ImageMagick<6.2.2 heap-overflow http://www.overflow.pl/adv/imheapoverflow.txt netscape7-[0-9]* remote-code-execution http://secunia.com/advisories/15103/ ethereal<0.10.10nb1 denial-of-service http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2005-04/0447.html tcpdump-3.9.[0-1]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump-3.9.[0-1]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 tcpdump<3.8.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump<3.8.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 sqwebmail-[0-9]* cross-site-scripting http://secunia.com/advisories/15119/ php-curl<4.3.11 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392 horde<2.2.8 cross-site-scripting http://secunia.com/advisories/14730/ netscape7-[0-9]* remote-code-execution http://www.networksecurity.fi/advisories/netscape-dom.html netscape7-[0-9]* authentication-spoofing http://secunia.com/advisories/15267/ p5-Convert-UUlib<1.05 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1349 gnutls<1.2.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1431 kdewebdev<3.3.2nb2 remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt kdewebdev-3.4.0{,nb1} remote-code-execution http://www.kde.org/info/security/advisory-20050504-1.txt nasm<0.98.39nb1 remote-code-execution https://bugzilla.redhat.com/beta/show_bug.cgi?id=152963 leafnode<1.11.2 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-01.txt ethereal<0.10.11 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00019.html ethereal<0.10.11 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00019.html gaim<1.3.0 buffer-overflow http://gaim.sourceforge.net/security/index.php?id=16 gaim<1.3.0 denial-of-service http://gaim.sourceforge.net/security/index.php?id=17 squid<2.5.9nb11 domain-name-spoofing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-42.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-43.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-44.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-42.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-43.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 privilege-escalation https://www.mozilla.org/security/announce/mfsa2005-44.html tiff<3.7.2nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1544 bugzilla<2.18.1 information-leak http://www.bugzilla.org/security/2.16.8/ libexif<0.6.12nb1 denial-of-service http://secunia.com/advisories/15259/ maradns<1.0.27 weak-rng-source http://www.maradns.org/download/patches/maradns-1.0.26-rekey_rng.patch p5-Net-SSLeay<1.25 file-permissions http://secunia.com/advisories/15207/ evolution<2.0.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806 postgresql-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql73-server<7.3.10 privilege-escalation http://www.postgresql.org/about/news.322 postgresql74-server<7.4.8 privilege-escalation http://www.postgresql.org/about/news.322 postgresql80-server<8.0.3 privilege-escalation http://www.postgresql.org/about/news.322 freeradius<=1.0.2nb1 remote-code-execution http://www.securityfocus.com/bid/13540/ freeradius<=1.0.2nb1 buffer-overflow http://www.securityfocus.com/bid/13541/ mysql-server>=4.1.0<4.1.12 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1636 ImageMagick<6.2.2.3 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-200505-16.xml netscape7-[0-9]* cross-site-scripting http://secunia.com/advisories/15437/ gxine<0.4.5 remote-code-execution http://secunia.com/advisories/15451/ net-snmp<5.1.2nb4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 net-snmp-5.2.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 gedit<2.10.3 remote-code-execution http://secunia.com/advisories/15454/ squid<2.5.9nb2 weak-acl-enforcement https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345 qpopper<4.0.6 privilege-escalation http://secunia.com/advisories/15475/ bzip2<1.0.3 denial-of-service http://scary.beasts.org/security/CESA-2005-002.txt openslp<1.2.1 remote-code-execution http://www.securityfocus.com/advisories/8224 mhonarc<2.6.11 cross-site-scripting https://savannah.nongnu.org/bugs/index.php?func=detailitem&item_id=12930 clamav<0.84 osx-privilege-escalation http://www.sentinelchicken.com/advisories/clamav/ ettercap-0.7.2 remote-code-execution http://secunia.com/advisories/15535/ qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 gdb>6<6.2.1nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb<5.3nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb>6<6.2.1nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 gdb<5.3nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 binutils<2.16.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704 kdbg<1.2.9 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0644 mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 http-frame-spoof http://secunia.com/advisories/15601/ mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.10 dialog-spoofing http://secunia.com/advisories/15489/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 http-frame-spoof http://secunia.com/advisories/15601/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 dialog-spoofing http://secunia.com/advisories/15489/ leafnode<1.11.3 denial-of-service http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt xmysqladmin-[0-9]* remote-shell http://www.zataz.net/adviso/xmysqladmin-05292005.txt dbus<0.23.1 local-session-hijacking http://secunia.com/advisories/14119/ gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=18 gaim<1.3.1 denial-of-service http://gaim.sourceforge.net/security/index.php?id=19 libextractor<0.3.11nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 libextractor<0.4.2 remote-code-execution http://secunia.com/advisories/15651/ tcpdump<3.8.3nb2 denial-of-service http://secunia.com/advisories/15634/ mikmod<3.1.7 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0427 postfix<2.1.5nb5 linux-unauthorised-mail-relaying http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0337 squirrelmail<1.4.4nb1 remote-code-execution http://www.squirrelmail.org/security/issue/2005-06-15 opera<8.01 cross-site-scripting http://secunia.com/advisories/15423/ opera<8.01 remote-security-bypass http://secunia.com/secunia_research/2005-4/advisory/ opera<8.01 cross-site-scripting http://secunia.com/secunia_research/2005-5/advisory/ opera<8.01 dialog-spoofing http://secunia.com/advisories/15488/ sun-{jdk,jre}15<5.0.2 remote-user-access http://secunia.com/advisories/15671/ acroread7<7.0.1 remote-information-exposure http://www.adobe.com/support/techdocs/331710.html acroread7<7.0.1 buffer-overflow http://www.adobe.com/support/techdocs/321644.html p5-razor-agents<2.72 denial-of-service http://secunia.com/advisories/15739/ spamassassin<3.0.4 denial-of-service http://secunia.com/advisories/15704/ heimdal<0.6.5 buffer-overflow http://www.pdc.kth.se/heimdal/advisory/2005-06-20/ trac<0.8.4 remote-code-execution http://secunia.com/advisories/15752/ sudo<1.6.8pl9 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1993 gcpio<2.6nb1 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111 gcpio<2.6nb1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229 tor<0.0.9.10 information-leak http://archives.seul.org/or/announce/Jun-2005/msg00001.html ruby18-base<1.8.2nb2 remote-security-bypass http://secunia.com/advisories/15767/ ruby1{6,8}-xmlrpc4r<1.7.16nb2 remote-security-bypass http://secunia.com/advisories/15767/ asterisk<1.0.8 remote-code-execution http://www.bindshell.net/voip/advisory-05-013.txt p5-CGI<2.94 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* access-validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323 realplayer-[0-9]* remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ RealPlayerGold<10.0.5 remote-code-execution http://service.real.com/help/faq/security/050623_player/EN/ clamav<0.86.1 denial-of-service http://secunia.com/advisories/15811/ clamav<0.86 denial-of-service http://secunia.com/advisories/15835/ clamav<0.86 denial-of-service http://secunia.com/advisories/15859/ dillo<0.8.5 remote-code-execution http://www.dillo.org/ChangeLog.html p5-Net-Server<0.88 denial-of-service http://www.derkeiler.com/Mailing-Lists/Securiteam/2005-04/0147.html zlib<1.2.2nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 net-snmp<5.2.1.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177 bugzilla<2.18.2 information-leak http://www.bugzilla.org/security/2.18.1/ unalz<0.40 buffer-overflow http://www.kipple.pe.kr/win/unalz/ mit-krb5<1.4.2 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt mit-krb5<1.4.2 remote-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt squirrelmail<1.4.5 remote-file-write http://www.squirrelmail.org/security/issue/2005-07-13 polsms<2.0.2 privilege-escalation http://secunia.com/advisories/16038/ elmo<1.3.2 local-file-write http://secunia.com/advisories/15977/ audit-packages<1.35 no-vulnerability-but-missing-file-format-check-support http://mail-index.netbsd.org/pkgsrc-changes/2005/06/07/0036.html centericq<=4.20.0 local-file-write http://secunia.com/advisories/15913/ phppgadmin<3.5.4 remote-information-exposure http://secunia.com/advisories/15941/ cups<1.1.21rc1 acl-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 cross-site-scripting http://secunia.com/advisories/15549/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.5 multiple-vulnerabilities http://secunia.com/advisories/16043/ ekg<1.6nb2 local-symlink-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916 ekg<1.6nb2 insecure-temp-files http://www.debian.org/security/2005/dsa-760 ekg<1.6nb2 shell-command-injection http://www.debian.org/security/2005/dsa-760 kdebase-3.[2-3].[0-9]{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt kdebase-3.4.0{,nb*} local-information-exposure http://www.kde.org/info/security/advisory-20050718-1.txt php<4.3.11nb1 remote-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php<4.3.11nb1 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html fetchmail<6.2.5nb5 remote-user-shell http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt kdenetwork-3.3.* remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt kdenetwork-3.4.{0,0nb*,1} remote-code-execution http://www.kde.org/info/security/advisory-20050721-1.txt rsnapshot<1.1.7 privilege-escalation http://www.rsnapshot.org/security/2005/001.html zlib<1.2.3 denial-of-service http://secunia.com/advisories/16137/ clamav<0.86.2 denial-of-service http://secunia.com/advisories/16180/ clamav<0.86.2 buffer-overflow http://secunia.com/advisories/16180/ vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<6.3.082 local-code-execution http://secunia.com/advisories/16206/ vim<6.3.082 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368 ethereal<0.10.12 denial-of-service http://www.ethereal.com/appnotes/enpa-sa-00020.html ethereal<0.10.12 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00020.html p5-Compress-Zlib<1.35 denial-of-service http://secunia.com/advisories/16137/ unzip<5.52nb2 local-symlink-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 rsync<2.6.6 null-pointer-dereference http://lists.samba.org/archive/rsync-announce/2005/000032.html msf<2.4nb2 remote-security-bypass http://secunia.com/advisories/16318/ proftpd<1.2.10nb4 format-string http://secunia.com/advisories/16181/ jabberd-2.0s[2-8]{,nb*} buffer-overflows http://secunia.com/advisories/16291/ gopher<3.0.8 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1853 gaim<1.4.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370 kadu<0.4.1 denial-of-service http://secunia.com/advisories/16238/ opera<8.02 dialog-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2405 opera<8.02 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2406 suse{,32}_base<9.1nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 suse{,32}_base<9.1nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 netpbm<10.28 local-code-execution http://secunia.com/advisories/16184/ acroread5<5.0.11 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625 acroread5<5.0.11 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841 apache-2.0.[0-4][0-9]* cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.5[0-3]* cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.54{,nb[12]} cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 awstats<6.4nb1 remote-command-execution http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities inkscape<0.42 insecure-temp-files http://secunia.com/advisories/16343/ mysql-server<4.0.25 local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server<4.0.25 buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} local-code-execution http://www.appsecinc.com/resources/alerts/mysql/2005-001.html mysql-server-4.1.{0,1,2,3,4,5,6,7,8,9,10,11,12}{,nb*} buffer-overflow http://www.appsecinc.com/resources/alerts/mysql/2005-002.html xpdf<3.00pl3nb1 denial-of-service http://secunia.com/advisories/16374/ kdegraphics-3.3.[0-9]{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.0{,nb*} denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt kdegraphics-3.4.1 denial-of-service http://www.kde.org/info/security/advisory-20050809-1.txt gaim<1.4.0nb2 denial-of-service http://secunia.com/advisories/16379/ gaim<1.4.0nb2 remote-command-execution http://secunia.com/advisories/16379/ cups<1.1.23nb3 denial-of-service http://secunia.com/advisories/16380/ wine>20000000<20050524nb1 insecure-temp-files http://secunia.com/advisories/16352/ wine-20050725 insecure-temp-files http://secunia.com/advisories/16352/ xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1725 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1726 xv<3.10anb10 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0665 kdeedu-3.[0-3].* privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt kdeedu-3.4.{0*,1,2} privilege-escalation http://www.kde.org/info/security/advisory-20050815-1.txt thunderbird{,-bin,-gtk1}<1.0.5 disabled-scripting-bypass https://www.mozilla.org/security/announce/mfsa2005-46.html netscape7-7.2{,nb*} cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 cross-site-scripting http://secunia.com/advisories/15553/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16185/ netscape7-7.2{,nb*} arbitrary-code-execution http://secunia.com/advisories/16044/ netscape8<8.0.3.3 arbitrary-code-execution http://secunia.com/advisories/16044/ netscape7-7.2{,nb*} local-security-bypass http://secunia.com/advisories/16044/ netscape8<8.0.3.3 local-security-bypass http://secunia.com/advisories/16044/ centericq<4.20.0nb2 denial-of-service http://secunia.com/advisories/16240/ centericq<4.20.0nb2 shell-command-injection http://secunia.com/advisories/16240/ evolution<2.2.2nb2 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html evolution-2.2.3 arbitrary-code-execution http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html gpdf-2.10.0 denial-of-service http://secunia.com/advisories/16400/ mantis<0.19.2 cross-site-scripting http://secunia.com/advisories/16506/ mantis<0.19.2 sql-injection http://secunia.com/advisories/16506/ elm<2.5.8 remote-user-shell http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-08/0692.html pcre<6.2 arbitrary-code-execution http://secunia.com/advisories/16502/ mplayer<1.0rc7nb2 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt gmplayer<1.0rc7nb1 remote-code-execution http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt tor<0.1.0.14 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2643 cvs<1.11.20nb2 local-privilege-escalation http://secunia.com/advisories/16553/ apache-2.0.[1-4][0-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.5[0-3]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.54{,nb[123]} remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 pam-ldap-169{,nb*} authentication-bypass http://secunia.com/advisories/16518/ pam-ldap-17[0-9]{,nb*} authentication-bypass http://secunia.com/advisories/16518/ gnats<4.1.0nb1 local-file-write http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180 apache-2.0.[1-4][0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.5[0-3]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.54{,nb[123]} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 phpmyadmin<2.6.4rc1 cross-site-scripting http://secunia.com/advisories/16605/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16539/ sqwebmail<5.0.4nb1 cross-site-scripting http://secunia.com/advisories/16600/ ntp<4.2.0nb7 listener-permissions http://secunia.com/advisories/16602/ phpldapadmin<0.9.6cnb4 authentication-bypass http://secunia.com/advisories/16611/ gopher<3.0.11 buffer-overflow http://secunia.com/advisories/16614/ phpldapadmin<0.9.6cnb4 remote-code-execution http://secunia.com/advisories/16617/ php-5.0.[0-3]{,nb*} remote-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.[0-3]{,nb*} remote-command-execution http://www.hardened-php.net/advisory_142005.66.html php-5.0.4 remote-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 php-5.0.4 remote-command-execution http://www.hardened-php.net/advisory_142005.66.html gnumeric<1.2.13nb3 arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.[0-2]{,nb*} arbitrary-code-execution http://secunia.com/advisories/16584/ gnumeric-1.4.3 arbitrary-code-execution http://secunia.com/advisories/16584/ apache-2.0.[1-4][0-9]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.5[0-3]* weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 apache-2.0.54{,nb[1234]} weak-authentication http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 ap-ssl<2.8.24 weak-authentication https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 nikto<1.35nb1 cross-site-scripting http://secunia.com/advisories/16669/ kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.[23].* local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.[01]{,nb*} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt kdebase-3.4.2{,nb1} local-privilege-escalation http://www.kde.org/info/security/advisory-20050905-1.txt squid<2.5.10nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2794 squid<2.5.10nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2796 gg2<2.2.8 denial-of-service http://secunia.com/advisories/16241/ gg2<2.2.8 remote-command-execution http://secunia.com/advisories/16241/ openttd<0.4.0.1nb1 denial-of-service http://secunia.com/advisories/16696/ openttd<0.4.0.1nb1 remote-command-execution http://secunia.com/advisories/16696/ freeradius<1.0.5 sql-injection http://www.freeradius.org/security.html freeradius<1.0.5 denial-of-service http://www.freeradius.org/security.html gcvs<1.0nb2 local-privilege-escalation http://secunia.com/advisories/16553/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ netscape7-[0-9]* remote-command-execution http://secunia.com/advisories/16766/ sqwebmail<5.0.4nb2 cross-site-scripting http://secunia.com/advisories/16704/ silc-server<1.0nb1 local-privilege-escalation http://secunia.com/advisories/16659/ chmlib<0.36 remote-command-execution http://morte.jedrea.com/~jedwin/projects/chmlib/ chmlib<0.36 buffer-overflow http://morte.jedrea.com/~jedwin/projects/chmlib/ snort<2.4.0nb1 denial-of-service http://marc.theaimsgroup.com/?l=vuln-dev&m=112655297606335&w=2 xchat<2.4.5 unspecified http://www.xchat.org/ imake>=3<4.4.0nb2 insecure-temp-files https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc xorg-imake<6.8.2nb2 insecure-temp-files https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc clamav<0.87 buffer-overflow http://secunia.com/advisories/16848/ clamav<0.87 denial-of-service http://secunia.com/advisories/16848/ gtexinfo<4.8nb1 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 rdiff-backup<1.0.1 information-disclosure http://secunia.com/advisories/16774/ arc<5.21enb2 insecure-temp-files http://www.zataz.net/adviso/arc-09052005.txt zebedee<2.5.3 denial-of-service http://sourceforge.net/mailarchive/forum.php?thread_id=8134987&forum_id=2055 openssh<4.2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798 python24<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python24-pth<2.4.1 buffer-overflow http://secunia.com/advisories/16793/ python23<2.3.5nb3 buffer-overflow http://secunia.com/advisories/16793/ python23-pth<2.3.5nb1 buffer-overflow http://secunia.com/advisories/16793/ python23-nth<2.3.5nb2 buffer-overflow http://secunia.com/advisories/16793/ python22<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ python22-pth<2.2.3nb6 buffer-overflow http://secunia.com/advisories/16793/ xorg-libs<6.8.2nb2 buffer-overflow http://secunia.com/advisories/16790/ XFree86-libs<4.4.0nb4 buffer-overflow http://secunia.com/advisories/16777/ mit-krb5<1.8.3 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488 pam-ldap<180 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 nss_ldap<240 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 opera<8.50 cross-site-scripting http://secunia.com/advisories/16645/ opera<8.50 file-spoofing http://secunia.com/advisories/16645/ bacula<1.36.3nb1 insecure-temp-files http://secunia.com/advisories/16866/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.frsirt.com/english/advisories/2005/1794 ruby16-base<1.6.8nb2 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html ruby18-base<1.8.2nb4 access-validation-bypass http://jvn.jp/jp/JVN%2362914675/index.html hylafax<4.2.1nb1 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3069 hylafax<4.2.1nb1 insecure-socket https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3070 p7zip<4.27 remote-code-execution http://secunia.com/advisories/16664/ firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution https://www.mozilla.org/security/announce/mfsa200 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-code-execution https://www.mozilla.org/security/announce/mfsa2005-58.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution https://www.mozilla.org/security/announce/mfsa2005-57.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution https://www.mozilla.org/security/announce/mfsa2005-58.html #poppassd-4.[0-9]* local-privilege-escalation http://secunia.com/advisories/16935/ abiword<2.2.10 buffer-overflow http://www.abisource.com/changelogs/2.2.10.phtml eric3<3.7.2 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3068 {ap-,}php<4.4.0nb1 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3054 realplayer<10.0.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 RealPlayerGold<10.0.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 uim<0.4.9.1 privilege-escalation http://lists.freedesktop.org/archives/uim/2005-September/001346.html netscape7-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/16944/ thunderbird{,-bin,-gtk1}<1.0.7 multiple-vulnerabilities https://www.mozilla.org/security/announce/mfsa2005-58.html thunderbird{,-bin,-gtk1}<1.0.7 remote-command-execution https://www.mozilla.org/security/announce/mfsa2005-57.html squid<2.5.10nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917 mpeg_encode<1.5bnb3 privilege-escalation http://secunia.com/advisories/17008/ weex<2.6.1nb1 local-code-execution http://secunia.com/advisories/17028/ apachetop<0.12.5nb1 insecure-temp-files http://www.zataz.net/adviso/apachetop-09022005.txt blender<2.37anb2 local-code-execution http://secunia.com/advisories/17013/ blender-2.41 local-code-execution http://secunia.com/advisories/17013/ bugzilla<2.18.4 information-leak http://www.bugzilla.org/security/2.18.4/ imap-uw<2004enb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933 openssl<0.9.7h information-leak http://www.openssl.org/news/secadv_20051011.txt koffice<1.4.2 local-code-execution http://www.kde.org/info/security/advisory-20051011-1.txt phpmyadmin<2.6.4pl2 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4 xine-lib<1.0.3 remote-users-shell http://xinehq.de/index.php/security/XSA-2005-1 unrar<3.5.4 remote-code-execution http://www.rarlabs.com/rarnew.htm curl<7.15.0 remote-code-execution http://curl.haxx.se/mail/lib-2005-10/0061.html wget-1.10 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html wget-1.10.1 remote-code-execution http://www.mail-archive.com/wget%40sunsite.dk/msg08300.html abiword<2.4.1 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-006.txt clamav<0.87.1 denial-of-service http://secunia.com/advisories/17184/ clamav<0.87.1 denial-of-service http://secunia.com/advisories/17434/ clamav<0.87.1 remote-code-execution http://www.zerodayinitiative.com/advisories/ZDI-05-002.html lynx<2.8.5.3 remote-users-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120 snort-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-mysql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ snort-pgsql-2.4.[0-2]{,nb*} buffer-overflow http://secunia.com/advisories/17220/ graphviz<2.6 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2965 squid<2.5.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258 ethereal<0.10.13 remote-code-execution http://www.ethereal.com/appnotes/enpa-sa-00021.html sudo<1.6.8pl9nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2959 chmlib<0.37.3 remote-code-execution http://66.93.236.84/~jedwin/projects/chmlib/ mantis<1.0.0rc3 sql-injection http://secunia.com/advisories/16818/ phpmyadmin<2.6.4pl3 information-leak http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-5 netpbm<10.25 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 xli<1.17.0nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wget<1.10 remote-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 wget<1.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488 wget-1.9{,nb*} symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 wget-1.9.1{,nb*} symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.77.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.78.html php-5.0.[0-5]* remote-code-execution http://www.hardened-php.net/advisory_202005.77.html openvpn<2.0.3 denial-of-service http://secunia.com/advisories/17376/ openvpn<2.0.3 remote-code-execution http://secunia.com/advisories/17376/ ethereal<0.10.13nb1 denial-of-service http://secunia.com/advisories/17370/ chmlib<0.36 remote-code-execution http://www.idefense.com/application/poi/display?id=332&type=vulnerabilities&flashstatus=true fetchmailconf<6.2.5nb3 insecure-file-permissions http://fetchmail.berlios.de/fetchmail-SA-2005-02.txt skype<1.2.0.18 remote-code-execution http://secunia.com/advisories/17305/ python21<2.1.3nb8 remote-code-execution http://secunia.com/advisories/16914/ python21-pth<2.1.3nb7 remote-code-execution http://secunia.com/advisories/16914/ rsaref<2.0p3 buffer-overrun http://www.cert.org/advisories/CA-1999-15.html libgda<1.2.2nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2958 libwww<5.4.0nb4 denial-of-service http://secunia.com/advisories/17119/ zope-2.6.[0-9]* remote-code-execution http://secunia.com/advisories/17173/ openvmps<=1.3 remote-code-execution http://www.security.nnov.ru/Jdocument889.html libungif<4.1.3nb3 denial-of-service http://secunia.com/advisories/17436/ libungif<4.1.3nb3 remote-code-execution http://secunia.com/advisories/17436/ {ns,moz-bin,firefox-bin}-flash<7.0.25 remote-code-execution http://secunia.com/advisories/17430/ sudo<1.6.8pl9nb2 privilege-escalation http://www.sudo.ws/sudo/alerts/perl_env.html emacs-21.2.1 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232 sylpheed<2.0.4 local-code-execution http://secunia.com/advisories/17492/ spamassassin<3.0.4nb2 denial-of-service http://secunia.com/advisories/17386/ sylpheed-2.1.[0-5]* local-code-execution http://secunia.com/advisories/17492/ phpmyadmin<2.6.4pl4 http-header-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6 opera<8.51 remote-user-shell http://secunia.com/advisories/16907/ opera<8.51 remote-user-shell http://secunia.com/advisories/17437/ ipsec-tools<0.6.3 denial-of-service http://secunia.com/advisories/17668/ horde-3.0.[0-6]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759 horde<2.2.9 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3570 micq<0.4.10.4 denial-of-service http://www.micq.org/news.shtml.en gtk2+<2.6.10nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+-2.8.[0-6]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+<2.6.10nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gtk2+-2.8.[0-6]{,nb*} arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gdk-pixbuf<0.22.0nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 acid-[0-9]* cross-site-scripting http://secunia.com/advisories/17552/ acid-[0-9]* sql-injection http://secunia.com/advisories/17552/ thttpd<2.25bnb4 insecure-temp-files http://secunia.com/advisories/17454/ rar-linux<3.5.1 format-string http://secunia.com/advisories/17524/ rar-linux<3.5.1 buffer-overflow http://secunia.com/advisories/17524/ gaim-encryption<2.39 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4693 mailman<2.1.6nb1 denial-of-service http://secunia.com/advisories/17511/ ghostscript-afpl<8.51nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-esp-nox11<8.15.1nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-gnu-nox11<8.15nb1 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ ghostscript-nox11<6.01nb6 insecure-temp-files http://secunia.com/advisories/12903/ suse{,32}_gtk2<9.1nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 sun-{jre,jdk}13<1.0.16 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}14<2.9 local-file-write http://secunia.com/advisories/17748/ sun-{jre,jdk}15<5.0.4 local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}13-* local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 fastjar<0.93nb3 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 inkscape-0.4[1-2]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3737 webmin<1.170nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 webmin<1.170nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 unalz<0.53 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3862 kadu<0.4.2 denial-of-service http://secunia.com/advisories/17764/ centericq<4.20.0nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 centericq-4.21.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 xpdf<3.01pl1nb2 buffer-overflow http://secunia.com/advisories/17897/ kdegraphics<3.4.2nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt kdegraphics-3.4.3 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice<1.4.1nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt koffice-1.4.2{,nb1} buffer-overflow http://www.kde.org/info/security/advisory-20051207-1.txt Ffmpeg<0.4.9pre1 buffer-overflow http://secunia.com/advisories/17892/ horde<3.1.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4080 phpmyadmin<2.7.0 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-8 phpmyadmin<2.7.0pl1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9 curl<7.15.1 unknown http://www.hardened-php.net/advisory_242005.109.html php<4.4.1 cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php-5.0.[0-5]{,nb1} cross-site-scripting http://www.hardened-php.net/advisory_182005.77.html php<4.4.1 global-variables http://www.hardened-php.net/advisory_192005.78.html php-5.0.[0-5]{,nb1} global-variables http://www.hardened-php.net/advisory_192005.78.html php<4.4.1 remote-code-execution http://www.hardened-php.net/advisory_202005.79.html php-5.0.[0-5]{,nb1} remote-code-execution http://www.hardened-php.net/advisory_202005.79.html ethereal<0.10.13nb2 remote-code-execution http://www.idefense.com/application/poi/display?id=349&type=vulnerabilities mplayer<1.0rc7nb6 buffer-overflow http://secunia.com/advisories/17892/ gmplayer<1.0rc7nb4 buffer-overflow http://secunia.com/advisories/17892/ mencoder<1.0rc7nb2 buffer-overflow http://secunia.com/advisories/17892/ gpdf<2.10.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 gpdf<2.10.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 gpdf<2.10.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler<0.3.3nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler-0.4.2{,nb1} arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler<0.3.3nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler-0.4.2{,nb1} arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler<0.3.3nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler-0.4.2{,nb1} arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 dropbear<0.46nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-4178 mantis<1.0.0rc4 cross-site-scripting http://secunia.com/advisories/18181/ horde-3.0.[0-7]* cross-site-scripting http://secunia.com/advisories/17970/ turba<2.0.5 cross-site-scripting http://secunia.com/advisories/17968/ apache-2.0.[1-4][0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.5[0-4]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.55{,nb[12]} cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache<1.3.34nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 cups<1.1.23nb4 arbitrary-code-execution http://secunia.com/advisories/17976/ opera<8.02 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2407 opera<8.51 denial-of-service http://secunia.com/advisories/17963/ libextractor<0.5.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 libextractor<0.5.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 libextractor<0.5.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 trac<0.9.2 sql-injection http://projects.edgewall.com/trac/wiki/ChangeLog perl<5.8.7nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962 sun-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}14-* denial-of-service http://secunia.com/advisories/17478/ sun-{jre,jdk}15-* denial-of-service http://secunia.com/advisories/17478/ blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218&type=0&nav=sec.sba blackdown-{jre,jdk}13-* privilege-escalation http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57221&zone_32=category%3Asecurity blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 blackdown-{jre,jdk}13-* remote-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-57708-1 blackdown-{jre,jdk}13-* local-file-write http://secunia.com/advisories/17748/ blackdown-{jre,jdk}13-* denial-of-service http://secunia.com/advisories/17478/ fetchmail<6.2.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-4348 realplayer<10.0.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 RealPlayerGold<10.0.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 bugzilla<2.20 insecure-temp-files http://secunia.com/advisories/18218/ scponly<4.0 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.2.2 arbitrary-command-execution http://www.pizzashack.org/rssh/security.shtml rssh<2.2.3 arbitrary-command-execution http://www.securityfocus.com/archive/1/383046 rssh<2.3.0 privilege-escalation http://www.pizzashack.org/rssh/security.shtml scponly<4.2 privilege-escalation http://www.sublimation.org/scponly/ scponly<4.2 arbitrary-command-execution http://www.sublimation.org/scponly/ ethereal<0.10.14 denial-of-service http://secunia.com/advisories/18229/ kdegraphics<3.5.0nb1 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt koffice<1.4.2nb4 buffer-overflow http://www.kde.org/info/security/advisory-20051207-2.txt openmotif<2.2.3nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964 mantis<1.0.0rc4nb2 sql-injection http://secunia.com/advisories/18254/ mantis<1.0.0rc4nb2 information-disclosure http://secunia.com/advisories/18254/ adodb<4.70 sql-injection http://secunia.com/advisories/17418/ adodb<4.70 information-disclosure http://secunia.com/advisories/17418/ poppler<0.4.4 arbitrary-code-execution http://scary.beasts.org/security/CESA-2005-003.txt ytalk<3.2.0 denial-of-service http://www.impul.se/ytalk/ChangeLog trac<0.9.3 cross-site-scripting http://secunia.com/advisories/18048/ blender<2.37nb3 denial-of-service http://secunia.com/advisories/18176/ blender>=2.38<2.40 denial-of-service http://secunia.com/advisories/18176/ gcpio<2.6nb2 denial-of-service http://secunia.com/advisories/18251/ gcpio<2.6nb2 arbitrary-code-execution http://secunia.com/advisories/18251/ rxvt-unicode<6.3 local-privilege-escalation http://secunia.com/advisories/18301/ pine<4.64 buffer-overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=313 clamav<0.88 heap-overflow http://secunia.com/advisories/18379/ bitlbee<1.0 denial-of-service http://get.bitlbee.org/devel/CHANGES hylafax-4.2.3{,nb*} privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[0-3]{,nb*} local-privilege-escalation http://secunia.com/advisories/18314/ hylafax-4.2.[2-3]{,nb*} local-command-execution http://secunia.com/advisories/18314/ ap-auth-ldap<1.6.1 arbitrary-code-execution http://secunia.com/advisories/18382/ sudo<1.6.8pl12nb1 privilege-escalation http://secunia.com/advisories/18358/ wine>20000000<20060000 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 wine<0.9.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 tor<=0.1.1.12alpha information-disclosure http://archives.seul.org/or/announce/Jan-2006/msg00001.html mantis<1.0.0rc5 cross-site-scripting http://secunia.com/advisories/18434/ tuxpaint<0.9.14nb6 insecure-temp-file http://secunia.com/advisories/18475/ kdelibs<3.5.0nb2 buffer-overflow http://www.kde.org/info/security/advisory-20060119-1.txt php-5.0.[0-9]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} inject-http-headers http://secunia.com/advisories/18431/ php5-mysqli>=5.1.0<5.1.2 arbitrary-code-execution http://secunia.com/advisories/18431/ php-5.0.[0-9]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ php-5.1.[0-1]{,nb*} cross-site-scripting http://secunia.com/advisories/18431/ vmware<5.5.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4459 xpdf<3.01pl2 denial-of-service http://secunia.com/advisories/18303/ xpdf<3.01pl2 arbitrary-code-execution http://secunia.com/advisories/18303/ cups<1.1.23nb8 denial-of-service http://secunia.com/advisories/18332/ cups<1.1.23nb8 arbitrary-code-execution http://secunia.com/advisories/18332/ antiword<0.37nb1 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3126 sun-{jdk,jre}15<5.0.4 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}14<2.9 arbitrary-code-execution http://secunia.com/advisories/17748/ sun-{jdk,jre}13<1.0.16 arbitrary-code-execution http://secunia.com/advisories/17748/ mailman-2.1.[4-6]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153 teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/17916/ teTeX-bin-1.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* denial-of-service http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 denial-of-service http://secunia.com/advisories/18329/ teTeX-bin-1.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin-2.[0-9]* arbitrary-code-execution http://secunia.com/advisories/18329/ teTeX-bin<3.0nb6 arbitrary-code-execution http://secunia.com/advisories/18329/ apache-2.0.[1-4][0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.5[0-4]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.55{,nb[1234]} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 mod-auth-pgsql-[0-9]* format-string http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3656 xine-lib<1.0.3anb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 xine-lib<1.0.3anb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 mydns-{mysql,pgsql}<1.1.0 denial-of-service http://secunia.com/advisories/18532/ adodb<4.71 sql-injection http://secunia.com/advisories/18575/ ImageMagick<6.2.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601 ImageMagick<6.2.6.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082 libast<0.6.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224 png-1.2.[67]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 png-1.0.1[67]{,nb*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 p5-Mail-Audit<1.21nb2 privilege-escalation http://secunia.com/advisories/18656/ kdegraphics<3.5.0nb2 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt kdegraphics-3.5.1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20060202-1.txt heimdal<0.7.2 privilege-escalation http://www.pdc.kth.se/heimdal/advisory/2006-02-06/ firefox{,-bin,-gtk1}-1.5 remote-code-execution https://www.mozilla.org/security/announce/mfsa2006-04.html libtool-base<1.5.18nb7 insecure-temp-files http://lists.gnu.org/archive/html/libtool/2005-12/msg00076.html php>=5<5.1.0 inject-smtp-headers https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 php<4.4.2 inject-smtp-headers https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 openssh<4.3.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 gnutls<1.2.10 denial-of-service http://secunia.com/advisories/18794/ gnutls-1.3.[0-3]{,nb*} denial-of-service http://secunia.com/advisories/18794/ libtasn1<0.2.18 denial-of-service http://secunia.com/advisories/18794/ sun-{jdk,jre}15<5.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}14<2.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}13<1.0.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2006-0614 sun-{jdk,jre}15<5.0.6 remote-code-execution http://secunia.com/advisories/18762/ adzap<20060129 denial-of-service http://secunia.com/advisories/18771/ pam-mysql<0.6.2 arbitrary-code-execution http://secunia.com/advisories/18598/ exim<3.36nb6 arbitrary-code-execution http://secunia.com/advisories/16502/ exim>=4.0<4.53 arbitrary-code-execution http://secunia.com/advisories/16502/ noweb<2.9anb3 insecure-temp-files http://secunia.com/advisories/18809/ honeyd<1.0nb2 remote-information-exposure http://www.honeyd.org/adv.2006-01 honeyd>=1.1<1.5 remote-information-exposure http://www.honeyd.org/adv.2006-01 lighttpd<1.4.9 remote-information-exposure http://secunia.com/product/4661/ gnupg<1.4.2.1 verification-bypass http://secunia.com/advisories/18845/ dovecot>0.99.99<1.0beta3 denial-of-service http://secunia.com/advisories/18870/ tin<1.8.1 buffer-overflow https://ftp.funet.fi/pub/unix/news/tin-unoff/CHANGES.old opera<8.52 www-address-spoof http://secunia.com/advisories/17571/ bugzilla<2.20.1 sql-injection http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 cross-site-scripting http://www.securityfocus.com/archive/1/425584/30/0/threaded bugzilla<2.20.1 information-exposure http://www.securityfocus.com/archive/1/425584/30/0/threaded postgresql73-server<7.3.14 denial-of-service http://secunia.com/advisories/18890/ postgresql74-server<7.4.12 denial-of-service http://secunia.com/advisories/18890/ postgresql80-server<8.0.7 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 denial-of-service http://secunia.com/advisories/18890/ postgresql81-server<8.1.3 privilege-escalation http://secunia.com/advisories/18890/ bomberclone<0.11.6nb3 remote-code-execution http://secunia.com/advisories/18914/ libextractor<0.5.10 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624 snort<2.4.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-mysql<2.4.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-pgsql<2.4.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 monotone<0.25.2 remote-code-execution http://venge.net/monotone/NEWS gnupg<1.4.2.2 incorrect-signature-verification http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html p5-Crypt-CBC<2.17 weak-encryption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0898 namazu<2.0.16 directory-traversal http://www.namazu.org/security.html.en#dir-traversal base<1.2.2 sql-injection http://sourceforge.net/forum/forum.php?forum_id=529375 drupal<4.6.6 security-bypass http://drupal.org/files/sa-2006-001/advisory.txt drupal<4.6.6 cross-site-scripting http://drupal.org/files/sa-2006-002/advisory.txt drupal<4.6.6 session-fixation http://drupal.org/files/sa-2006-003/advisory.txt drupal<4.6.6 mail-header-injection http://drupal.org/files/sa-2006-004/advisory.txt horde<3.1 information-disclosure http://secunia.com/advisories/19246/ curl-7.15.[0-2]{,nb*} buffer-overflow http://curl.haxx.se/docs/adv_20060320.html xorg-server>=6.9.0<6.9.0nb7 privilege-escalation http://lists.freedesktop.org/archives/xorg/2006-March/013992.html xorg-server>=6.9.0<6.9.0nb7 denial-of-service http://lists.freedesktop.org/archives/xorg/2006-March/013992.html freeradius<1.1.1 denial-of-service http://secunia.com/advisories/19300/ sendmail>=8.13<8.13.5nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 sendmail<8.12.11nb2 remote-code-execution http://www.kb.cert.org/vuls/id/834865 phpmyadmin<2.8.0.2 cross-site-scripting http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 horde>=3.0<3.1.1 remote-code-execution http://lists.horde.org/archives/announce/2006/000271.html {ns,moz-bin,firefox-bin}-flash<7.0.63 remote-code-execution http://www.us-cert.gov/cas/techalerts/TA06-075A.html RealPlayerGold<10.0.7 remote-code-execution http://service.real.com/realplayer/security/03162006_player/en/ p5-CGI-Session<4.09 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1279 p5-CGI-Session<4.09 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1280 samba<3.0.22 insecure-log-files http://www.samba.org/samba/security/CAN-2006-1059.html dia>=0.87<0.94nb6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 mantis<1.0.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1577 mysql-server>=3.0<4.1.20 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 mysql-server>=5.0<5.0.20nb1 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 php>=5.0<5.1.2nb1 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 php<4.4.2nb1 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php>=5.0<5.1.2nb6 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php<4.4.2nb6 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 freeciv-server<2.0.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0047 lsh<1.4.3nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh<1.4.3nb4 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 clamav<0.88.1 denial-of-service http://secunia.com/advisories/19534/ clamav<0.88.1 remote-code-execution http://secunia.com/advisories/19534/ phpmyadmin<2.8.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1 mailman<2.1.8rc1 cross-site-scripting http://secunia.com/advisories/19558/ mplayer<1.0rc7nb10 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 gmplayer<1.0rc7nb6 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 mencoder<1.0rc7nb4 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 xscreensaver<4.16 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294 xscreensaver<4.16 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655 php>=5.0<5.1.2nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php<4.4.2nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php>=5.0<5.1.2nb6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php<4.4.2nb6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php>=5.0<5.1.2nb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php<4.4.2nb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php>=5.0<5.1.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php<4.4.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php>=5.0<5.1.2nb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 php<4.4.2nb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php>=5.0<5.1.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php<4.4.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 firefox{,-bin,-gtk1}>=1.5<1.5.0.2 ui-spoofing https://www.mozilla.org/security/announce/2006/mfsa2006-29.html seamonkey{,-bin,-gtk1}<1.0.1 ui-spoofing https://www.mozilla.org/security/announce/2006/mfsa2006-29.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 security-bypass https://www.mozilla.org/security/announce/2006/mfsa2006-28.html seamonkey{,-bin,-gtk1}<1.0.1 security-bypass https://www.mozilla.org/security/announce/2006/mfsa2006-28.html thunderbird{,-bin,-gtk1}<1.5.0.2 security-bypass https://www.mozilla.org/security/announce/2006/mfsa2006-28.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-25.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-25.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-24.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-24.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}<1.0.8 remote-file-stealing https://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-file-stealing https://www.mozilla.org/security/announce/2006/mfsa2006-23.html seamonkey{,-bin,-gtk1}<1.0.1 remote-file-stealing https://www.mozilla.org/security/announce/2006/mfsa2006-23.html mozilla{,-bin,-gtk2}<1.7.13 remote-file-stealing https://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-22.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-22.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-20.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-20.html thunderbird{,-bin,-gtk1}<1.5.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-20.html phpmyadmin<2.8.0.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2 amaya<9.5 remote-code-execution http://secunia.com/advisories/19670/ cy2-digestmd5<2.1.20nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1721 xzgv<0.8.0.1nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060 xine-ui<0.99.2nb5 remote-code-execution http://secunia.com/advisories/19671/ xine-ui-0.99.4{,nb1} remote-code-execution http://secunia.com/advisories/19671/ ethereal<0.99.0 remote-code-execution http://www.ethereal.com/docs/release-notes/ethereal-0.99.0.html trac<0.9.5 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ ja-trac<0.9.5.1 cross-site-scripting http://jvn.jp/jp/JVN%2384091359/ i2cbd<2.0_BETA3 denial-of-service http://www.draga.com/~jwise/i2cb/ adodb<4.72 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0806 squirrelmail<1.4.6 cross-site-scripting http://secunia.com/advisories/18985/ squirrelmail<1.4.6 imap-injection http://secunia.com/advisories/18985/ unrealircd<3.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1214 firefox{,-gtk1}>=1.5<1.5.0.2nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 firefox-bin>=1.5<1.5.0.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 clamav<0.88.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1989 asterisk<1.2.7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827 cgiirc<0.5.8 remote-code-execution http://secunia.com/advisories/19922/ miredo<0.8.2 security-bypass http://www.simphalempin.com/dev/miredo/mtfl-sa-0601.shtml.en xorg-server>=6.8.0<6.9.0nb10 remote-code-execution http://lists.freedesktop.org/archives/xorg/2006-May/015136.html nagios-base<2.3 remote-code-execution https://sourceforge.net/mailarchive/forum.php?thread_id=10297806&forum_id=7890 i2cbd<=2.0_BETA4 denial-of-service http://www.draga.com/~jwise/i2cb/ crossfire-server<1.9.0nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1236 dovecot>0.99.99<1.0beta8 remote-file-listing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2414 php<4.4.2nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991 php>=5.1<5.1.4 unknown http://secunia.com/advisories/19927/ phpldapadmin<0.9.8.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2016 mysql-server>=4.0<4.1.19 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=5.0<5.0.21 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=4.0<4.1.19 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518 nagios-base<2.3.1 remote-code-execution http://secunia.com/advisories/20123/ quagga<0.98.6 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga>0.99<0.99.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 zebra-[0-9]* information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga<0.98.6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga>0.99<0.99.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 zebra-[0-9]* security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga<0.98.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 quagga>0.99<0.99.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 zebra-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 tiff<3.8.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0405 tiff<3.8.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2024 tiff<3.8.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025 tiff<3.8.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026 tiff<3.8.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2120 xine-lib<1.0.3anb8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 awstats<6.6 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1945 awstats<6.6 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2237 quake3arena<1.32c remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3arena<1.32c information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server<1.32c information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server-[0-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2875 abcmidi<20060422 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1514 openldap<2.3.22 buffer-overflow http://secunia.com/advisories/20126/ libextractor<0.5.14 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458 freetype2<2.1.10nb3 remote-code-execution http://secunia.com/advisories/20100/ dia<0.95.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480 cscope<15.5nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541 binutils<2.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362 firefox{,-bin,-gtk1}<1.5.0.5 information-exposure http://secunia.com/advisories/20244/ mozilla{,-bin,-gtk2}-[0-9]* information-exposure http://secunia.com/advisories/20256/ netscape7-[0-9]* security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942 netscape7-[0-9]* information-exposure http://secunia.com/advisories/20255/ postgresql73-server<7.3.15 sql-injection http://secunia.com/advisories/20231/ postgresql74-server<7.4.13 sql-injection http://secunia.com/advisories/20231/ postgresql80-server<8.0.8 sql-injection http://secunia.com/advisories/20231/ postgresql81-server<8.1.4 sql-injection http://secunia.com/advisories/20231/ drupal<4.6.7 sql-injection http://drupal.org/files/sa-2006-005/advisory.txt drupal<4.6.7 arbitrary-code-execution http://drupal.org/files/sa-2006-006/advisory.txt mpg123<0.59.18nb9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-esound<0.59.18nb7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-nas<0.59.18nb10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 tor<0.1.1.20 multiple-vulnerabilities http://secunia.com/advisories/20277/ awstats<6.6nb1 security-bypass http://secunia.com/advisories/20164/ drupal-4.7.[0-1]* arbitrary-code-execution http://drupal.org/node/66763 drupal-4.7.[0-1]* cross-site-scripting http://drupal.org/node/66767 drupal<4.6.8 arbitrary-code-execution http://drupal.org/node/66763 drupal<4.6.8 cross-site-scripting http://drupal.org/node/66767 firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-31.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-31.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-31.html firefox{,-bin,-gtk1}<1.5.0.4 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-32.html thunderbird{,-bin,-gtk1}<1.5.0.4 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-32.html seamonkey{,-bin,-gtk1}<1.0.2 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-32.html firefox{,-bin,-gtk1}<1.5.0.4 http-response-smuggling https://www.mozilla.org/security/announce/2006/mfsa2006-33.html thunderbird{,-bin,-gtk1}<1.5.0.4 http-response-smuggling https://www.mozilla.org/security/announce/2006/mfsa2006-33.html seamonkey{,-bin,-gtk1}<1.0.2 http-response-smuggling https://www.mozilla.org/security/announce/2006/mfsa2006-33.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-34.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-34.html firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-35.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-35.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-35.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-36.html firefox{,-bin,-gtk1}<1.5.0.4 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-37.html thunderbird{,-bin,-gtk1}<1.5.0.4 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-37.html seamonkey{,-bin,-gtk1}<1.0.2 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-37.html firefox{,-bin,-gtk1}<1.5.0.4 buffer-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 buffer-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-38.html seamonkey{,-bin,-gtk1}<1.0.2 buffer-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-40.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-40.html firefox{,-bin,-gtk1}<1.5.0.4 remote-file-stealing https://www.mozilla.org/security/announce/2006/mfsa2006-41.html seamonkey{,-bin,-gtk1}<1.0.2 remote-file-stealing https://www.mozilla.org/security/announce/2006/mfsa2006-41.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-42.html thunderbird{,-bin,-gtk1}<1.5.0.4 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-42.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-42.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-43.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-43.html {ja-,}squirrelmail<1.4.6nb3 remote-file-read http://www.squirrelmail.org/security/issue/2006-06-01 snort{,-mysql,-pgsql}<2.4.5 security-bypass http://secunia.com/advisories/20413/ mysql-server>=4.0<4.1.20 sql-injection http://secunia.com/advisories/20365/ mysql-server>=5.0<5.0.22 sql-injection http://secunia.com/advisories/20365/ base<1.2.5 remote-file-read http://secunia.com/advisories/20300/ asterisk<1.2.9.1 denial-of-service http://www.asterisk.org/node/95 spamassassin<3.1.3 arbitrary-code-execution http://secunia.com/advisories/20430/ tiff<3.8.2nb2 arbitrary-code-execution http://secunia.com/advisories/20488/ firefox{,2}{,-bin,-gtk1}<2.0.0.8 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 seamonkey{,-bin,-gtk1}<1.1.5 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 mozilla{,-bin,-gtk2}-[0-9]* remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 netscape7-[0-9]* remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 courier-mta<0.53.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2659 gdm<2.8.0.8 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 gdm>=2.14<2.14.8 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 sge<6.0.8 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0408 sge<6.0.8 security-bypass http://secunia.com/advisories/20518/ 0verkill<0.16nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2971 php<4.4.2 arbitrary-code-execution http://pear.php.net/advisory-20051104.txt pear-5.0.[0-9]* arbitrary-code-execution http://pear.php.net/advisory-20051104.txt kadu<0.5.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0768 irssi<0.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0458 crossfire-server<1.9.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 crossfire-server<1.9.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 dropbear<0.48 arbitrary-code-execution http://secunia.com/advisories/18964/ p5-libapreq2<2.07 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0042 amule<2.1.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2691 amule<2.1.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2692 openttd<0.4.8rc2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1998 openttd<0.4.8rc2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999 jabberd>=2<2.0s11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1329 unalz<0.55 input-validation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0950 ap{2,22}-py{15,20,21,22,23,24,25,26,27,31}-python<3.2.8 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1095 zoo<2.10.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1269 sylpheed<2.2.6 security-bypass http://secunia.com/advisories/20577/ kiax<0.8.51 remote-code-execution http://secunia.com/advisories/20567/ acroread7<7.0.8 unknown http://www.adobe.com/support/techdocs/327817.html sendmail<8.12.11nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 sendmail>=8.13<8.13.6nb3 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 gd<2.0.33nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906 arts<1.5.1nb2 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt arts>=1.5.2<1.5.3nb1 local-privilege-escalation http://www.kde.org/info/security/advisory-20060614-2.txt kdebase<3.5.1nb4 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt kdebase>=3.5.2<3.5.3nb1 local-information-exposure http://www.kde.org/info/security/advisory-20060614-1.txt horde>=3.0<3.1.1nb2 cross-site-scripting http://secunia.com/advisories/20661/ mutt<1.4.2.1nb7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 mutt>=1.5<1.5.11nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 chmlib<0.38 remote-file-write http://secunia.com/advisories/20734/ netpbm<10.34 denial-of-service http://secunia.com/advisories/20729/ gnupg<1.4.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 gnupg-devel<1.9.20nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 opera<9.0 remote-code-execution http://secunia.com/advisories/20787/ opera<9.0 ssl-cert-spoofing http://secunia.com/secunia_research/2006-49/advisory/ php<4.4.2nb3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 php>=5.0<5.1.4nb2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 emech<3.0.2 denial-of-service http://secunia.com/advisories/20805/ hashcash<1.21 denial-of-service http://secunia.com/advisories/20800/ gftp<2.0.18nb5 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup gftp<2.0.18nb4 buffer-overflow http://cvs.gnome.org/viewcvs/gftp/ChangeLog?rev=1.436&view=markup xine-lib<1.0.3anb10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802 php4-curl<4.4.3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 php5-curl<5.1.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 sun-{jre,jdk}1{3,4,5}-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426 png<1.2.12 arbitrary-code-execution http://www.securityfocus.com/bid/18698 openoffice2{,-bin}<2.0.3 security-bypass http://www.openoffice.org/security/CVE-2006-2199.html openoffice2{,-bin}<2.0.3 arbitrary-code-execution http://www.openoffice.org/security/CVE-2006-2198.html openoffice2{,-bin}<2.0.3 buffer-overflow http://www.openoffice.org/security/CVE-2006-3117.html geeklog<1.4.0.3nb2 remote-code-execution http://secunia.com/advisories/20886/ webmin<1.290 remote-information-exposure http://secunia.com/advisories/20892/ phpmyadmin<2.8.1 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804 phpmyadmin<2.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-4 samba<3.0.22nb2 denial-of-service http://www.samba.org/samba/security/CAN-2006-3403.html trac<0.9.6 cross-site-scripting http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 cross-site-scripting http://secunia.com/advisories/20958/ trac<0.9.6 remote-information-exposure http://secunia.com/advisories/20958/ ja-trac<0.9.6.1 remote-information-exposure http://secunia.com/advisories/20958/ {ja-,}squirrelmail<1.4.7 remote-information-exposure http://www.securityfocus.com/bid/17005 geeklog<1.4.0.5 cross-site-scripting http://secunia.com/advisories/21094/ hyperestraier>=0.5.0<1.3.3 cross-site-request-forgeries http://secunia.com/advisories/21049/ ruby18-base<1.8.4nb4 security-bypass http://secunia.com/advisories/21009/ gimp>=2<2.2.12 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 gimp>=2.3.0<2.3.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 asterisk<1.2.10 denial-of-service http://secunia.com/advisories/21071/ horde>=3.0<3.1.2 cross-site-scripting http://secunia.com/advisories/20954/ zoo<2.10.1nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0855 apache-tomcat>=5.5.0<5.5.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 pngcrush<1.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 ethereal-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627 x11vnc<0.8.2 remote-authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450 wv2<0.2.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197 apache<1.3.35 cross-site-scripting http://secunia.com/advisories/21172/ apache>2.0<2.0.58 cross-site-scripting http://secunia.com/advisories/21172/ freeciv-server-2.0.[0-8]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3913 libmikmod-3.2.2 arbitrary-code-execution http://secunia.com/advisories/21196/ p5-Net-Server<0.88 denial-of-service http://secunia.com/advisories/21149/ firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-44.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-44.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-45.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-45.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-46.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-46.html thunderbird{,-bin,-gtk1}<1.5.0.5 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-46.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-47.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-47.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-47.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-48.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-49.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-49.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-50.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-50.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-50.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-51.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-51.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-51.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-52.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-52.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-53.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-53.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-53.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-54.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-54.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-54.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-55.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-55.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-55.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-56.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-56.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-56.html apache<1.3.37 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 apache>2.0<2.0.59 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 postfix>=2.2.0<2.2.11 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/08/01/0000.html postfix>=2.3.0<2.3.1 tls-enforcement-bypass http://mail-index.netbsd.org/pkgsrc-changes/2006/07/25/0002.html gnupg<1.4.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746 suse{,32}_libtiff<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0001.html suse{,32}_freetype2<10.0nb3 remote-code-execution http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html mysql-server<4.1.21 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server<4.1.21 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.24 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server>5.0<5.0.25 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.25 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227 mysql-server>5.0<5.0.36 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 mysql-server>5.0<5.0.40 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 mysql-server<4.1.22nb1 authenticated-user-table-rename https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 authenticated-user-table-rename https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692 tiff<3.8.2nb3 multiple-vulnerabilities http://secunia.com/advisories/21304/ drupal<4.6.9 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt drupal<4.7.3 cross-site-scripting http://drupal.org/files/sa-2006-011/advisory.txt cfs<1.4.1nb6 denial-of-service http://secunia.com/advisories/21310/ hobbit<4.0b6nb10 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4003 sge-5.[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3941 php>4.0<4.4.3 remote-unknown http://secunia.com/advisories/21328/ clamav<0.88.4 remote-code-execution http://secunia.com/advisories/21374/ php>4.0<4.4.3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 php>5.0<5.1.4nb3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 lesstif>=0.78<=0.85.3 privilege-escalation http://secunia.com/advisories/21428/ mit-krb5<1.4.2nb3 privilege-escalation http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt heimdal<0.7.2nb3 privilege-escalation http://secunia.com/advisories/21436/ bomberclone<0.11.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4005 bomberclone<0.11.7 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4006 {ja-,}squirrelmail<1.4.8 remote-information-exposure http://secunia.com/advisories/21354/ {ja-,}squirrelmail<1.4.8 remote-data-manipulation http://secunia.com/advisories/21354/ ImageMagick<6.2.9.0 arbitrary-code-execution http://secunia.com/advisories/21462/ horde<3.1.3 cross-site-scripting http://secunia.com/advisories/21500/ imp<4.1.3 cross-site-scripting http://secunia.com/advisories/21533/ miredo<0.9.7 denial-of-service http://www.simphalempin.com/dev/miredo/mtfl-sa-0603.shtml.en miredo<0.9.8 unknown http://mail-index.netbsd.org/pkgsrc-changes/2006/08/15/0026.html php<4.4.4 multiple-vulnerabilities http://secunia.com/advisories/21546/ php>5.0<5.1.5 multiple-vulnerabilities http://secunia.com/advisories/21546/ binutils<2.17 arbitrary-code-execution http://secunia.com/advisories/21508/ libwmf<0.2.8.4nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 honeyd<1.5b denial-of-service http://secunia.com/advisories/21591/ XFree86-libs<4.4.0nb8 arbitrary-code-execution http://secunia.com/advisories/21446/ xorg-libs<6.9.0nb7 arbitrary-code-execution http://secunia.com/advisories/21450/ xorg-server<6.9.0nb12 arbitrary-code-execution http://secunia.com/advisories/21450/ libtunepimp<0.4.2nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600 mplayer<1.0rc8 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 gmplayer<1.0rc8 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 mencoder<1.0rc8 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 freetype2<2.2.1nb2 arbitrary-code-execution http://secunia.com/advisories/21450/ wireshark<0.99.3 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ethereal>=0.7.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-02.html ImageMagick<6.2.9.1 arbitrary-code-execution http://secunia.com/advisories/21615/ asterisk<1.2.11 remote-code-execution http://secunia.com/advisories/21600/ cscope<15.5nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4262 streamripper<1.61.26 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124 sendmail>8.13<8.13.8 denial-of-service http://secunia.com/advisories/21637/ musicbrainz<2.1.4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197 cube-[0-9]* denial-of-service http://aluigi.altervista.org/adv/evilcube-adv.txt cube-[0-9]* remote-code-execution http://aluigi.altervista.org/adv/evilcube-adv.txt zope25-CMFPlone>2.0<2.5 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1711 tor<0.1.1.23 denial-of-service http://secunia.com/advisories/21708/ tor<0.1.1.23 bypass-security-restrictions http://secunia.com/advisories/21708/ gtetrinet<0.7.7nb8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3125 openoffice2{,-bin}<2.0.2 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 webmin<1.296 cross-site-scripting http://secunia.com/advisories/21690/ webmin<1.296 remote-information-disclosure http://secunia.com/advisories/21690/ gdb>6<6.2.1nb7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146 gtar-base<1.15.1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 gtar-base<1.15.1nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 openldap-server<2.3.25 bypass-security-restrictions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600 openldap<2.3.25 bypass-security-restrictions http://secunia.com/advisories/21721/ mailman<2.1.9rc1 denial-of-service http://secunia.com/advisories/21732/ mailman<2.1.9rc1 cross-site-scripting http://secunia.com/advisories/21732/ sendmail<8.12.11nb4 denial-of-service http://secunia.com/advisories/21637/ bind>9.3<9.3.2nb2 denial-of-service http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en openssl<0.9.7inb2 signature-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=411 xorg-libs<6.9.0nb9 arbitrary-code-execution http://www.idefense.com/intelligence/vulnerabilities/display.php?id=412 xorg-clients<6.9.0nb9 privilege-escalation http://secunia.com/advisories/21650/ xorg-libs<6.9.0nb10 privilege-escalation http://secunia.com/advisories/21650/ xorg-server<6.9.0nb13 privilege-escalation http://secunia.com/advisories/21650/ firefox{,-bin,-gtk1}<1.5.0.7 buffer-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-57.html thunderbird{,-gtk1}<1.5.0.7 buffer-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-57.html seamonkey{,-bin,-gtk1}<1.0.5 buffer-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-57.html firefox-bin<1.5.0.7 auto-update-spoof https://www.mozilla.org/security/announce/2006/mfsa2006-58.html firefox{,-bin,-gtk1}<1.5.0.7 signature-forgery https://www.mozilla.org/security/announce/2006/mfsa2006-60.html thunderbird{,-gtk1}<1.5.0.7 signature-forgery https://www.mozilla.org/security/announce/2006/mfsa2006-60.html seamonkey{,-bin,-gtk1}<1.0.5 signature-forgery https://www.mozilla.org/security/announce/2006/mfsa2006-60.html firefox{,-bin,-gtk1}<1.5.0.7 frame-content-spoofing https://www.mozilla.org/security/announce/2006/mfsa2006-61.html seamonkey{,-bin,-gtk1}<1.0.5 frame-content-spoofing https://www.mozilla.org/security/announce/2006/mfsa2006-61.html firefox{,-bin,-gtk1}<1.5.0.7 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-62.html thunderbird{,-gtk1}<1.5.0.7 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-63.html seamonkey{,-bin,-gtk1}<1.0.5 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-63.html {firefox-bin,moz-bin,ns}-flash<7.0.68 remote-code-execution http://www.adobe.com/support/security/bulletins/apsb06-11.html XFree86-libs<4.4.0nb9 arbitrary-code-execution http://secunia.com/advisories/21890/ gnutls<1.4.4 signature-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790 gzip-base<1.2.4bnb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 gzip-base<1.2.4bnb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 gzip-base<1.2.4bnb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 gzip-base<1.2.4bnb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 cabextract<1.2 buffer-overflow http://www.kyz.uklinux.net/cabextract.php openssh<4.3.1nb1 denial-of-service http://secunia.com/advisories/22091/ openssl<0.9.7inb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2006-4343 opera<9.02 signature-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 opera<9.02 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819 wireshark<0.99.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-01.html wireshark<0.99.2 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2006-01.html phpmyadmin<2.9.0.1 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-5 ffmpeg-0.4.* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mono<1.1.13.8.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072 php-4.[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php-5.[01]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php<4.3.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php>5.0<5.1.6nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php<4.4.4nb2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 php>5.0<5.1.6nb2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 openssh<4.3.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 openssh+gssapi<4.4 valid-account-enumeration https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052 openssh+gssapi<4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 bugzilla<2.22.1 cross-site-scripting http://www.bugzilla.org/security/2.18.5/ bugzilla<2.22.1 information-leakage http://www.bugzilla.org/security/2.18.5/ asterisk<1.2.13 remote-code-execution http://www.asterisk.org/node/109 drupal<4.7.4 cross-site-scripting http://drupal.org/files/sa-2006-024/advisory.txt drupal<4.7.4 cross-site-request-forgeries http://drupal.org/files/sa-2006-025/advisory.txt drupal<4.7.4 html-attribute-injection http://drupal.org/files/sa-2006-026/advisory.txt postgresql73-server<7.3.16 denial-of-service http://www.postgresql.org/about/news.664 postgresql74-server<7.4.14 denial-of-service http://www.postgresql.org/about/news.664 postgresql80-server<8.0.9 denial-of-service http://www.postgresql.org/about/news.664 postgresql81-server<8.1.5 denial-of-service http://www.postgresql.org/about/news.664 qt3-libs<3.3.6nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 qt4-libs<4.1.5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 sge<6.0.11 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1 milter-greylist-3.0rc[45] denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/10/27/0006.html ingo<1.1.2 procmail-local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5449 screen<4.0.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 wireshark<0.99.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2006-03.html mutt<1.4.2.2nb3 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt<1.4.2.2nb1 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 mutt>=1.5.0<1.5.13nb2 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt>=1.5.0<1.5.13nb1 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 ruby18-base<1.8.5nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467 php>=5.0<5.1.6nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 php>=4.0<4.4.4nb3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 phpmyadmin<2.9.0.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-6 milter-greylist<3.0rc7 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2006/11/07/0024.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-65.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-65.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-65.html firefox{,-bin,-gtk1}<1.5.0.8 signature-forgery https://www.mozilla.org/security/announce/2006/mfsa2006-66.html thunderbird{,-gtk1}<1.5.0.8 signature-forgery https://www.mozilla.org/security/announce/2006/mfsa2006-66.html seamonkey{,-bin,-gtk1}<1.0.6 signature-forgery https://www.mozilla.org/security/announce/2006/mfsa2006-66.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-67.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-67.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-67.html libarchive<1.3.1 denial-of-service https://www.freebsd.org/security/advisories/FreeBSD-SA-06:24.libarchive.asc openssh<4.5.1 security-bypass http://secunia.com/advisories/22771/ trac<0.10.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.2 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac<0.10.0.3 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 ja-trac>=0.10.1.1<0.10.2.1 cross-site-request-forgeries http://trac.edgewall.org/ticket/4049 png<1.2.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 suse{,32}_libpng<10.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 proftpd<1.3.0nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 gv<3.6.2nb1 code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 gtexinfo<4.8nb6 code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810 dovecot>0.99.99<1.0rc7nb1 buffer-overflow http://www.dovecot.org/list/dovecot-news/2006-November/000023.html dovecot>=1.0rc8<1.0rc15 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5973 phpmyadmin<2.9.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7 phpmyadmin<2.9.1.1 information-leakage http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8 phpmyadmin<2.9.1.1 weak-acl-enforcement http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9 fvwm>=2.4<2.4.19nb4 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 fvwm>=2.5<2.5.18nb1 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 imlib2<1.3.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806 imlib2<1.3.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807 imlib2<1.3.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808 imlib2<1.3.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809 openldap-client<2.3.27nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 openldap-server<2.3.27nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 gnupg<1.4.5nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg2<2.0.0nb3 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel<1.9.22nb1 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html gnupg-devel>=1.9.23 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html lha<114.9nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 lha<114.9nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 gtar-base<1.15.1nb4 overwrite-arbitrary-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 libgsf<1.14.3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514 tnftpd<20040810nb1 remote-code-execution http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051009.html kdegraphics<=3.5.4 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt kdegraphics>=3.1.0<=3.5.5 denial-of-service http://www.kde.org/info/security/advisory-20061129-1.txt links{,-gui}<2.1.0.26 remote-command-execution http://secunia.com/advisories/22905/ elinks<0.11.2 remote-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5925 kile<1.9.3 local-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6085 evince<0.6.1nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 {ja-,}squirrelmail<1.4.9a cross-site-scripting http://secunia.com/advisories/23195/ xine-lib<=1.1.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 xine-lib<1.1.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 xine-lib<1.1.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mplayer<1.0rc8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 gmplayer<1.0rc8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mencoder<1.0rc8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 koffice-1.4.[0-9]* code-execution http://www.kde.org/info/security/advisory-20061205-1.txt koffice-1.6.0 code-execution http://www.kde.org/info/security/advisory-20061205-1.txt fprot-workstation-bin<4.6.7 denial-of-service http://www.securityfocus.com/bid/21420 ruby18-base<1.8.5.20061205 denial-of-service http://www.securityfocus.com/bid/21441 gnupg<1.4.6 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg2<2.0.0nb4 buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html gnupg-devel-[0-9]* buffer-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000246.html ImageMagick<6.3.0.3 code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 GraphicsMagick<1.1.7 code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 proftpd<1.3.0a remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 wv<1.2.3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513 net-snmp>=5.3<5.3.0.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-6305 kronolith<2.1.4 local-file-inclusion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6175 clamav<0.88.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481 mantis<1.0.8 remote-information-disclosure http://secunia.com/advisories/23258/ sylpheed<2.2.6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 sylpheed-claws<2.2.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 tor<0.1.1.26 privacy-leak http://archives.seul.org/or/announce/Dec-2006/msg00000.html dbus<0.92nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 dbus>=1.0<1.0.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 gdm<2.16.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6105 {firefox-bin,moz-bin,ns}-flash<7.0.69 inject-http-headers http://www.adobe.com/support/security/bulletins/apsb06-18.html clamav<0.88.5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182 clamav<0.88.5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295 libksba<0.9.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5111 libmodplug<0.8.4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4192 firefox{,-bin,-gtk1}<1.5.0.9 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}<1.5.0.9 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}<1.5.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=1.5.0.4<1.5.0.9 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 rss-referer-leak https://www.mozilla.org/security/announce/2006/mfsa2006-75.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-76.html thunderbird{,-gtk1}<1.5.0.9 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-68.html thunderbird{,-gtk1}<1.5.0.9 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-70.html thunderbird{,-gtk1}<1.5.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-72.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-74.html seamonkey{,-bin,-gtk1}<1.0.7 memory-corruption https://www.mozilla.org/security/announce/2006/mfsa2006-68.html seamonkey{,-bin,-gtk1}<1.0.7 privilege-escalation https://www.mozilla.org/security/announce/2006/mfsa2006-70.html seamonkey{,-bin,-gtk1}<1.0.7 cross-site-scripting https://www.mozilla.org/security/announce/2006/mfsa2006-72.html seamonkey{,-bin,-gtk1}<1.0.7 remote-code-execution https://www.mozilla.org/security/announce/2006/mfsa2006-73.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-74.html pam-ldap<183 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-5170 mono<1.2.2 source-code-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}15<5.0.7 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 sun-{jdk,jre}15<5.0.8 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 w3m<0.5.1nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772 miredo<1.0.6 authentication-spoofing http://www.simphalempin.com/dev/miredo/mtfl-sa-0604.shtml.en fetchmail<6.3.6 password-disclosure http://www.fetchmail.info/fetchmail-SA-2006-02.txt fetchmail-6.3.5* denial-of-service http://www.fetchmail.info/fetchmail-SA-2006-03.txt drupal<4.7.5 cross-site-scripting http://drupal.org/files/sa-2007-001/advisory.txt drupal<4.7.5 denial-of-service http://drupal.org/files/sa-2007-002/advisory.txt bzip2<1.0.4 permissions-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953 gtexinfo-4.8nb6 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/01/08/0037.html opera<8.10 remote-code-execution http://secunia.com/advisories/23613/ acroread7<7.0.9 cross-site-scripting http://www.adobe.com/support/security/advisories/apsa07-01.html vlc<0.8.6a arbitrary-code-execution http://www.videolan.org/sa0701.html modular-xorg-server<1.1.1nb1 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 modular-xorg-server<1.1.1nb1 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 modular-xorg-server<1.1.1nb1 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 xorg-server<6.9.0nb14 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 xorg-server<6.9.0nb14 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 xorg-server<6.9.0nb14 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 mplayer<1.0rc9nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 gmplayer<1.0rc9nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 mencoder<1.0rc9nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 kdenetwork<3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070109-1.txt kdegraphics>=3.2.0<=3.5.5nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt koffice>=1.2<=1.6.1nb1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt mit-krb5<1.4.2nb4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519321296&w=2 bind>=9.0<9.3.4 denial-of-service http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764&w=2 py{15,20,21,22,23,24,25,26,27,31}-django<0.95.1 privilege-escalation http://secunia.com/advisories/23826/ squid<2.6.7 denial-of-service http://secunia.com/advisories/23767/ rubygems<0.9.0nb2 overwrite-arbitrary-files http://www.frsirt.com/english/advisories/2007/0295 ap{,13,2,22}-auth-kerb<5.3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989 drupal<4.7.6 remote-code-execution http://drupal.org/node/113935 bugzilla<2.22.2 cross-site-scripting http://www.bugzilla.org/security/2.20.3/ wireshark<0.99.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456 wireshark<0.99.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457 wireshark<0.99.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458 wireshark<0.99.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459 samba<3.0.24 denial-of-service http://samba.org/samba/security/CVE-2007-0452.html samba<3.0.24 solaris-buffer-overflow http://samba.org/samba/security/CVE-2007-0453.html samba<3.0.24 vfs-format-string http://samba.org/samba/security/CVE-2007-0454.html kdelibs<3.5.6nb2 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt poppler<0.5.4nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 php>5<5.2.1 bypass-security-restrictions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905 php>5<5.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 php>5<5.2.1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 php>5<5.2.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 php>5<5.2.1 unspecified-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 snort{,-mysql,-pgsql}<2.6.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931 clamav<0.90 denial-of-service http://secunia.com/advisories/24187/ spamassassin<3.1.8 denial-of-service http://secunia.com/advisories/24197/ mimedefang>=2.59<=2.60 denial-of-service http://secunia.com/advisories/24133/ mimedefang>=2.59<=2.60 remote-code-execution http://secunia.com/advisories/24133/ libsoup-devel<2.2.99 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5876 gd<2.0.34 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 rar-bin<3.7beta1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 unrar<3.7.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 xine-ui<0.99.4nb8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254 amarok<1.4.5nb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979 snort>=2.6.1<2.6.1.3 remote-code-execution http://www.snort.org/docs/advisory-2007-02-19.html firefox{,-bin,-gtk1}<1.5.0.10 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}-1.5.0.10 ssl-buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-06.html thunderbird{,-gtk1}-1.5.0.10 ssl-buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}<1.0.8 ssl-buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 ssl-buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-06.html nss<3.11.5 ssl-buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-06.html firefox{,-bin,-gtk1}<1.5.0.10 hostname-forgery https://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 hostname-forgery https://www.mozilla.org/security/announce/2007/mfsa2007-07.html seamonkey{,-bin,-gtk1}<1.0.8 hostname-forgery https://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}-1.5.0.9 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}-2.0.0.1 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}<1.5.0.10 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-09.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-10.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-10.html thunderbird{,-gtk1}<1.5.0.10 buffer-overflow https://www.mozilla.org/security/announce/2007/mfsa2007-10.html php<4.4.6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 silc-server<1.0.3 denial-of-service http://silcnet.org/general/news/?item=security_20070306_1 trac<0.10.3.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 ja-trac<0.10.3.1.1 cross-site-scripting http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 p5-CGI-Session<4.12 sql-injection http://osdir.com/ml/lang.perl.modules.cgi-session.user/2006-04/msg00004.html horde<3.1.4 cross-site-scripting http://lists.horde.org/archives/announce/2007/000315.html horde<3.1.4 arbitrary-file-removal http://lists.horde.org/archives/announce/2007/000315.html libwpd<0.8.9 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 phpmyadmin<2.10.0.2 denial-of-service http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3 squid<2.6.12 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_1.txt zope29<2.9.4nb4 privilege-escalation http://www.zope.org/Products/Zope/Hotfix-2007-03-20/ openafs<1.4.4 privilege-escalation http://www.openafs.org/security/OPENAFS-SA-2007-001.txt asterisk<1.2.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306 asterisk<1.2.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561 file<4.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 dovecot<1.0rc15nb1 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html dovecot>=1.0rc16<1.0rc29 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2007-March/000038.html xorg-server<1.2.0nb2 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libXfont<1.2.7nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html libX11<1.1.1nb1 memory-corruption http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html qt3-libs<3.3.8nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 qt4-libs<4.2.3nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 kdelibs<3.5.6nb3 information-disclosure http://www.kde.org/info/security/advisory-20070326-1.txt openoffice2<2.1.0nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2<2.1.0nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2<2.1.0nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice<2.1.0nb5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 openoffice2-bin<2.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2-bin<2.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2-bin<2.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice2-bin<2.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 freetype2<2.3.2nb1 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 xmms<1.2.10nb8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0653 ipsec-tools<0.6.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841 fetchmail<6.3.8 password-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 lighttpd<1.4.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870 lighttpd<1.4.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869 opera<9.20 cross-site-scripting http://www.opera.com/support/search/view/855/ opera<9.20 unknown-impact http://www.opera.com/support/search/view/858/ bind>=9.4.0<9.4.1 denial-of-service http://www.isc.org/index.pl?/sw/bind/bind-security.php postgresql73-server<7.3.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql73-server<7.3.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql74-server<7.4.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql80-server<8.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql80-server<8.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql81-server<8.1.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql81-server<8.1.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql82-server<8.2.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql82-server<8.2.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.17 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql80-server<8.0.13 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql81-server<8.1.9 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql82-server<8.2.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 php4-gd<4.4.6nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 php5-gd<5.2.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 zziplib<0.10.82nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1614 squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 squirrelmail<=1.4.10 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 ja-squirrelmail<=1.4.10 cross-site-scripting http://www.squirrelmail.org/security/issue/2007-05-09 ja-squirrelmail<=1.4.10 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 zoo<2.10.1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669 php4-mssql<4.4.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 php5-mssql<5.2.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 samba>=3.0.23d<3.0.24nb2 privilege-elevation http://www.samba.org/samba/security/CVE-2007-2444.html samba>=3.0.0<3.0.24nb2 remote-code-execution http://www.samba.org/samba/security/CVE-2007-2446.html samba>=3.0.0<3.0.24nb2 remote-command-execution http://www.samba.org/samba/security/CVE-2007-2447.html php{4,5}-pear<1.5.4 arbitrary-code-execution http://pear.php.net/advisory-20070507.txt clamav<0.90.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 clamav<0.90.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2029 png<1.2.17 denial-of-service http://secunia.com/advisories/25292/ quagga<0.98.6nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 quagga>0.99<0.99.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 freetype2<2.3.2nb2 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 freetype2>=2.3.3<2.3.4nb1 arbitrary-code-execution https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 ap{2,22}-modsecurity{,2}>2<2.1.1 bypass-request-rules https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1359 gimp>2.2<2.2.13nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-base<1.2.5nb7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-2.2.14 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 eggdrop<=1.6.17nb1 arbitrary-code-execution http://www.eggheads.org/bugzilla/show_bug.cgi?id=462 mutt<1.4.2.3 password-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 mutt<1.4.2.3 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683 ap{,2,22}-jk<1.2.23 directory-traversal http://tomcat.apache.org/connectors-doc/news/20070301.html#20070518.1 ap{,2,22}-jk>=1.2.19<=1.2.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774 apache-tomcat<=5.5.17 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 apache-tomcat<5.5.22 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 jakarta-tomcat4<=4.1.24 http-response-smuggling https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 jakarta-tomcat5<=5.0.19 http-response-smuggling https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 firefox{,-bin,-gtk1}<1.5.0.12 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-12.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}>=2.0<2.0.0.4 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}<1.0.9 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 password-exposure https://www.mozilla.org/security/announce/2007/mfsa2007-15.html thunderbird{,-gtk1}>=2.0<2.0.0.4 password-exposure https://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}<1.0.9 password-exposure https://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 password-exposure https://www.mozilla.org/security/announce/2007/mfsa2007-15.html firefox{,-bin,-gtk1}<1.5.0.12 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-16.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}<1.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-16.html clamav<0.90.3 buffer-overflows http://lurker.clamav.net/message/20070530.224918.5c64abc4.en.html apache>=2.2.4<2.2.4nb4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 php>5.0<5.2.3nb1 integer-overflow http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 denial-of-service http://www.php.net/ChangeLog-5.php#5.2.3 php>5.0<5.2.3 filtering-bypass http://www.php.net/ChangeLog-5.php#5.2.3 mplayer<1.0rc9nb7 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 gmplayer<1.0rc9nb2 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 spamassassin<3.1.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 spamassassin-3.2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 file<4.21 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799 mecab-base<0.96 buffer-overflows http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3231 gnupg<1.4.7 signature-spoof https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263 openoffice2{,-bin}<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-0245.html openoffice2-bin<2.2.1 arbitrary-code-execution http://www.openoffice.org/security/CVE-2007-2754.html ktorrent<2.1.2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1385 vlc>0.8<0.8.5nb6 format-string http://www.videolan.org/sa0702.html vlc<0.7.2nb17 format-string http://www.videolan.org/sa0702.html bitchx<1.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360 xvidcore<1.1.2nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3329 evolution-data-server<1.10.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257 proftpd<1.3.1rc2nb1 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165 apache<1.3.37nb2 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache<1.3.37nb2 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.0<2.0.59nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.0<2.0.59nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1863 apache>=2.2.0<2.2.4nb6 cross-site-scripting http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5752 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3304 apache>=2.2.0<2.2.4nb6 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-1863 flac123<0.0.10 arbitrary-code-execution http://www.isecpartners.com/advisories/2007-002-flactools.txt phpmyadmin<2.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-2 phpmyadmin<2.9.2 http-response-splitting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-1 phpmyadmin<2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-4 p5-Net-DNS<0.60 domain-name-spoofing http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3377 p5-Net-DNS<0.60 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3409 gimp>2.2<2.2.15nb2 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp-base<1.2.5nb6 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ gimp>2.3<2.3.18nb1 arbitrary-code-execution http://secunia.com/secunia_research/2007-63/advisory/ libarchive<1.3.1nb1 infinite-loop https://www.freebsd.org/security/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 null-dereference https://www.freebsd.org/security/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 arbitrary-code-execution https://www.freebsd.org/security/advisories/FreeBSD-SA-07:05.libarchive.asc clamav<0.91 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725 centericq<4.21.0nb5 arbitrary-code-execution http://www.leidecker.info/advisories/07-06-07_centericq_bof.txt ipcalc<0.41 cross-site-scripting http://jodies.de/ipcalc-archive/ipcalc-0.40/ipcalc-security.html lighttpd<1.4.14 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt lighttpd<1.4.15 denial-of-service http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_03.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_04.txt lighttpd<1.4.16 denial-of-service http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_05.txt lighttpd<1.4.16 arbitrary-code-execution http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_06.txt lighttpd<1.4.16 privacy-leak http://www.lighttpd.net/assets/2007/7/24/lighttpd_sa2007_08.txt firefox{,-bin,-gtk1}<2.0.0.5 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}<1.5.0.13 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}>=2.0<2.0.0.5 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-18.html firefox{,-bin,-gtk1}<2.0.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-19.html firefox{,-bin,-gtk1}<2.0.0.5 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-21.html firefox{,-bin,-gtk1}<2.0.0.5 unauthorized-access https://www.mozilla.org/security/announce/2007/mfsa2007-24.html seamonkey{,-bin,-gtk1}<1.1.3 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-18.html seamonkey{,-bin,-gtk1}<1.1.3 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-19.html seamonkey{,-bin,-gtk1}<1.1.3 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-21.html seamonkey{,-bin,-gtk1}<1.1.3 unauthorized-access https://www.mozilla.org/security/announce/2007/mfsa2007-24.html drupal>=5<5.2 cross-site-request-forgeries http://drupal.org/node/162360 drupal>=5<5.2 cross-site-scripting http://drupal.org/node/162361 bind>9.4.0<9.4.1pl1 weak-default-acls https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 bind>9.4.0<9.4.1pl1 cryptographically-weak-query-ids https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 firefox{,-bin,-gtk1}<2.0.0.6 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}<1.5.0.13 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}>=2.0<2.0.0.6 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-26.html seamonkey{,-bin,-gtk1}<1.1.4 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-26.html firefox{,-bin,-gtk1}<2.0.0.6 command-injection https://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=1.5<1.5.0.13 command-injection https://www.mozilla.org/security/advisories/mfsa2007-27/ thunderbird{,-gtk1}>=2.0<2.0.0.6 command-injection https://www.mozilla.org/security/announce/2007/mfsa2007-27.html seamonkey{,-bin,-gtk1}<1.1.4 command-injection https://www.mozilla.org/security/announce/2007/mfsa2007-27.html acroread-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread5-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gaim-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wmmail-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mozilla-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>5.0<5.2.3nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 php<4.4.7nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 qt3-libs<3.3.8nb3 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 tcpdump<3.9.7 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 ethereal-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kdegraphics<3.5.7nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt koffice<1.6.3nb1 arbitrary-code-execution http://www.kde.org/info/security/advisory-20070730-1.txt py{15,20,21,22,23,24,25,26,27,31}-denyhosts<2.6nb1 denial-of-service http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4323 squidGuard<1.2.1 acl-bypass http://www.squidguard.org/Doc/sg-2007-04-15.html rsync<2.6.9nb1 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 opera<9.23 arbitrary-code-execution http://www.opera.com/support/search/view/865/ links{,-gui}-2.1.0.29* remote-command-execution http://links.twibright.com/download/ChangeLog kdelibs<3.5.7nb1 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt kdebase<3.5.7nb2 url-spoofing http://www.kde.org/info/security/advisory-20070914-1.txt xfce4-terminal<0.2.6nb1 remote-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 apache>=2.0<2.0.61 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 apache>=2.2.0<2.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 lighttpd<1.4.18 remote-code-execution http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt bind>8<8.4.7pl1 cryptographically-weak-query-ids http://www.kb.cert.org/vuls/id/927905 bind>8<8.9.9 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt3-libs<3.3.8nb5 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 qt4-libs<4.3.2 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 bugzilla>3<3.0.2 unauthorised-account-creation http://www.bugzilla.org/security/3.0.1/ kdebase>=3.3.0<3.5.7nb4 local-root-shell http://www.kde.org/info/security/advisory-20070919-1.txt ImageMagick<6.3.5.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985 ImageMagick<6.3.5.9 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986 ImageMagick<6.3.5.9 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987 ImageMagick<6.3.5.9 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 fetchmail<6.3.8nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565 libXfont-1.3.1 buffer-overflow http://mail-index.netbsd.org/pkgsrc-changes/2007/09/24/0008.html ruby18-base<1.8.6.110nb1 access-validation-bypass http://www.isecpartners.com/advisories/2007-006-rubyssl.txt libpurple<2.2.1 denial-of-service http://www.pidgin.im/news/security/?id=23 openoffice2<2.2.1nb3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2<2.2.1nb3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 heap-overflow http://www.openoffice.org/security/cves/CVE-2007-2834.html openoffice2-bin<2.3 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-2834.html openttd<0.5.3 remote-code-execution http://www.tt-forums.net/viewtopic.php?f=29&t=34077 xentools{3,30}-hvm<=3.1.0 remote-code-execution http://secunia.com/advisories/26986/ dircproxy<1.2.0beta2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226 spamassassin<3.1.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451 gnucash<2.0.5 local-symlink-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0007 chmlib<0.39 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619 GConf2<2.16.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6698 drupal<5.3 arbitrary-code-execution http://drupal.org/node/184315 drupal<5.3 cross-site-scripting http://drupal.org/node/184320 drupal<5.3 cross-site-request-forgery http://drupal.org/node/184348 drupal<5.3 access-bypass http://drupal.org/node/184354 drupal<5.3 http-response-splitting http://drupal.org/node/184315 firefox{,-bin,-gtk1}<2.0.0.8 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-29.html seamonkey{,-bin,-gtk1}<1.1.5 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird{,-gtk1}>=2.0<2.0.0.8 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-29.html firefox{,-bin,-gtk1}<2.0.0.8 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-35.html seamonkey{,-bin,-gtk1}<1.1.5 privilege-escalation https://www.mozilla.org/security/announce/2007/mfsa2007-35.html openssl<0.9.7inb5 arbitrary-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5135 p5-XML-RSS<1.31 markup-injection-vulnerability http://search.cpan.org/src/ABH/XML-RSS-1.31/Changes mantis<1.0.8 cross-site-scripting http://www.mantisbt.org/changelog.php mantis<1.0.8 security-bypass http://www.mantisbt.org/changelog.php cups<1.2.12nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 libpurple<2.2.2 denial-of-service http://www.pidgin.im/news/security/?id=24 perl<5.8.8nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 mono<1.1.13.8.1nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197 phpmyadmin<2.11.1.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-6 phpmyadmin<2.11.1.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-7 koffice<1.6.3nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics<3.5.7nb4 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt kdegraphics-3.5.8 arbitrary-code-execution http://www.kde.org/info/security/advisory-20071107-1.txt samba>=3.0.0<3.0.26anb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 samba>=3.0.0<3.0.26anb2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 openldap-server<2.3.39 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707 flac<1.2.1 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 apache-tomcat<5.5.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 apache-tomcat<5.5.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 ircservices<5.0.63 denial-of-service http://lists.ircservices.za.net/pipermail/ircservices/2007/005558.html poppler<0.6.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 poppler<0.6.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 poppler<0.6.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 wireshark<0.99.7pre2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2007-03.html php>=5<5.2.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 net-snmp<5.4.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846 base<1.3.9 cross-site-scripting http://sourceforge.net/project/shownotes.php?group_id=103348&release_id=555614 firefox{,-bin,-gtk1}<2.0.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-37.html firefox{,-bin,-gtk1}<2.0.0.10 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-38.html firefox{,-bin,-gtk1}<2.0.0.10 cross-site-request-forgery https://www.mozilla.org/security/announce/2007/mfsa2007-39.html wesnoth<1.2.8 arbitrary-code-execution http://www.wesnoth.org/forum/viewtopic.php?p=264289#264289 micq-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ikiwiki<2.13 remote-file-view http://ikiwiki.info/security/#index29h2 cairo<1.4.12 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 seamonkey{,-bin,-gtk1}<1.1.7 cross-site-scripting https://www.mozilla.org/security/announce/2007/mfsa2007-37.html seamonkey{,-bin,-gtk1}<1.1.7 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-38.html seamonkey{,-bin,-gtk1}<1.1.7 cross-site-request-forgery https://www.mozilla.org/security/announce/2007/mfsa2007-39.html squid<2.6.17 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2007_2.txt drupal<5.4 sql-injection http://drupal.org/node/198162 ruby18-actionpack<1.13.6 www-session-fixation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077 samba<3.0.26anb3 remote-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 openoffice2<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html openoffice2-bin<2.3.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2007-4575.html mysql-server>5.0<5.0.51 remote-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 ruby18-gnome2-gtk<0.16.0nb2 format-string http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6183 exiftags<1.01 arbitrary-code-execution http://secunia.com/advisories/28110/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1 denial-of-service http://www.djangoproject.com/weblog/2007/oct/26/security-fix/ cups<1.3.5 remote-code-execution http://www.cups.org/str.php?L2589 cups<1.3.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393} clamav<0.92 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759 dovecot>=1.0.rc11<1.0.9nb1 unauthorized-access http://www.dovecot.org/list/dovecot-news/2007-December/000057.html opera<9.25 cross-site-scripting http://www.opera.com/support/search/view/875/ php<4.4.8 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378 php<4.4.8 denial-of-service http://www.php-security.org/MOPB/MOPB-03-2007.html libsndfile<1.0.17nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974 postgresql80-server<8.0.15 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql80-server<8.0.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql80-server<8.0.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql80-server<8.0.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql80-server<8.0.15 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql81-server<8.1.11 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql81-server<8.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql81-server<8.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql81-server<8.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql81-server<8.1.11 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql82-server<8.2.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql82-server<8.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql82-server<8.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql82-server<8.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql82-server<8.2.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 horde<3.1.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 turba<2.1.6 privilege-escalation http://lists.horde.org/archives/announce/2008/000361.html kronolith<2.1.7 privilege-escalation http://lists.horde.org/archives/announce/2008/000362.html drupal<5.6 cross-site-request-forgery http://drupal.org/node/208562 drupal<5.6 cross-site-scripting http://drupal.org/node/208564 drupal<5.6 cross-site-scripting http://drupal.org/node/208565 apache<1.3.41 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache<1.3.41 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.0.35<2.0.63 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.0.35<2.0.63 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.2.0<2.2.8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 apache>=2.2.0<2.2.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 apache>=2.2.0<2.2.8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.2.0<2.2.8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 libXfont<1.3.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 modular-xorg-server<1.3.0nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 modular-xorg-server<1.3.0nb5 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 modular-xorg-server<1.3.0nb5 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 modular-xorg-server<1.3.0nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 modular-xorg-server<1.3.0nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 mplayer<1.0rc10nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} mencoder<1.0rc10nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} gmplayer<1.0rc10nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} xine-lib<1.1.10 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 firefox{,-bin,-gtk1}<2.0.0.12 memory-corruption https://www.mozilla.org/security/announce/2008/mfsa2008-01.html firefox{,-bin,-gtk1}<2.0.0.12 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-03.html firefox{,-bin,-gtk1}<2.0.0.12 privacy-leak https://www.mozilla.org/security/announce/2008/mfsa2008-06.html seamonkey{,-bin,-gtk1}<1.1.8 memory-corruption https://www.mozilla.org/security/announce/2008/mfsa2008-01.html seamonkey{,-bin,-gtk1}<1.1.8 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-03.html seamonkey{,-bin,-gtk1}<1.1.8 privacy-leak https://www.mozilla.org/security/announce/2008/mfsa2008-06.html SDL_image<1.2.6nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544 SDL_image<1.2.6nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697 RealPlayerGold<10.0.9 buffer-overflow http://service.real.com/realplayer/security/10252007_player/en/ thunderbird{,-gtk1}>=2.0<2.0.0.12 heap-overflow https://www.mozilla.org/security/announce/2008/mfsa2008-12.html pcre<7.6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 blender<2.43 local-command-inject http://secunia.com/advisories/24232/ evolution<2.8.2 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1266 sylpheed<2.2.8 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 sylpheed-claws<2.2.8 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 mutt<1.5.14 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1268 GNUMail<1.1.2 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1269 courier-imap<4.0.7 remote-root-shell http://www.gentoo.org/security/en/glsa/glsa-200704-18.xml wireshark<0.99.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-01.html vlc<0.8.6dnb2 remote-user-shell http://secunia.com/advisories/29122/ xine-lib<1.1.10.1 remote-user-shell http://secunia.com/advisories/28801/ mono<1.2.5.1 buffer-overflow http://secunia.com/advisories/27493/ mono<1.2.6 cross-site-scripting http://secunia.com/advisories/27349/ mono<1.2.6 buffer-overflow http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5197 phpmyadmin<2.11.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-8 phpmyadmin<2.11.5 sql-injection http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 viewvc<1.0.5 security-bypass http://viewvc.tigris.org/source/browse/viewvc/trunk/CHANGES?rev=HEAD thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell https://www.mozilla.org/security/announce/2008/mfsa2008-01.html thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell https://www.mozilla.org/security/announce/2008/mfsa2008-03.html thunderbird{,-gtk1}>=2.0<2.0.0.12 directory-traversal https://www.mozilla.org/security/announce/2008/mfsa2008-05.html ghostscript>7<8.62 buffer-overflow http://scary.beasts.org/security/CESA-2008-001.html audacity<1.2.6nb1 symlink-attack http://www.gentoo.org/security/en/glsa/glsa-200803-03.xml dbus<1.0.2nb5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 acroread{,5,7}-[0-9]* remote-user-shell http://www.securityfocus.com/bid/22753 acroread{,5,7}-[0-9]* remote-stack-smash http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657 acroread{,5,7}-[0-9]* remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663 acroread{,5,7}-[0-9]* remote-user-shell http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 acroread{,5,7}-[0-9]* multiple-unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0655 acroread{,5,7}-[0-9]* remote-printing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0667 acroread{,5,7}-[0-9]* remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0726 opera<9.26 remote-information-disclosure http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1080 opera<9.26 remote-code-execution http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1081 opera<9.26 security-bypass http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1082 turba<2.1.7 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0807 kdepim<3.5.7 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1265 lighttpd<1.4.18nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 cups<1.3.6 denial-of-service http://www.cups.org/str.php?L2656 acroread{,5,7}-[0-9]* temporary-files-race http://support.novell.com/techcenter/psdb/d8c48c63359fc807624182696d3d149c.html py{15,20,21,22,23,24,25,26,27,31}-paramiko<1.7 remote-information-exposure http://www.lag.net/pipermail/paramiko/2008-January/000599.html icu<3.6nb2 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 icu<3.6nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 e2fsprogs<1.40.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 splitvt<1.6.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0162 sun-j{re,dk}14<2.17 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}15<5.0.15 unknown http://secunia.com/advisories/29239/ sun-j{re,dk}6<6.0.5 unknown http://secunia.com/advisories/29239/ evolution<2.12.3nb2 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072 silc-toolkit<1.1.6 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1227 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt mit-krb5>=1.6<1.6.3 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-006.txt horde<3.1.7 arbitrary-file-inclusion http://lists.horde.org/archives/announce/2008/000382.html synce-dccm<0.10.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6703 synce-dccm>=0.9.2<0.10.1 arbitrary-script-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1136 dovecot<1.0.13 authentication-bypass http://www.dovecot.org/list/dovecot-news/2008-March/000064.html ruby18-base<1.8.6.114 access-validation-bypass http://preview.ruby-ang.org/en/news/2008/03/03/webrick-file-access-vulnerability/ mailman<2.1.10 script-insertion http://secunia.com/advisories/28794/ openldap<2.3.39 denial-of-service http://secunia.com/advisories/27424/ openldap<2.3.41 denial-of-service http://secunia.com/advisories/28926/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.1 multiple-vulnerabilities http://secunia.com/advisories/29010/ webmin<1.330 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1276 webmin<1.350 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3156 webmin<1.370 arbitrary-script-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5066 webmin<1.370nb3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0720 apache-tomcat<5.5.21 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 apache-tomcat<5.5.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 apache-tomcat<5.5.25 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{3382,3385} apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 apache-tomcat>=5.5.9<5.5.26 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 apache-tomcat>=5.5.11<5.5.26 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 mplayer<1.0rc10nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mplayer<1.0rc10nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 mencoder<1.0rc10nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mencoder<1.0rc10nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 gmplayer<1.0rc10nb3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 gmplayer<1.0rc10nb3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 xine-lib<1.1.9.1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 xine-lib<1.1.9.1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0238 xine-lib<1.1.10.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486 p5-Net-DNS<0.63 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341 roundup<1.4.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474 roundup<1.4.4 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475 lighttpd<1.4.19 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111 lighttpd<1.4.19 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270 sarg<2.2.5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1167 sarg<2.2.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1168 liblive<2007.11.18 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6036 nagios-base<2.5nb5 cross-site-scripting http://secunia.com/advisories/29363/ wml<2.0.9nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665 wml<2.0.9nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666 userppp-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1215 jasper<1.900.1nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 png<1.2.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 plone3<3.1 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0164 maradns<1.2.12.06nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0061 xine-lib<1.1.10.1nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 quagga>=0.99<0.99.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826 jakarta-tomcat4<4.1.37 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 nss_ldap<259 data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794 nagios-plugins<1.4.3nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5198 nagios-plugin-snmp<1.4.3nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5623 openoffice2<2.3.1nb5 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 openoffice2<2.3.1nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 asterisk<1.2.27 authentication-bypass http://downloads.digium.com/pub/security/AST-2008-003.html mit-krb5<1.3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5>=1.6<1.6.4 arbitrary-code-execution http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-001.txt mit-krb5<1.4.2nb6 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt mit-krb5>=1.6<1.6.3 denial-of-service http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt silc-client<1.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 silc-toolkit<1.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 unzip<5.52nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 namazu<2.0.18 cross-site-scripting http://secunia.com/advisories/29386/ maradns<1.2.12.06 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3114 qemu<0.9.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 qemu<0.9.1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6227 qemu<0.10.0 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 instiki<0.13 cross-site-scripting http://rubyforge.org/forum/forum.php?forum_id=22805 freetype2<2.3.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3506 bzip2<1.0.5 denial-of-service https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html ircu<2.10.12.12nb1 denial-of-service http://lists.grok.org.uk/pipermail/full-disclosure/2008-March/060906.html p7zip<4.57 unknown https://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html libvorbis<1.2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 libvorbis<1.2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029 libvorbis<1.2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065 libvorbis<1.2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066 vlc<0.8.6dnb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 silc-client<1.1.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-server<1.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-toolkit<1.1.7 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 mysql-client<5.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<5.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnupg-1.4.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html gnupg2-2.0.8{,nb*} memory-corruption http://lists.gnupg.org/pipermail/gnupg-announce/2008q1/000271.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-14.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 popup-spoofing https://www.mozilla.org/security/announce/2008/mfsa2008-19.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 cross-site-request-forgery https://www.mozilla.org/security/announce/2008/mfsa2008-16.html thunderbird{,-gtk1}>=2.0<2.0.0.13 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 popup-spoofing https://www.mozilla.org/security/announce/2008/mfsa2008-19.html seamonkey{,-bin,-gtk1}<1.1.9 cross-site-request-forgery https://www.mozilla.org/security/announce/2008/mfsa2008-16.html centerim<4.22.4 shell-command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1467 p5-Tk<804.027nb7 buffer-overflow http://secunia.com/advisories/29546/ xpdf<3.02pl1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 xpdf<3.02pl2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 xpdf<3.02pl2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 xpdf<3.02pl2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 policyd-weight<0.1.14.17 privilege-escalation http://secunia.com/advisories/29553/ wireshark<1.0.0 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-02.html gtar-base<1.15.1nb5 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 eterm<0.9.4nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692 rxvt<2.7.10nb6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 rxvt-unicode<8.3nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 aterm<1.0.0nb5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 wterm<6.2.9nb8 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 mrxvt<0.5.3nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 phpmyadmin<2.11.5.1 unauthorized-access http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-2 inspircd<1.1.18 unspecified http://www.inspircd.org/forum/showthread.php?t=2945 comix<3.6.4nb2 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568 thunderbird<1.5.0.14 arbitrary-code-execution https://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird<1.5.0.14 memory-corruption https://www.mozilla.org/security/announce/2007/mfsa2007-40.html php<4.4.5 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 php>=5.0<5.2.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 cups<1.3.7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 cups<1.3.7 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 lighttpd<1.4.19nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531 openssh<4.7.1nb3 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 openssh<4.7.1nb3 security-bypass http://marc.info/?l=openssh-unix-dev&m=120692745026265 gnome-screensaver<2.21.6 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 gnome-screensaver<2.22.1 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887 sympa<5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 {ap2,ap22}-suphp<0.6.3 arbitrary-script-execution http://article.gmane.org/gmane.comp.php.suphp.general/348 acroread7<7.0.9 heap-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5857 libgtop<2.14.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 sun-{jdk,jre}13<1.0.19 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}14<2.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 sun-{jdk,jre}15<5.0.10 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1 koffice<1.2.1 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt kdegraphics<3.2.3 denial-of-service http://www.kde.org/info/security/advisory-20070115-1.txt ed<0.2nb2 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 GeoIP<1.4.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0159 kdebase<3.5.5 cross-site-scripting http://www.kde.org/info/security/advisory-20070206-1.txt opera<9.27 code-execution http://www.opera.com/support/search/view/881/ opera<9.27 memory-corruption http://www.opera.com/support/search/view/882/ balsa<2.3.10nb14 buffer-overflow http://bugzilla.gnome.org/show_bug.cgi?id=474366 xscreensaver<5.02 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859 xscreensaver<5.04 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 neon>=0.26.0<0.26.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157 kdebase<3.5.8 url-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 libevent<1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1030 openssl<0.9.8f side-channel https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 openssl<0.9.8f denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 sqlitemanager<1.2.0 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1232 sqlitemanager<1.2.0 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0516 dropbear<0.49 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099 tcpdump<3.9.7 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218 tcpdump<3.9.7 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 firefox-bin-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html ns-flash<9.0.124 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-11.html drupal>6<6.2 access-bypass http://drupal.org/node/244637 wireshark<0.99.6 denial-of-service http://www.wireshark.org/docs/relnotes/wireshark-0.99.6.html m4<1.4.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 python15-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python20-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python21-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python22-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.3.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797 ktorrent<2.1.2 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 ktorrent<2.1.3 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799 netperf<2.3.1nb1 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1444 imp<4.1.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1515 nas<1.9 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 nas<1.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 lookup<1.4.1 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237 asterisk>=1.4<1.4.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594 asterisk>=1.4<1.4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293 asterisk>=1.4<1.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488 zope210<2.10.3 cross-site-request-forgery http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view inkscape<0.45.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1463 mgv-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 ap-perl<1.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 ap13-perl<1.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 {ap2,ap22}-perl<2.0.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 mit-krb5<1.4.2nb5 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5>=1.6<1.6.1 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5<1.4.2nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5>=1.6<1.6.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5<1.4.2nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 mit-krb5>=1.6<1.6.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 openpbs<2.3.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5616 xorg-server<1.1.1 local-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 libXfont<1.2.0 local-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352 libX11<1.0.3 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 p5-Archive-Tar<1.37 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829 sun-{jdk,jre}14<2.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}15<5.0.11 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-102881-1 sun-{jdk,jre}14<2.14 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}15<5.0.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}6<6.0.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.0.235 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.1.039 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953 lftp<3.5.9 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348 elinks<0.11.3 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034 python24<2.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 python25<2.5.1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 libexif<0.6.14 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645 libexif<0.6.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 mysql-server<4.1.23 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server<4.1.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0<5.0.44 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.44 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0.9<5.0.51 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226 bochs<2.3.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2894 findutils<4.2.31 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2452 phppgadmin<4.1.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5728 base<1.3.8 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5578 mail-notification<4.1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3209 dspam<3.8.0 password-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418 exiv2<0.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6353 libexif<0.6.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 gd<2.0.35 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 sun-{jdk,jre}15<5.0.12 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 sun-{jdk,jre}6<6.0.1 cross-site-scripting http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1 openoffice2-bin<2.0.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 curl>=7.14.0<7.16.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564 libcdio<0.80 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613 firefox-bin-flash<9.0.47 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 ns-flash<9.0.47 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 firefox-bin-flash<9.0.48 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 ns-flash<9.0.48 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 sun-{jdk,jre}14<2.15 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}15<5.0.12 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 denial-of-service http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1 sun-{jdk,jre}6<6.0.2 arbitrary-code-execution http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1 modular-xorg-server<1.3.0.0nb10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730 php<5.2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 kdebase<3.5.8 url-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 asterisk<1.2.22 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk>=1.4<1.4.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk<1.2.23 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 asterisk>=1.4<1.4.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 teamspeak-server<2.0.23.19 remote-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3956 mldonkey<2.9.0 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4100 t1lib<5.1.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033 gdm<2.18.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381 tor<0.1.2.14 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3165 tor<0.1.2.16 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4174 clamav<0.93 remote-user-shell http://secunia.com/advisories/29000/ png>=1.0.6<1.0.33 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt png>=1.2.0<1.2.27beta01 multiple-vulnerabilities http://libpng.sourceforge.net/Advisory-1.2.26.txt mksh<33d privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1845 rsync>=3.0.0<3.0.2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720 xine-lib<1.1.12 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 cups<1.3.7nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722 xine-lib<1.1.12nb1 remote-system-access http://secunia.com/advisories/29850/ openoffice2{,-bin}<2.4 remote-system-access http://secunia.com/advisories/29852/ firefox{,-bin,-gtk1}<2.0.0.14 remote-system-access https://www.mozilla.org/security/announce/2008/mfsa2008-20.html seamonkey{,-bin,-gtk1}<1.1.10 remote-system-access https://www.mozilla.org/security/announce/2008/mfsa2008-20.html thunderbird{,-gtk1}<2.0.0.14 remote-system-access https://www.mozilla.org/security/announce/2008/mfsa2008-20.html vlc<0.8.6e arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6e arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682 vlc<0.8.6e arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 vlc<0.8.6e arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 vlc<0.8.6f arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6f arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 vlc<0.8.6f denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 vlc<0.8.6f remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 poppler<0.8.0nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 xpdf<3.02pl2nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 streamripper<1.61.27nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4337 sudo<1.6.9 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3149 po4a<0.23nb4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462 bugzilla<2.22.3 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla<2.22.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 bugzilla>3<3.0.1 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla>3<3.0.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 konversation<1.0.1nb8 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400 id3lib<3.8.3nb4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460 sylpheed<2.4.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 claws-mail<3.0.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 subversion-base<1.4.5 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3846 bitchx<1.1nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584 bitchx<1.1nb3 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5839 star<1.4.3nb4 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4134 claws-mail<3.2.0 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 samba>3.0.25<3.0.26 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 kdebase>=3.3.0<3.5.8 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 asterisk>1.4.4<1.4.12 denial-of-service http://downloads.digium.com/pub/asa/AST-2007-021.html fuse-chironfs<1.0RC7 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5101 sun-{jdk,jre}14<2.16 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}15<5.0.13 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 sun-{jdk,jre}6<6.0.3 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-26-103079-1 pwlib<1.8.3nb8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 wesnoth<1.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 wesnoth>=1.3<1.3.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 bacula<2.2.4nb4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5626 delegate<9.7.5 arbitrary-code-execution http://www.delegate.org/mail-lists/delegate-en/3856 sun-{jdk,jre}14<2.16 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}15<5.0.13 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 sun-{jdk,jre}6<6.0.3 arbitrary-file-overwrite http://sunsolve.sun.com/search/document.do?assetkey=1-26-103112-1 3proxy<0.5.3j denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5622 phpmyadmin<2.11.5.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924 vobcopy<1.1.0 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5718 liferea<1.4.6 insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5751 perdition<1.17nb8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 emacs{,-nox11}>=22<22.1nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5795 dbmail<2.2.9 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6714 blender<2.45nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102 blender<2.45nb2 insecure-temporary-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103 kronolith<2.1.8 cross-site-scripting http://marc.info/?l=horde-announce&m=120931816706926&w=2 vorbis-tools<1.2.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 SDL_sound<1.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 sweep<0.9.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 emacs{,-nox11}>=20<20.7nb11 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=21<21.4anb13 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=22<22.1nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}<21.4.17nb5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}>=21.5<21.5.27nb2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 kdelibs>=3.5.5<3.5.9nb1 linux-denial-of-service http://www.kde.org/info/security/advisory-20080426-2.txt ikiwiki<2.42 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0165 py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1937 swfdec<0.6.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1834 php5-apc<5.2.5.3.0.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1488 xine-lib<1.1.11.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 wyrd<1.4.1nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806 imp<4.1.6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 win32-codecs<071007 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200803-08.xml graphviz<2.14 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 scponly<4.8 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350 boost-libs<1.34.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 boost-headers<1.34.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 glib2<2.14.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 plone25<2.5.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 plone3<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 speex<1.0.5nb1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 php>=5<5.2.5 security-bypass http://securityreason.com/achievement_securityalert/47 php>=5<5.2.5 arbitrary-code-execution http://www.php.net/releases/5_2_5.php php>=5<5.2.6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 php>=5<5.2.6 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php>=5<5.2.6 unknown http://www.php.net/ChangeLog-5.php#5.2.6 php5-pear-MDB2<2.4.1nb1 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_mysql<1.4.1nb1 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_pgsql<1.4.1nb1 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 pioneers<0.11.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010 teTeX-bin<3.0nb16 arbitrary-code-execution http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml liferea<1.4.8 privilege-escalation http://www.novell.com/linux/security/advisories/2005_22_sr.html rsync<2.6.9nb2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 bugzilla>=2.17.2<2.22.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 cross-site-scripting http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 account-impersonation http://www.bugzilla.org/security/2.20.5/ bugzilla>=3.0<3.0.4 unauthorized-bug-change http://www.bugzilla.org/security/2.20.5/ GraphicsMagick<1.1.12 remote-security-bypass http://sourceforge.net/project/shownotes.php?release_id=595544 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=696 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=697 rdesktop<1.5.0nb4 remote-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=698 php<5 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 php<4.4.8 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php>=5<5.2.5 weak-rng-source http://www.sektioneins.de/advisories/SE-2008-02.txt php<5 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php>=5<5.2.6 security-bypass http://www.sektioneins.de/advisories/SE-2008-03.txt php<5 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 php>=5<5.2.6 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 licq<1.3.5nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996 php>=4<5 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<4.1.24 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5<5.0.51bnb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5.1<5.1.24 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 qemu-0.9.1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004 ganglia-webfrontend<3.0.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465 kdebase<3.5.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963 mantis<1.1.0 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8679 mantis<1.1.1 cross-site-scripting http://www.mantisbt.org/bugs/view.php?id=8756 xmp<2.6.0 arbitrary-code-execution http://aluigi.altervista.org/adv/xmpbof-adv.txt RealPlayerGold-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0098 qt4-libs>=4.3.0<4.3.3 certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5965 mongrel>=1.0.4<1.1.3 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6612 openafs<1.4.6 denial-of-service http://www.openafs.org/security/OPENAFS-SA-2007-003.txt libxml2<2.6.31 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 bind<8.4.7pl1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 bind>=9<9.4.1pl1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 gnumeric<1.8.1 arbitrary-code-execution http://bugzilla.gnome.org/show_bug.cgi?id=505330 sun-{jdk,jre}15<5.0.14 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.2 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231261-1 sun-{jdk,jre}6<6.0.4 security-bypass http://sunsolve.sun.com/search/document.do?assetkey=1-66-231246-1 tk<8.4.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 acroread8<8.1.2 arbitrary-code-execution http://www.adobe.com/go/kb403079 acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/go/kb403079 clamav<0.92.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 GraphicsMagick<1.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 vmware<5.5.6 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 vmware>=6<6.0.3 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 tcl<8.4.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 mplayer<1.0rc10nb7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 gmplayer<1.0rc10nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 acroread<8.1.2 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread{5,7}-[0-9]* arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread8<8.1.2 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 duplicity<0.4.9 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5201 flex<2.5.33 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459 quake3arena-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3400 xdm<1.0.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214 libX11>=1.0.2<1.1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397 xenkernel3<3.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 xenkernel3<3.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 xentools3-hvm<3.1.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 sarg<2.2.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922 mysql-server<4.1.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 mysql-server>=5<5.0.42 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782 mt-daapd-0.2.4.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1771 mt-daapd<0.2.4.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824 mt-daapd<0.2.4.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 mantis<1.1.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611 libvorbis<1.2.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 libvorbis<1.2.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 libvorbis<1.2.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423 py{15,20,21,22,23,24,25,26,27,31}-django<0.96.1nb1 cross-site-scripting http://www.djangoproject.com/weblog/2008/may/14/security/ mantis<1.1.2 cross-site-request-forgery http://secunia.com/advisories/30270/ uudeview<0.5.20nb2 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 uulib<0.5.20nb4 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480972 WordNet<3.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 net-snmp<5.4.1nb2 arbitrary-code-execution http://secunia.com/advisories/30187/ libid3tag<0.15.1bnb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2109 ja-ptex-bin-[0-9]* remote-manipulation-of-data http://secunia.com/advisories/30168/ ja-ptex-bin-[0-9]* remote-system-access http://secunia.com/advisories/30168/ mtr<0.72nb1 arbitrary-code-execution http://seclists.org/fulldisclosure/2008/May/0488.html nagios-base<2.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803 gnutls<2.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 gnutls<2.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 gnutls<2.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 libxslt<1.1.24 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 snort<2.8.1 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 perl<5.8.8nb8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927 stunnel>=4.16<4.24 accepts-revoked-ocsp-cert http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2420 nagios-plugins<1.4.6 local-code-execution https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1630970&group_id=29880 samba<3.0.28anb1 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 spamdyke<3.1.8 remote-security-bypass http://secunia.com/advisories/30408/ imlib2<1.4.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 emacs{,-nox11}>=20<20.7nb11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=21<21.4anb12 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=22.1<22.1nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 xemacs-packages<1.16nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 apache-tomcat<5.5.27 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 apache-tomcat>=6<6.0.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 vmware<6.0.4 arbitrary-code-execution http://www.vmware.com/security/advisories/VMSA-2008-0008.html ikiwiki<2.48 authentication-bypass http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483770 openssl<0.9.8gnb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 websvn<1.61nb8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 evolution<2.12.3nb3 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 evolution>=2.22<2.22.2nb1 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 GraphicsMagick<1.1.14 remote-system-access http://secunia.com/advisories/30549/ GraphicsMagick>=1.2<1.2.3 remote-system-access http://secunia.com/advisories/30549/ exiv2<0.16nb1 denial-of-service http://dev.robotbattle.com/bugs/view.php?id=0000546 vmware<5.5.7 privilege-escalation http://www.vmware.com/security/advisories/VMSA-2008-0009.html asterisk<1.2.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119 mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-004.txt mit-krb5<1.4.2nb6 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt mit-krb5>=1.6<1.6.2 arbitrary-code-execution http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2007-005.txt asterisk<1.2.26 security-bypass http://downloads.digium.com/pub/security/AST-2007-027.html asterisk<1.2.28 denial-of-service http://downloads.digium.com/pub/security/AST-2008-006.html net-snmp<5.4.1nb4 spoof-authenticated-packets https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 freetype2<2.3.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 apache>2.0<2.0.63nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 apache>=2.2.0<2.2.8nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 openoffice2{,-bin}<2.4.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2008-2152.html courier-authlib<0.60.6 sql-injection http://marc.info/?l=courier-users&m=121293814822605&w=2 freetype2<2.3.6 arbitrary-code-execution http://labs.idefense.com/intelligence/vulnerabilities/display.php?id={715,716,717} nasm<2.02nb1 local-user-shell http://secunia.com/advisories/30594/ modular-xorg-server<1.3.0.0nb10 multiple-vulnerabilities http://lists.freedesktop.org/archives/xorg-announce/2008-June/000578.html opera<9.50 url-spoofing http://www.opera.com/support/search/view/878/ opera<9.50 information-disclosure http://www.opera.com/support/search/view/883/ opera<9.50 security-bypass http://www.opera.com/support/search/view/885/ vim{,-gtk,-gtk2,-motif,-xaw,-share}<7.1.299 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 turba<2.2.1 cross-site-scripting http://secunia.com/advisories/30704/ horde<3.1.7nb1 cross-site-scripting http://secunia.com/advisories/30697/ horde>=3.2<3.2.1 cross-site-scripting http://secunia.com/advisories/30697/ roundcube<0.2alpha cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321 clamav<0.93.2 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 fetchmail<6.3.8nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 ruby18-base<1.8.7.22 arbitrary-code-execution http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities phpmyadmin<2.11.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-4 rt<3.6.7 denial-of-service http://lists.bestpractical.com/pipermail/rt-announce/2008-June/000158.html acroread7<7.1.0 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html acroread8<8.1.2nb1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb08-15.html squid<2.6.21 denial-of-service http://marc.info/?l=squid-announce&m=121469526501591&w=2 squid<2.6.21 privacy-leak http://marc.info/?l=squid-announce&m=121469526501591&w=2 pidgin<2.4.3 arbitrary-code-execution http://archives.neohapsis.com/archives/bugtraq/2008-06/0225.html GraphicsMagick-1.1.[0-9]* remote-system-access http://secunia.com/advisories/30879/ GraphicsMagick>=1.2<1.2.4 remote-system-access http://secunia.com/advisories/30879/ firefox{,-bin,-gtk1}<2.0.0.15 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 seamonkey{,-bin,-gtk1}<1.1.10 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 wireshark<1.0.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-03.html ruby18-base<1.8.7.22nb1 denial-of-service http://securenetwork.it/ricerca/advisory/download/SN-2008-02.txt vlc<0.8.6fnb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430 openldap-client<2.4.9nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952 opera<9.51 information-disclosure http://www.opera.com/support/search/view/887/ thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 thunderbird{,-gtk1}<2.0.0.16 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-24.html thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 pcre<7.7nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 #vte-[0-9]* utmp-entry-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 libzvt-[0-9]* utmp-entry-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 bind>9.5.0<9.5.0pl1 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.4.0<9.4.2pl1 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.3.0<9.3.5pl1 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind-8.[0-9]* cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 poppler<0.8.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 drupal>6.0<6.3 cross-site-scripting http://drupal.org/node/280571 drupal>5.0<5.8 cross-site-request-forgeries http://drupal.org/node/280571 drupal>6.0<6.3 cross-site-request-forgeries http://drupal.org/node/280571 drupal>5.0<5.8 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 session-fixation http://drupal.org/node/280571 drupal>6.0<6.3 sql-injection http://drupal.org/node/280571 ffmpeg<0.4.9pre1nb4 remote-code-execution https://roundup.mplayerhq.hu/roundup/ffmpeg/issue311 sun-j{re,dk}14<2.18 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}15<5.0.16 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}6<6.0.7 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] wireshark<1.0.2 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-04.html zsh<4.2.6nb1 insecure-temporary-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 zsh>=4.3<4.3.4nb2 insecure-temporary-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 firefox{,-bin,-gtk1}<2.0.0.16 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-34.html firefox3{,-bin}<3.0.1 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-34.html seamonkey{,-bin,-gtk1}<1.1.11 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-34.html phpmyadmin<2.11.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-5 py{26,27,34,35,36}-mercurial<1.0.1nb1 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942 firefox{,-bin,-gtk1}<2.0.0.16 remote-information-exposure https://www.mozilla.org/security/announce/2008/mfsa2008-35.html firefox3{,-bin}<3.0.1 remote-information-exposure https://www.mozilla.org/security/announce/2008/mfsa2008-35.html byacc<20050813nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196 py{15,20,21,22,23,24,25,26,27,31}-moin<1.7.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.6.3 dnsmasq<2.45 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 asterisk<1.2.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk<1.2.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 asterisk>=1.4<1.4.21.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk>=1.4<1.4.21.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 openssh<5.0.1nb1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259 drupal<5.9 session-fixation http://drupal.org/node/286417 drupal>=6<6.3 session-fixation http://drupal.org/node/286417 newsx<1.6nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3252 trac<0.10.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3328 RealPlayerGold<11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5400 phpmyadmin<2.11.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6 gnutls>=2.3.5<2.4.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2377 fprot-workstation-bin-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3447 pan<0.133 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 openttd<0.6.2 arbitrary-code-execution http://sourceforge.net/project/shownotes.php?release_id=617243 python24<2.4.5nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python25<2.5.2nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python24<2.4.5nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 python25<2.5.2nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 apache-tomcat<5.5.27 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 apache-tomcat<5.5.27 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 jakarta-tomcat4<4.1.39 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 jakarta-tomcat4<4.1.39 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 jakarta-tomcat5-[0-9]* directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 libxslt<1.1.24nb1 arbitrary-code-execution http://www.scary.beasts.org/security/CESA-2008-003.html scmgit<1.5.6.4 remote-system-access http://kerneltrap.org/mailarchive/git/2008/7/16/2529284 ruby18-base<1.8.7.72 multiple-vulnerabilities http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/ powerdns<2.9.21nb2 data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337 pidgin<2.5.0 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532 mono<1.9.1nb2 cross-site-scripting http://secunia.com/advisories/31338/ apache-2.0.[0-5]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.6[0-2]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.63{,nb[12]} cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache>=2.2.0<2.2.9nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 python25<2.5.2nb3 weak-cryptography https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 bugzilla<2.22.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ bugzilla>=3.0<3.0.5 remote-information-exposure http://www.bugzilla.org/security/2.22.4/ amarok<1.4.10 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 ipsec-tools<0.7.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651 ipsec-tools<0.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.2.69 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 isc-dhcpd<3.1.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062 postfix<2.5.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix<2.5.4 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 postfix>=2.6.20080000<2.6.20080814 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix>=2.6.20080000<2.6.20080814 information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 drupal<5.10 multiple-vulnerabilities http://drupal.org/node/295053 drupal>=6<6.4 multiple-vulnerabilities http://drupal.org/node/295053 yelp>=2.19.90<2.22.1nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533 mktemp<1.6 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495193 xine-lib<1.1.15 remote-system-access http://www.ocert.org/advisories/ocert-2008-008.html zope29>=2.9<2.9.9nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope210>=2.10<2.10.6nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ zope211>=2.10<2.11.1nb1 denial-of-service http://www.zope.org/advisories/advisory-2008-08-12/ awstats<6.9 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714 sympa<5.4.4 privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494969 vlc<0.9.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc<0.9.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 sqlitemanager-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages R<2.7.0nb1 insecure-temporary-files http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496363 bitlbee<1.2.2 security-bypass http://secunia.com/advisories/31633/ tiff<3.8.2nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327 ruby18-base<1.8.7.72nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 vim<7.2.10 arbitrary-command-execution http://www.rdancer.org/vulnerablevim-K.html openoffice{,2}<2.4.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282 mono<1.9.1nb4 cross-site-scripting https://bugzilla.novell.com/show_bug.cgi?id=418620 gpsdrive-[0-9]* privilege-escalation http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496436 libxml2<2.7.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 opera<9.52 arbitrary-code-execution http://www.opera.com/support/search/view/892/ opera<9.52 security-bypass http://www.opera.com/support/search/view/893/ opera<9.52 security-bypass http://www.opera.com/support/search/view/895/ opera<9.52 local-file-reading http://www.opera.com/support/search/view/896/ opera<9.52 url-spoofing http://www.opera.com/support/search/view/897/ postfix<2.5.5 denial-of-service http://www.postfix.org/announcements/20080902.html clamav<0.94 denial-of-service http://secunia.com/advisories/31725/ py{15,20,21,22,23,24,25,26,27,31}-django<0.96.3 cross-site-request-forgery http://www.djangoproject.com/weblog/2008/sep/02/security/ wireshark>=0.9.7<1.0.3 denial-of-service http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675 wireshark>=0.10.14<1.0.3 arbitrary-code-execution http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649 png>=1.2.30beta04<1.2.32beta01 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964 geeklog<1.4.1nb3 remote-file-write http://www.geeklog.net/article.php/file-uploads vlc08<0.8.6i arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc08<0.8.6i arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 horde<3.2.2 cross-site-scripting http://marc.info/?l=horde-announce&m=122104360019867&w=2 mysql-server>=5<5.0.66 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 mysql-server>=5.1<5.1.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 gri<2.12.18 insecure-temporary-files http://gri.sourceforge.net/gridoc/html/Version_2_12.html phpmyadmin<2.11.9.1 arbitrary-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7 proftpd<1.3.2rc2 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 ffmpeg<20080727 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3230 rails<2.1.1 sql-injection http://rails.lighthouseapp.com/projects/8994/tickets/288 firefox{,-bin,-gtk1}<2.0.0.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 seamonkey{,-bin,-gtk1}<1.1.12 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 thunderbird{,-gtk1}<2.0.0.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059 firefox3{,-bin}<3.0.2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 firefox{,-bin,-gtk1}<2.0.0.17 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066 firefox3{,-bin}<3.0.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 thunderbird{,-gtk1}<2.0.0.17 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 faad2<2.6.1nb1 arbitrary-code-execution http://secunia.com/advisories/32006/ aegis<4.24.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4938 samba>3.2<3.2.3 insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 lighttpd<1.4.20 denial-of-service http://trac.lighttpd.net/trac/ticket/1774 tnftpd<20080929 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 firefox3<3.0.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4324 gmplayer<1.0rc10nb6 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mencoder<1.0rc10nb3 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mplayer<1.0rc10nb8 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 xerces-c<3.0.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4482 xentools3-hvm-[0-9]* security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945 libxml2<2.7.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 dovecot<1.1.4 remote-security-bypass http://www.dovecot.org/list/dovecot-news/2008-October/000085.html mysql-client>=5.0<5.0.67nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456 xentools33<3.3.0nb2 security-bypass http://secunia.com/advisories/32064/ xentools3-[0-9]* security-bypass http://secunia.com/advisories/32064/ drupal>=5<5.11 multiple-vulnerabilities http://drupal.org/node/318706 drupal>=6<6.5 multiple-vulnerabilities http://drupal.org/node/318706 graphviz<2.16.1nb3 remote-system-access http://secunia.com/advisories/32186/ ap{2,22}-modsecurity{,2}>2.5.0<2.5.6 remote-security-bypass http://secunia.com/advisories/32146/ opera<9.6 multiple-vulnerabilities http://secunia.com/advisories/32177/ firefox-bin-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ ns-flash<9.0.151 multiple-vulnerabilities http://secunia.com/advisories/32163/ gtar-base<1.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476 dbus<1.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834 cups<1.3.9 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 cups<1.3.9 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 cups<1.3.9 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 vlc<0.9.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 mantis<1.1.3 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102 firefox-bin-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html ns-flash<9.0.151 information-disclosure http://www.adobe.com/support/security/bulletins/apsb08-18.html jhead<2.84 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575 vlc>=0.9.0<0.9.5 arbitrary-code-execution http://www.videolan.org/security/sa0809.html opera<9.61 information-disclosure http://www.opera.com/support/search/view/903/ opera<9.61 cross-site-scripting http://www.opera.com/support/search/view/904/ opera<9.61 security-bypass http://www.opera.com/support/search/view/905/ mantis<1.1.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687 apache-tomcat<5.5.1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat4<4.1.32 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat5-[0-9]* security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 wireshark<1.0.4 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-06.html drupal>=5<5.12 multiple-vulnerabilities http://drupal.org/node/324824 drupal>=6<6.6 multiple-vulnerabilities http://drupal.org/node/324824 websvn<2.1.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918 websvn<2.1.0 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919 websvn<2.1.0 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240 enscript<1.6.4nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863 gpsd<2.37nb1 remote-information-exposure http://developer.berlios.de/bugs/?func=detailbug&bug_id=14707&group_id=2116 libspf2<1.2.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2469 imlib2<1.4.2 unspecified http://secunia.com/advisories/32354/ png<1.2.33rc02 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=635463&group_id=5624 jhead<2.86 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641 ktorrent>=3.0<3.1.4 security-bypass http://secunia.com/advisories/32442/ phpmyadmin<2.11.9.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-9 lynx<2.8.6.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234 opera<9.62 system-access http://secunia.com/advisories/32452/ dovecot>=1.1.4<1.1.6 denial-of-service http://www.dovecot.org/list/dovecot-news/2008-October/000089.html openoffice2{,-bin}<2.4.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237 openoffice2{,-bin}<2.4.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238 phpmyadmin<2.11.9.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8 crossfire-maps-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 crossfire-server>=1.11.0 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 imap-uw<2007d system-access http://secunia.com/advisories/32483/ ed<1.0 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 kdelibs-3.[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5698 ktorrent>=2.0<2.2.8 remote-security-bypass http://secunia.com/advisories/32447/ net-snmp<5.4.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 acroread8<8.1.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb08-19.html silc-server<1.1.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1429 nagios-base<3.0.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5027 vlc08-[0-9]* remote-system-access http://www.videolan.org/security/sa0810.html vlc>=0.5.0<0.9.6 remote-system-access http://www.videolan.org/security/sa0810.html bugzilla<2.22.6 security-bypass http://www.bugzilla.org/security/2.20.6/ bugzilla>3.0.0<3.0.6 security-bypass http://www.bugzilla.org/security/2.20.6/ lmbench-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4968 gnutls<2.6.1 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 py{15,20,21,22,23,24,25,26,27,31}-moin-[0-9]* remote-information-exposure http://secunia.com/advisories/32686/ trac<0.11.2 multiple-vulnerabilities http://secunia.com/advisories/32652/ ja-trac<0.11.1pl2 multiple-vulnerabilities http://secunia.com/advisories/32652/ clamav<0.94.1 remote-system-access http://secunia.com/advisories/32663/ nagios-base<3.0.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5028 fwbuilder{,21}-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4956 scilab<4.1nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983 optipng<0.6.2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101 typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-1/ typo3<4.2.3 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-20081113-2/ streamripper<1.61.27nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829 libxml2<2.7.2nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 libxml2<2.7.2nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 imlib2<1.4.2nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 mailscanner<4.55.11 insecure-temporary-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140 opera<9.63 multiple-vulnerabilities http://secunia.com/advisories/32752/ blender<2.49bnb6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863 vmware<5.5.9 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915 firefox{,-bin,-gtk1}<2.0.0.18 information-disclosure https://www.mozilla.org/security/announce/2008/mfsa2008-48.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure https://www.mozilla.org/security/announce/2008/mfsa2008-48.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure https://www.mozilla.org/security/announce/2008/mfsa2008-48.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-49.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-49.html firefox3{,-bin}<3.0.4 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-51.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox3{,-bin}<3.0.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-52.html thunderbird{,-gtk1}<2.0.0.18 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-52.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution https://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox{,-bin,-gtk1}<2.0.0.18 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-56.html firefox3{,-bin,-gtk1}<3.0.4 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-56.html thunderbird{,-gtk1}<2.0.0.18 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure https://www.mozilla.org/security/announce/2008/mfsa2008-59.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure https://www.mozilla.org/security/announce/2008/mfsa2008-59.html libcdaudio<0.99.12nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030 wireshark<1.0.4nb1 denial-of-service http://secunia.com/advisories/32840/ gnetlist<1.4.0nb1 privilege-escalation http://secunia.com/advisories/32806/ amaya-[0-9]* system-access http://secunia.com/advisories/32848/ samba>=3.0.29<3.0.32nb2 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html samba>3.2<3.2.5 remote-information-exposure http://www.samba.org/samba/security/CVE-2008-4314.html mailscanner<4.73.3.1 denial-of-service http://secunia.com/advisories/32915/ vlc<0.9.8a remote-system-access http://www.videolan.org/security/sa0811.html clamav<0.94.2 denial-of-service http://secunia.com/advisories/32926/ squirrelmail<1.4.17 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2379 ImageMagick<6.2.8.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 GraphicsMagick<1.1.8 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 powerdns<2.9.21.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5277 nagios-base<3.0.6 unknown http://secunia.com/advisories/32909/ sun-j{re,dk}14<2.19 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}15<5.0.17 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}6<6.0.11 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 perl-5.10.0{,nb1,nb2} privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827 perl-5.8.8{,nb*} privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.10.0{,nb1,nb2} privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.8.8{,nb*} privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303 tor<0.2.0.32 remote-security-bypass http://secunia.com/advisories/33025/ tor<0.2.0.32 privilege-escalation http://secunia.com/advisories/33025/ mgetty<1.1.36nb2 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4936 dbus<1.2.4.2 security-bypass http://lists.freedesktop.org/archives/dbus/2008-December/010702.html drupal<5.13 cross-site-request-forgeries http://drupal.org/node/345441 drupal>6<6.7 cross-site-request-forgeries http://drupal.org/node/345441 phpmyadmin<2.11.9.4 cross-site-request-forgery http://www.phpmyadmin.net/home_page/security/PMASA-2008-10.php phppgadmin<4.2.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5587 mailscanner<4.74.6.2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313 asterisk<1.2.30.4 denial-of-service http://downloads.digium.com/pub/security/AST-2008-012.html mediawiki<1.13.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249 mediawiki<1.13.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5250 mediawiki<1.13.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5252 roundcube<0.2beta2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 roundcube<0.2beta2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5620 horde<3.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000464.html turba<2.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000465.html imp<4.3.1 cross-site-scripting http://lists.horde.org/archives/announce/2008/000463.html gmplayer<1.0rc10nb8 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mplayer<1.0rc10nb10 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt mencoder<1.0rc10nb5 local-user-shell http://trapkit.de/advisories/TKADV2008-014.txt cmus<2.2.0nb5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5375 ns-flash<9.0.152 remote-system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html firefox{,-bin}-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox-gtk1-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imap-uw<2007e denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514 avahi<0.6.23nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 openvpn>=2.1rc1<2.1rc9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3459 pdfjam<1.21 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5743 pdfjam<1.21 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5843 netatalk<2.0.3nb12 system-access http://secunia.com/advisories/33227/ courier-authlib<0.62.0 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380 adobe-flash-plugin<10.0.15.3 system-access http://www.adobe.com/support/security/bulletins/apsb08-24.html qemu<0.10.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382 aview<1.3.0.1nb12 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4935 gitweb>=1.6<1.6.0.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.6<1.5.6.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.5<1.5.5.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.4.3<1.5.4.7 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 psi<0.12.1 denial-of-service http://secunia.com/advisories/33311/ firefox{,-bin,-gtk1}<2.0.0.19 denial-of-service https://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-61.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-62.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox{,-bin,-gtk1}<2.0.0.19 ui-spoofing https://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox{,-bin,-gtk1}<2.0.0.19 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-69.html firefox3{,-bin}<3.0.5 denial-of-service https://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox3{,-bin}<3.0.5 information-disclosure https://www.mozilla.org/security/announce/2008/mfsa2008-63.html firefox3{,-bin}<3.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox3{,-bin}<3.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox3{,-bin}<3.0.5 security-bypass https://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox3{,-bin}<3.0.5 ui-spoofing https://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox3{,-bin}<3.0.5 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox3{,-bin}<3.0.5 denial-of-service https://www.mozilla.org/security/announce/2008/mfsa2008-69.html seamonkey{,-bin,-gtk1}<1.1.14 denial-of-service https://www.mozilla.org/security/announce/2008/mfsa2008-60.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-61.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-64.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-65.html seamonkey{,-bin,-gtk1}<1.1.14 ui-spoofing https://www.mozilla.org/security/announce/2008/mfsa2008-66.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-67.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-68.html thunderbird{,-gtk1}<2.0.0.19 denial-of-service https://www.mozilla.org/security/announce/2008/mfsa2008-60.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-61.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-64.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting https://www.mozilla.org/security/announce/2008/mfsa2008-65.html thunderbird{,-gtk1}<2.0.0.19 ui-spoofing https://www.mozilla.org/security/announce/2008/mfsa2008-66.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-67.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation https://www.mozilla.org/security/announce/2008/mfsa2008-68.html xterm<238 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 libaudiofile<0.2.6nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824 audacity<1.2.6nb2 remote-system-access http://secunia.com/advisories/33356/ links{,-gui}<2.11 remote-spoofing http://secunia.com/advisories/33391/ samba>=3.2.0<3.2.7 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 openssl<0.9.8j signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 amarok<1.4.10nb1 remote-code-execution http://www.trapkit.de/advisories/TKADV2009-002.txt drupal<5.15 sql-injection http://drupal.org/node/358957 drupal>6<6.9 sql-injection http://drupal.org/node/358957 drupal>6<6.9 access-bypass http://drupal.org/node/358957 drupal>6<6.9 validation-bypass http://drupal.org/node/358957 bind>=9.4.0<9.4.3pl1 dnssec-validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.5.0<9.5.1pl1 dnssec-validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.6.0<9.6.0pl1 dnssec-validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 asterisk<1.2.33 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html asterisk>=1.6<1.6.0.10 remote-information-exposure http://downloads.digium.com/pub/security/AST-2009-001.html typo3<4.2.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.1 cross-site-scripting http://moinmo.in/SecurityFixes#moin1.8.1 roundcube<0.2.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0413 gitweb<1.5.6.6 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516 gitweb<1.5.6.6 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517 ganglia-monitor-core<3.1.2 remote-system-access http://secunia.com/advisories/33506/ xdg-utils<1.1.0rc1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 # N/A; see https://security-tracker.debian.org/tracker/CVE-2009-0068 #xdg-utils-[0-9]* remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 tnftpd<20081009 cross-site-scripting http://securityreason.com/achievement_securityalert/56 libmikmod<3.2.0 remote-denial-of-service http://secunia.com/advisories/33485/ devIL>=1.6.7<1.7.7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262 tor<0.2.0.33 remote-denial-of-service http://secunia.com/advisories/33635/ ap{,2,22}-auth-mysql>=4<4.3.9nb1 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2384 gst-plugins0.10-good<0.10.12 remote-system-access http://trapkit.de/advisories/TKADV2009-003.txt gentoo-0.11.57nb1 insecure-temporary-files http://mail-index.netbsd.org/pkgsrc-changes/2009/01/25/msg017509.html ntp<4.2.4p6 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 dia-python<0.97.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5984 GraphicsMagick<1.3.5 remote-denial-of-service http://secunia.com/advisories/33697/ imp<4.3.3 cross-site-scripting http://secunia.com/advisories/33719/ horde<3.3.3 cross-site-scripting http://secunia.com/advisories/33695/ ffmpeg<20080727nb7 remote-user-shell http://www.trapkit.de/advisories/TKADV2009-004.txt netsaint-base-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugins-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-cluster-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-snmp-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<2.22.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla<2.22.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ bugzilla>3.2<3.2.2 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.8 insufficiently-random-numbers http://www.bugzilla.org/security/3.0.7/ bugzilla>3.0<3.0.7 abuse-of-functionality http://www.bugzilla.org/security/2.22.6/ bugzilla>3.0<3.0.7 cross-site-request-forgery http://www.bugzilla.org/security/2.22.6/ sudo<1.7.0 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034 squid<2.7 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid>=2.7<2.7.6 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt squid>=3.0<3.0.13 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_1.txt firefox3{,-bin}<3.0.6 remote-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-01.html firefox3{,-bin}<3.0.6 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-02.html firefox3{,-bin}<3.0.6 information-disclosure https://www.mozilla.org/security/announce/2009/mfsa2009-03.html firefox3{,-bin}<3.0.6 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-04.html firefox3{,-bin}<3.0.6 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-05.html firefox3{,-bin}<3.0.6 information-disclosure https://www.mozilla.org/security/announce/2009/mfsa2009-06.html seamonkey{,-bin,-gtk1}<1.1.15 remote-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-01.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-02.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure https://www.mozilla.org/security/announce/2009/mfsa2009-03.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-04.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-05.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure https://www.mozilla.org/security/announce/2009/mfsa2009-06.html thunderbird{,-gtk1}<2.0.0.21 remote-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-01.html proftpd>=1.3.1<1.3.2 sql-injection http://secunia.com/advisories/33842/ typo3<4.2.6 information-disclosure http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ typo3<4.2.6 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/ net-snmp<5.4.2.1nb1 information-disclosure http://secunia.com/advisories/33884/ evolution-data-server<2.24.4.1nb2 smime-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547 varnish<2.0.1 denial-of-service http://secunia.com/advisories/33852/ tor<0.2.0.34 denial-of-service http://archives.seul.org/or/announce/Feb-2009/msg00000.html mediawiki<1.13.4 cross-site-scripting http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_13_4/phase3/RELEASE-NOTES wireshark>=0.99.0<1.0.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2008-07.html wireshark>=0.99.6<1.0.6 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2009-01.html boinc-[0-9]* ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0126 mpack<1.6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1425 poppler<0.10.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755 poppler<0.10.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756 xine-lib<1.1.16.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239 xine-lib<1.1.16.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240 xine-lib<1.1.16.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 png<1.2.35 denial-of-service http://secunia.com/advisories/33970/ djbdns<1.05nb9 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4392 p5-HTTPD-User-Manage<1.63 cross-site-scripting http://jvn.jp/en/jp/JVN30451602/index.html mldonkey>=2.8.4<3.0.0 remote-file-access https://savannah.nongnu.org/patch/?6754 ns-flash<9.0.159 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-01.html acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread7<7.1.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html acroread8<8.1.4 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-01.html pngcrush<1.6.14 arbitrary-code-execution http://secunia.com/advisories/33976/ apache-tomcat>=5.5.10<5.5.21 information-disclosure http://tomcat.apache.org/security-5.html opensc<0.11.7 unauthorized-access http://secunia.com/advisories/34052/ php<5.2.9 multiple-vulnerabilities http://secunia.com/advisories/34081/ trickle>=1.07 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0415 optipng<0.6.2.1 arbitrary-code-execution http://secunia.com/advisories/34035/ squid<3.2.0.11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801 mldonkey>=2.8.4<2.9.7nb1 information-disclosure https://savannah.nongnu.org/bugs/?25667 curl<7.18.0nb4 remote-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 curl>=7.19.0<7.19.4 remote-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 opera<9.64 multiple-vulnerabilities http://secunia.com/advisories/34135/ libsndfile<1.0.17nb5 arbitrary-code-execution http://secunia.com/advisories/33980/ libsndfile>1.0.17nb5<1.0.19 arbitrary-code-execution http://secunia.com/advisories/33980/ wesnoth<1.5.11 arbitrary-code-execution https://gna.org/bugs/index.php?13048 mpfr<2.4.1 buffer-overflow http://secunia.com/advisories/34063/ firefox3{,-bin}<3.0.7 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-07.html firefox3{,-bin}<3.0.7 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-08.html firefox3{,-bin}<3.0.7 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-09.html firefox3{,-bin}<3.0.7 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-10.html firefox3{,-bin}<3.0.7 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-11.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-07.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-08.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-09.html seamonkey{,-bin,-gtk1}<1.1.15 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-10.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-11.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-07.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-08.html thunderbird{,-gtk1}<2.0.0.21 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-09.html thunderbird{,-gtk1}<2.0.0.21 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-10.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-11.html ap{2,22}-modsecurity{,2}>2.5.0<2.5.8 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667538 ap{2,22}-modsecurity{,2}>2.5.0<2.5.9 denial-of-service http://sourceforge.net/project/shownotes.php?release_id=667542 asterisk>=1.6<1.6.0.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-002.html roundup<0.8.3 query-manipulation http://issues.roundup-tracker.org/issue2550521 #postgresql8[123]-server-[0-9]* information-disclosure http://archives.postgresql.org/pgsql-hackers/2009-02/msg00861.php py{15,20,21,22,23,24,25,26,27,31}-amkCrypto<2.0.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0544 wesnoth<1.5.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0366 icu<4.0 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036 libsoup<2.24.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution<2.22.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html evolution-data-server<2.24.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587 ejabberd<2.0.4 script-insertion-attacks http://secunia.com/advisories/34340/ lcms<1.18 denial-of-service http://scary.beasts.org/security/CESA-2009-003.html weechat<0.2.6.1 denial-of-service http://secunia.com/advisories/34304/ glib2<2.20.0 heap-based-buffer-overflow http://www.ocert.org/advisories/ocert-2008-015.html gst-plugins0.10-base<0.10.22nb1 heap-based-buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586 firefox3{,-bin}<3.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-12.html firefox3{,-bin}<3.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-13.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-12.html asterisk>=1.2<1.2.32 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html asterisk>=1.6<1.6.0.8 information-leak http://downloads.digium.com/pub/security/AST-2009-003.html clamav<0.95 denial-of-service http://secunia.com/advisories/34566/ bugzilla>=3.2<3.2.3 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213 mapserver<4.10.4 multiple-vulnerabilities http://secunia.com/advisories/34520/ openssl<0.9.8k denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 eog<2.25.91 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983 mpg123{,-esound,-nas}>=1.0<1.7.2 arbitrary-code-execution http://secunia.com/advisories/34587/ ghostscript<8.64nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 clamav<0.95.1 denial-of-service http://secunia.com/advisories/34612/ amaya-[0-9]* arbitrary-code-execution http://secunia.com/advisories/34531/ jakarta-tomcat4>=4.0.0<4.0.7 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat4>=4.1.0<4.1.37 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat5>=5.0.0<5.0.31 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 apache-tomcat>=5.5.0<5.5.28 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 lcms<1.18nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793 tunapie<2.1.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1253 tunapie<2.1.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1254 xine-lib<1.1.16.3 arbitrary-code-execution http://trapkit.de/advisories/TKADV2009-005.txt ap13-perl<1.29nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 ap{2,22}-perl<2.0.4nb5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 unrealircd<3.2.7nb2 denial-of-service http://forums.unrealircd.com/viewtopic.php?t=6204 ntp<4.2.4p7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 pptp>1.7.2 information-disclosure https://bugzilla.redhat.com/show_bug.cgi?id=492090 geeklog<1.5.2.2 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr2 geeklog<1.5.2.3 sql-injection http://www.geeklog.net/article.php/webservices-exploit ghostscript<8.64 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679 ghostscript<8.64nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 ghostscript<8.64nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 ghostscript<8.64nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 wireshark>=0.99.2<1.0.7 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2009-02.html compiz-fusion-plugins-main<0.6.0nb2 local-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6514 ldns<1.5.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1086 phpmyadmin<2.11.9.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150 phpmyadmin<2.11.9.5 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151 mit-krb5<1.4.2nb8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846 mit-krb5<1.4.2nb8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847 sun-{jdk,jre}14<2.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}15<5.0.18 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}6<6.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}14<2.19 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 sun-{jdk,jre}14<2.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}15<5.0.18 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 sun-{jdk,jre}6<6.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 sun-{jdk,jre}14<2.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}14<2.20 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}6<6.0.13 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 sun-{jdk,jre}6<6.0.13 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 xpdf<3.02pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 xpdf<3.02pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 xpdf<3.02pl3 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 xpdf<3.02pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 poppler<0.10.6 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 poppler<0.10.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 poppler<0.10.6 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 poppler<0.10.6 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 poppler<0.10.6 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 poppler<0.10.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187 poppler<0.10.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 ruby18-base<1.8.7.160 password-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 ruby18-base<1.8.7.160 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 drupal>6<6.11 cross-site-scripting http://drupal.org/node/449078 drupal<5.17 cross-site-scripting http://drupal.org/node/449078 firefox3{,-bin}<3.0.9 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-14.html firefox3{,-bin}<3.0.9 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-15.html firefox3{,-bin}<3.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-16.html firefox3{,-bin}<3.0.9 same-origin-violation https://www.mozilla.org/security/announce/2009/mfsa2009-17.html firefox3{,-bin}<3.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-18.html firefox3{,-bin}<3.0.9 same-origin-violation https://www.mozilla.org/security/announce/2009/mfsa2009-19.html firefox3{,-bin}<3.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-20.html firefox3{,-bin}<3.0.9 information-disclosure https://www.mozilla.org/security/announce/2009/mfsa2009-21.html firefox3{,-bin}<3.0.9 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-22.html firefox3{,-bin}<3.0.10 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-23.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-14.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-15.html seamonkey{,-bin,-gtk1}<1.1.17 information-disclosure https://www.mozilla.org/security/announce/2009/mfsa2009-21.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-16.html seamonkey{,-bin,-gtk1}<1.1.17 same-origin-violation https://www.mozilla.org/security/announce/2009/mfsa2009-17.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-18.html seamonkey{,-bin,-gtk1}<2.0 same-origin-violation https://www.mozilla.org/security/announce/2009/mfsa2009-19.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2009-22.html thunderbird{,-gtk1}<2.0.0.22 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-14.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-15.html thunderbird{,-gtk1}<2.0.0.22 same-origin-violation https://www.mozilla.org/security/announce/2009/mfsa2009-17.html libmodplug<0.8.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 freetype2<2.3.9nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 gnutls>=2.5.0<2.6.6 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 gnutls<2.6.6 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 cups<1.3.10 multiple-vulnerabilities http://secunia.com/advisories/34481/ py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.2 cross-site-scripting http://secunia.com/advisories/34821/ imp<4.3.4 signature-spoofing http://secunia.com/advisories/34796/ ntop<3.3.9nb1 insecure-file-permissions http://secunia.com/advisories/34793/ opensc<0.11.8 insecure-key-generation http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html suse{,32}_openssl<11.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 suse{,32}_openssl<11.3 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 suse{,32}_openssl<11.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 suse{,32}_freetype2<11.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 acroread7<7.1.2 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html acroread8<8.1.5 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-06.html Transmission<1.53 cross-site-request-forgery http://secunia.com/advisories/34969/ Transmission-1.60 cross-site-request-forgery http://secunia.com/advisories/34969/ squirrelmail<1.4.18 multiple-vulnerabilities http://secunia.com/advisories/35073/ amule<2.2.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1440 drupal>5<5.18 cross-site-scripting http://drupal.org/node/461886 drupal>6<6.12 cross-site-scripting http://drupal.org/node/461886 p5-DBD-postgresql<2.0.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 cyrus-sasl<2.1.23 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 eggdrop<1.6.19nb1 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0129.html kdegraphics<3.5.10nb2 remote-system-access http://secunia.com/advisories/34754/ geeklog<1.5.2.4 sql-injection http://www.geeklog.net/article.php/geeklog-1.5.2sr4 apache>=2.2.0<2.2.11nb3 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 plone3<3.2.2 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0662 file<5.03 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 py{15,20,21,22,23,24,25,26,27,31}-prewikka-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34928/ memcached<1.2.8 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255 cscope<15.7a remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148 coccinelle<0.1.9 privilege-escalation http://secunia.com/advisories/35012/ ntp>=4<4.2.4p7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 openssl<0.9.8knb1 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 openssl<0.9.8knb1 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 openssl<0.9.8knb1 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 pango<1.24 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 nsd<3.2.2 remote-system-access http://secunia.com/advisories/35165/ ipsec-tools<0.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 prelude-manager-[0-9]* sensitive-information-exposure http://secunia.com/advisories/34987/ quagga<0.99.12 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572 wireshark>=0.8.20<1.0.8 remote-denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-03.html pidgin<2.5.6 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 pidgin<2.5.6 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 pidgin<2.5.6 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 pidgin<2.5.6 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 gst-plugins0.10-png<0.10.15nb1 arbitrary-code-execution http://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=d9544bcc44adcef769cbdf7f6453e140058a3adc xvidcore<1.2.2 arbitrary-code-execution http://secunia.com/advisories/35274/ libsndfile<1.0.20nb1 denial-of-service http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831 ImageMagick<6.5.2.9 arbitrary-code-execution http://secunia.com/advisories/35216/ apache>=2.2<2.2.11nb4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 base<1.4.3.1 cross-site-scripting http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 cross-site-request-forgery http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 base<1.4.3.1 sql-injection http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/docs/CHANGELOG?r1=1.349&r2=1.346 libsndfile<1.0.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1788 libsndfile<1.0.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1791 apache-tomcat>=6<6.0.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=6<6.0.20 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=6<6.0.20 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=6<6.0.20 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 apache-tomcat>=5<5.5.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=5<5.5.28 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=5<5.5.28 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=5<5.5.28 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 jakarta-tomcat4-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 jakarta-tomcat4-[0-9]* information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 jakarta-tomcat4-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 jakarta-tomcat4-[0-9]* information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 wxGTK2{4,6}-[0-9]* arbitrary-code-execution http://secunia.com/advisories/35292/ wxGTK28<2.8.10nb1 arbitrary-code-execution http://secunia.com/advisories/35292/ apr-util<1.3.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 png<1.2.37 information-disclosure http://secunia.com/advisories/35346/ suse{,32}_libpng<11.3 information-disclosure http://secunia.com/advisories/35346/ ruby18-base<1.8.7.173 denial-of-service http://www.ruby-lang.org/en/news/2009/06/09/dos-vulnerability-in-bigdecimal/ acroread7<7.1.3 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html acroread8<8.1.6 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-07.html p5-Compress-Raw-Zlib<2.017 denial-of-service http://secunia.com/advisories/35422/ xfig<3.2.5b privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1962 pdflib-lite<7.0.4p4 remote-system-access http://secunia.com/advisories/35180/ suse{,32}_openssl<11.3 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 suse{,32}_openssl<11.3 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 suse{,32}_openssl<11.3 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.4 remote-security-bypass http://secunia.com/advisories/35407/ scmgit-base<1.6.3.3 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2108 rt<3.8.4 remote-security-bypass http://secunia.com/advisories/35451/ icu<4.0.1 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153 firefox3{,-bin}<3.0.11 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-24.html firefox3{,-bin}<3.0.11 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-25.html firefox3{,-bin}<3.0.11 sensitive-information-exposure https://www.mozilla.org/security/announce/2009/mfsa2009-26.html firefox3{,-bin}<3.0.11 sensitive-information-exposure https://www.mozilla.org/security/announce/2009/mfsa2009-27.html firefox3{,-bin}<3.0.11 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-28.html firefox3{,-bin}<3.0.11 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-29.html firefox3{,-bin}<3.0.11 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-30.html firefox3{,-bin}<3.0.11 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-31.html firefox3{,-bin}<3.0.11 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-32.html thunderbird{,-gtk1}<2.0.0.22 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-24.html thunderbird{,-gtk1}<2.0.0.22 sensitive-information-exposure https://www.mozilla.org/security/announce/2009/mfsa2009-27.html thunderbird{,-gtk1}<2.0.0.22 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-29.html thunderbird{,-gtk1}<2.0.0.22 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-32.html seamonkey{,-bin,-gtk1}<1.1.17 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-24.html seamonkey{,-bin,-gtk1}<1.1.17 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-25.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure https://www.mozilla.org/security/announce/2009/mfsa2009-26.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure https://www.mozilla.org/security/announce/2009/mfsa2009-27.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-29.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-31.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-32.html pcsc-lite<1.5.4 denial-of-service http://secunia.com/advisories/35500/ php5-exif<5.2.10 denial-of-service http://secunia.com/advisories/35441/ ruby18-base<1.8.7.72nb3 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0642 jakarta-tomcat{4,5}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tiff<3.8.2nb5 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285 samba>=3.0.31<3.0.34nb2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 drupal>5<5.19 multiple-vulnerabilities http://drupal.org/node/507572 drupal>6<6.13 multiple-vulnerabilities http://drupal.org/node/507572 nagios-base<3.1.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288 xemacs<21.4.24 remote-system-access http://secunia.com/advisories/35348/ apache>=2.2<2.2.11nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 apache>=2.2<2.2.11nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 tor<0.2.0.35 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2425 tor<0.2.0.35 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2426 amsn-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/35621/ pidgin<2.5.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1889 wxGTK-[0-9]* remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 amaya<11.3.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 p5-IO-Socket-SSL<1.26 remote-security-bypass http://secunia.com/advisories/35703/ ruby18-actionpack<2.3.2nb1 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 dillo<2.1.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2294 mysql-server<5.0.67nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446 bugzilla>=3.1.1<3.2.4 remote-security-bypass http://www.bugzilla.org/security/3.2.3/ mimetex<1.71 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382 mimetex<1.71 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459 isc-dhclient>=4<4.1.0p1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 isc-dhcp-client<3.1.2p1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 mediawiki>=1.14<1.15.1 cross-site-scripting http://secunia.com/advisories/35818/ htmldoc<1.8.27nb2 remote-system-access http://secunia.com/advisories/35780/ tiff<3.9.4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347 xmlsec1<1.2.12 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 xml-security-c<1.5.1 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 mono<2.4.2.2 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 sun-{jdk,jre}6<6.0.15 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 libmodplug<0.8.7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 gst-plugins0.10-bad<0.10.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 gst-plugins0.10-bad<0.10.11 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 kdegraphics-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945 kdelibs-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 kdelibs-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 kdelibs-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 kdegraphics-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709 p5-DBD-postgresql<2.0.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 wireshark<1.2.1 denial-of-service http://www.wireshark.org/security/wnpa-sec-2009-04.html squid>=3.0<3.0.18 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt squid>=3.1<3.1.0.13 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2009_2.txt pulseaudio<0.9.14nb3 local-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1894 firefox3{,-bin}<3.0.12 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-34.html firefox3{,-bin}<3.0.12 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-35.html firefox3{,-bin}<3.0.12 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-36.html firefox3{,-bin}<3.0.12 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-37.html firefox3{,-bin}<3.0.12 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-39.html firefox3{,-bin}<3.0.12 security-bypass https://www.mozilla.org/security/announce/2009/mfsa2009-40.html wordpress<2.8.2 cross-site-scripting http://wordpress.org/development/2009/07/wordpress-2-8-2/ bind<9.4.3pl3 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.5.0<9.5.1pl3 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.6.0<9.6.1pl1 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.3 remote-file-view http://www.djangoproject.com/weblog/2009/jul/28/security/ bash-completion>10<20080705 command-injection http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=259987 webkit-gtk<1.1.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2419 suse{,32}_openssl<11.3 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 suse{,32}_openssl<11.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 suse{,32}_libcups<11.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 suse{,32}_gtk2<11.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 camlimages<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295 py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.0 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265 python24<2.4.6 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 python25<2.5.4 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 adobe-flash-plugin<10.0.32.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 ns-flash<9.0.246.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 silc-client<1.1.8 arbitrary-code-execution http://www.silcnet.org/docs/changelog/SILC%20Client%201.1.8 wordpress<2.8.3 privilege-escalation http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release/ apr-util<1.3.9 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 subversion-base<1.6.4 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 apr<0.9.19 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 apr>=1.0<1.3.8 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 GraphicsMagick<1.3.5nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097 openexr<1.6.1nb1 heap-based-buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720 openexr<1.6.1nb1 heap-based-buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721 openexr<1.6.1nb1 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722 vlc<0.8.6inb5 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=0.9<0.9.9anb2 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html vlc>=1.0<1.0.0nb1 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html mplayer<1.0rc10nb14 remote-system-access http://archives.neohapsis.com/archives/bugtraq/2009-07/0198.html firefox3{,-bin}<3.0.13 url-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 firefox3{,-bin}<3.0.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404 firefox3{,-bin}<3.0.13 url-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654 fetchmail<6.3.11 spoofing-attacks http://www.fetchmail.info/fetchmail-SA-2009-01.txt sun-{jdk,jre}14<2.22 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}15<5.0.20 multiple-vulnerabilities http://secunia.com/advisories/36159/ sun-{jdk,jre}6<6.0.15 multiple-vulnerabilities http://secunia.com/advisories/36159/ irssi<0.8.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959 asterisk>=1.6.1<1.6.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2009-004.html kdelibs<3.5.10nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 firefox3{,-bin}<3.0.12 denial-of-service https://www.mozilla.org/security/announce/2009/mfsa2009-38.html firefox3{,-bin}<3.0.13 www-address-spoof https://www.mozilla.org/security/announce/2009/mfsa2009-44.html firefox3{,-bin}<3.0.13 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-45.html zope29<2.9.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope210<2.10.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope211<2.11.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope3<3.3.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope29<2.9.11 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope210<2.10.9 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope211<2.11.4 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 zope3<3.3.3 authentication-bypass http://cvw.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0669 xerces-c<2.8.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885 camlimages<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 asterisk>=1.6.1<1.6.1.4 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html asterisk>=1.6.0<1.6.0.13 denial-of-service http://downloads.digium.com/pub/security/AST-2009-005.html wordpress<2.8.4 bypass-security-check http://wordpress.org/development/2009/08/2-8-4-security-release/ gnutls<2.8.2 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 viewvc<1.0.9 cross-site-scripting http://secunia.com/advisories/36292/ squirrelmail<1.4.20rc2 cross-site-scripting http://www.squirrelmail.org/security/issue/2009-08-12 curl<7.19.6 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 samba-3.0.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libxml2<2.7.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml2<2.7.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 libxml<1.8.17nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml<1.8.17nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 p5-Compress-Raw-Bzip2<2.0.18 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1884 libvorbis<1.2.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663 ntop<4.0.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2732 isc-dhcp-server<3.1.2p1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 cogito-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.2<1.2.35 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.0<1.6.0.15 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html asterisk>=1.6.1<1.6.1.6 denial-of-service http://downloads.digium.com/pub/security/AST-2009-006.html libspf2<1.2.9nb1 denial-of-service http://mail-index.netbsd.org/pkgsrc-changes/2009/09/08/msg029522.html expat<2.0.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 geeklog<1.5.2.5 remote-security-bypass http://www.geeklog.net/article.php/geeklog-1.6.0sr2 geeklog<1.5.2.5 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.6.0sr1 geeklog<1.5.2.5 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.0sr1 neon<0.28.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473 neon<0.28.6 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474 squid<2.7.6nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855 libpurple<2.5.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 libpurple-2.6.0{,nb[0-9]*} denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025 libpurple<2.6.0 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026 ikiwiki<3.1415926 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2944 opera<10.0 url-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3047 opera<10.0 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3046 opera<10.0 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3045 opera<10.0 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3044 opera<10.0 html-form-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3048 opera<10.0 url-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3049 wget<1.11.4nb1 ssl-cert-spoofing http://cve.circl.lu/cve/CVE-2009-3490 qt4-libs<4.5.2nb3 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700 openoffice2{,-bin}<2.4.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice2{,-bin}<2.4.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 openoffice3{,-bin}<3.1.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice3{,-bin}<3.1.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 dnsmasq<2.50 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 dnsmasq<2.50 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 freeradius<1.1.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111 rails<2.3.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086 rails<2.3.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009 libpurple>=2.5.2<2.6.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085 libpurple>=2.6.0<2.6.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084 libpurple<2.6.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083 libpurple<2.6.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703 apache<2.0.64 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache>=2.2.0<2.2.12nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache-2.2.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 kdelibs-3.[0-9]* ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 cyrus-imapd<2.2.13p1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 dovecot-sieve<1.1.7 arbitrary-code-execution http://www.dovecot.org/list/dovecot-news/2009-September/000135.html slic-server<1.1.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159 slic-server<1.1.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160 seamonkey{,-bin,-gtk1}<1.1.18 ssl-cert-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-42.html seamonkey{,-bin,-gtk1}<1.1.18 heap-overflow https://www.mozilla.org/security/announce/2009/mfsa2009-43.html thunderbird{,-gtk1}<2.0.0.23 ssl-cert-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-42.html thunderbird{,-gtk1}<2.0.0.23 heap-overflow https://www.mozilla.org/security/announce/2009/mfsa2009-43.html firefox<3.5.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-47.html xulrunner<1.9.1.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox3<3.0.14 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox<3.5.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-49.html xulrunner<1.9.1.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox3<3.0.14 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox<3.5.3 privilege-escalation https://www.mozilla.org/security/announce/2009/mfsa2009-51.html xulrunner<1.9.1.3 privilege-escalation https://www.mozilla.org/security/announce/2009/mfsa2009-51.html firefox3<3.0.14 privilege-escalation https://www.mozilla.org/security/announce/2009/mfsa2009-51.html xapian-omega<1.0.16 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947 bugzilla<3.2.5 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165 rt<3.8.5 script-insertion http://secunia.com/advisories/36752/ wireshark<1.0.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-05.html wireshark<1.2.2 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2009-06.html vlc<1.0.2 arbitrary-code-execution http://secunia.com/advisories/36762/ ffmpeg<20090611nb4 heap-overflow http://secunia.com/advisories/36760/ ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4631 ffmpeg<0.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4632 ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4633 ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4634 ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4635 ffmpeg<0.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4636 ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4637 ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4638 ffmpeg<0.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639 ffmpeg<0.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4640 php<5.2.11 multiple-vulnerabilities http://www.php.net/releases/5_2_11.php nginx<0.5.38 buffer-underflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.6<0.6.39 buffer-underflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.7<0.7.62 buffer-underflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.8<0.8.15 buffer-underflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx<0.5.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.6<0.6.39 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.7<0.7.62 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.8<0.8.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 fprot-workstation-bin-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal>5<5.20 multiple-vulnerabilities http://drupal.org/node/579482 drupal>6<6.14 multiple-vulnerabilities http://drupal.org/node/579482 newt<0.52.11 denial-of-service http://secunia.com/advisories/36810/ merkaartor<0.15 privilege-escalation http://secunia.com/advisories/36897/ nginx<0.7.63 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 nginx>=0.8<0.8.17 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 samba<3.0.37 information-disclosure http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 samba<3.0.37 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 samba<3.0.37 privilege-escalation http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 snort<2.8.5 denial-of-service http://secunia.com/advisories/36808/ thin<1.2.4 source-address-spoofing http://secunia.com/advisories/36825/ apache>=2.0<2.0.64 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache>=2.2.0<2.2.13nb3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache<1.3.42 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 tkman-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 horde<3.3.5 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236 horde<3.3.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237 glib2<2.2.21 data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289 puppet<0.24.9 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564 xpdf<3.02pl4 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 xpdf<3.02pl4 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 xpdf<3.02pl4 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 xpdf<3.02pl4 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 xpdf<3.02pl4 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 aria2<1.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 py{15,20,21,22,23,24,25,26,27,31}-django>=1.1<1.1.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 unbound<1.3.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3602 py{15,20,21,22,23,24,25,26,27,31}-postgresql<4.0 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2940 gd<2.0.35nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 php5-gd<5.2.11nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 typo3<4.2.10 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/ asterisk>=1.6.1<1.6.1.8 security-restrictions-bypass http://downloads.digium.com/pub/security/AST-2009-007.html wireshark<1.2.3 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-07.html firefox3-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox<3.5.4 privacy-leak https://www.mozilla.org/security/announce/2009/mfsa2009-52.html firefox<3.5.4 insecure-temp-files https://www.mozilla.org/security/announce/2009/mfsa2009-53.html firefox<3.5.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-54.html firefox<3.5.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-55.html firefox<3.5.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-56.html firefox<3.5.4 privilege-escalation https://www.mozilla.org/security/announce/2009/mfsa2009-57.html firefox<3.5.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-59.html firefox<3.5.4 same-origin-violation https://www.mozilla.org/security/announce/2009/mfsa2009-60.html firefox<3.5.4 local-filename-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-61.html firefox<3.5.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-62.html xulrunner<1.9.1.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4 proftpd<1.3.3 spoofing-attacks https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3639 bftpd<2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4593 opera<10.01 multiple-vulnerabilities http://secunia.com/advisories/37182/ acroread7<7.1.4 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html acroread8<8.1.7 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb09-15.html wordpress<2.8.5 denial-of-service http://secunia.com/advisories/37088/ squidGuard<1.4nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700 squidGuard-[0-9]* remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826 snort<2.8.5.1 denial-of-service http://secunia.com/advisories/37135/ p5-HTML-Parser<3.63 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627 seamonkey{,-bin,-gtk1}<2.0 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-55.html seamonkey{,-bin,-gtk1}<2.0 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-56.html seamonkey{,-bin,-gtk1}<2.0 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-62.html asterisk<1.2.35 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.0<1.6.0.17 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 information-disclosure http://downloads.digium.com/pub/security/AST-2009-008.html asterisk>=1.6.1<1.6.1.9 cross-site-scripting http://downloads.digium.com/pub/security/AST-2009-009.html roundcube<0.3 cross-site-request-forgery http://secunia.com/advisories/37235/ openssl<0.9.8l man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 sun-{jdk,jre}14-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}15-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnutls<2.10.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 libwww<5.4.0nb7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 opera<10.10 multiple-vulnerabilities http://secunia.com/advisories/37469/ mysql-server<5.0.88 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019 mysql-client<5.0.88 spoofing-attacks https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 php<5.2.11nb2 multiple-vulnerabilities http://secunia.com/advisories/37412/ php5-pear-Mail<1.1.14nb2 security-bypass http://secunia.com/advisories/37410/ opera<10.10 arbitrary-code-execution http://secunia.com/advisories/37431/ suse{,32}_openssl<11.3 session-hijack http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html cups<1.4.3 denial-of-service http://secunia.com/advisories/37364/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37348/ qt4-libs<4.5.3 multiple-vulnerabilities http://secunia.com/advisories/37396/ mpop<1.0.19 spoofing-attacks http://secunia.com/advisories/37312/ cups<1.4.2 cross-site-scripting http://secunia.com/advisories/37308/ gimp<2.6.8 remote-system-access http://secunia.com/advisories/37232/ libexif-0.6.18 denial-of-service http://secunia.com/advisories/37378/ wordpress<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/37332/ bind>=9.0<9.4.3pl5 dns-cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.5<9.5.2pl2 dns-cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.6<9.6.1pl3 dns-cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 libltdl<2.2.6b privilege-escalation http://secunia.com/advisories/37414/ ruby18-actionpack<2.3.5 cross-site-scripting http://secunia.com/advisories/37446/ kdelibs<3.5.10nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 kdelibs>4<4.3.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 rt<3.8.6 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3585 asterisk<1.2.37 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.0<1.6.0.19 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html asterisk>=1.6.1<1.6.1.11 denial-of-service http://downloads.digium.com/pub/security/AST-2009-010.html sun-{jre,jdk}14<2.24 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}15<5.0.22 multiple-vulnerabilities http://secunia.com/advisories/37231/ sun-{jre,jdk}6<6.0.17 multiple-vulnerabilities http://secunia.com/advisories/37231/ libvorbis<1.2.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 apr<1.3.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699 vmware-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vmware-3.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin<2.11.9.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696 phpmyadmin<2.11.9.6 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697 xpdf<3.02pl4 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 poppler<0.11.0 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 poppler<0.11.0 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 poppler<0.12.1 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 poppler-glib<0.12.1 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 poppler<0.12.1 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 poppler<0.12.1 local-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 transfig<3.2.5nb2 arbitrary-code-execution http://secunia.com/advisories/37577/ xfig<3.2.5bnb5 arbitrary-code-execution http://secunia.com/advisories/37571/ libpurple<2.6.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 automake<1.11.1 insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 automake14<1.4.6nb1 insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 centerim<4.22.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776 devIL<1.7.8nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994 ntp<4.2.4p8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 firefox<3.5.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-65.html firefox<3.5.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-66.html firefox<3.5.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.6 ntlm-authentication-hijack https://www.mozilla.org/security/announce/2009/mfsa2009-68.html firefox<3.5.6 url-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-69.html firefox<3.5.6 privilege-escalation https://www.mozilla.org/security/announce/2009/mfsa2009-70.html firefox<3.5.6 privacy-leak https://www.mozilla.org/security/announce/2009/mfsa2009-71.html xulrunner<1.9.1.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6 seamonkey<2.0.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.1 drupal>5<5.21 cross-site-scripting http://drupal.org/node/661586 drupal>6<6.15 cross-site-scripting http://drupal.org/node/661586 typolight<2.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight26<2.6.7nb3 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight27<2.7.6 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html typolight28<2.8rc2 security-bypass http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html coreutils<6.12nb3 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4135 wireshark<1.2.5 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2009-09.html gtk2+>2<2.18.5 denial-of-service https://bugzilla.gnome.org/show_bug.cgi?id=598476 ghostscript<8.70nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4270 php<5.2.11nb2 arbitrary-file-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 php<5.2.11nb2 arbitrary-fifo-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 php<5.2.11nb2 arbitrary-file-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 php<5.2.12 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 php<5.2.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 horde<3.3.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3701 kdegraphics<4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 kdelibs<3.5.10nb5 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt kdelibs>4<4.3.3 security-bypass http://www.kde.org/info/security/advisory-20091027-1.txt proftpd<1.3.2c man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 acroread-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread5-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread7-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html acroread8-[0-9]* arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa09-07.html sunbird-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 thunderbird{,-gtk1}-2.[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 spamassassin>=3.2.0<3.2.5nb4 denial-of-service https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269 qt4-libs<4.5.3nb2 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2816 qt4-libs<4.5.3nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384 xmlsec1<1.2.14 privilege-escalation http://secunia.com/advisories/37615/ adobe-flash-plugin<10.0.42.34 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html ns-flash<9.0.260 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb09-19.html webmin<1.500 cross-site-scripting http://secunia.com/advisories/37648/ kdegraphics-3.[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 ampache<3.5.3 remote-security-bypass http://secunia.com/advisories/37867/ trac<0.11.6 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 ja-trac<0.11.5pl1nb1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 php{5,53,54,55}-jpgraph-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4422 openttd<0.7.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4007 libpurple<2.6.5 remote-information-exposure http://secunia.com/advisories/37953/ ruby18-base<1.8.7.174nb3 escape-sequence-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4492 typo3<4.3.1 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/ libthai<0.1.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012 powerdns-recursor<3.1.7.2 arbitrary-code-execution http://doc.powerdns.com/powerdns-advisory-2010-01.html powerdns-recursor<3.1.7.2 spoofing-attacks http://doc.powerdns.com/powerdns-advisory-2010-02.html Transmission<1.77 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0012 openssl<0.9.8lnb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 tnftpd<20091122 denial-of-service http://secunia.com/advisories/38098/ cherokee<0.99.32 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4489 phpmyadmin<2.11.10 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251 phpmyadmin<2.11.10 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252 phpmyadmin<2.11.10 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 lib3ds<2.0rc1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0280 tor<0.2.1.22 sensitive-information-exposure http://secunia.com/advisories/38198/ gzip<1.3.12nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624 gzip<1.3.12nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 apache-tomcat<5.5.29 arbitrary-file-deletion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat<5.5.29 insecure-partial-deploy https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat<5.5.29 unexpected-file-deletion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 apache-tomcat>=6<6.0.21 arbitrary-file-deletion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat>=6<6.0.21 insecure-partial-deploy https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat>=6<6.0.21 unexpected-file-deletion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 zope29<2.9.12 cross-site-scripting http://secunia.com/advisories/38007/ zope210<2.10.11 cross-site-scripting http://secunia.com/advisories/38007/ zope211<2.11.6 cross-site-scripting http://secunia.com/advisories/38007/ mit-krb5<1.4.2nb9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 acroread7-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread7-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread8-[0-9]* multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb10-02.html acroread8-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages maildrop<2.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0301 wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-01.html wireshark>=0.9.0<1.2.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-02.html apache<1.3.42 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 ircd-hybrid<7.2.3nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4016 fuse>=2.0<2.8.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789 samba<3.3.10 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 squid<2.7.7nb2 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.0<3.0.23 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt squid>=3.1<3.1.0.16 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_1.txt apache-1.3.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages puppet<0.24.9 local-file-write https://bugzilla.redhat.com/show_bug.cgi?id=502881 php5-pear-DB<1.7.8 sql-injection http://secunia.com/advisories/20231/ lighttpd<1.4.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295 fetchmail<6.3.14 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562 gmime<2.2.25nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 gmime24<2.4.15 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 GraphicsMagick<1.3.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882 asterisk>=1.6.1<1.6.1.14 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html asterisk>=1.6.2<1.6.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2010-001.html squid<2.7.7nb3 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt squid>=3.0<3.0.24 remote-denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_2.txt mysql-server>=5.0<5.0.90 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 RealPlayerGold<11.0.2 multiple-vulnerabilities http://service.real.com/realplayer/security/01192010_player/en/ bugzilla-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.2.6 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989 typo3<4.3.2 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/ ejabberd<2.1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0305 libmikmod<3.2.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995 libmikmod<3.2.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996 nss<3.12.5 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 samba<3.3.11 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926 chrony<1.23.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0292 chrony<1.23.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0293 chrony<1.23.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0294 gnome-screensaver<2.28.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0414 opera<10.50 man-in-the-middle-attack http://secunia.com/advisories/38546/ netpbm<10.35.72 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274 openoffice2{,-bin}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0668 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0669 adobe-flash-plugin<10.0.45.2 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html ns-flash<9.0.262 remote-security-bypass http://www.adobe.com/support/security/bulletins/apsb10-06.html sudo>=1.6.9<1.7.2p4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 sudo-1.6.[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427 openoffice2-bin-[0-9]* signature-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice3-bin<3.2 signature-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice2{,-bin}-[0-9]* remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice3{,-bin}<3.2 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice2{,-bin}-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice3{,-bin}<3.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice2{,-bin}-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice3{,-bin}<3.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice2{,-bin}-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice3{,-bin}<3.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice2{,-bin}-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 openoffice3{,-bin}<3.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 curl>=7.10.5<7.20.0 denial-of-service http://secunia.com/advisories/38427/ dillo<2.2 sensitive-information-exposure http://secunia.com/advisories/38569/ gnome-screensaver<2.28.3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0422 libpurple<2.6.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 libpurple<2.6.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 pidgin<2.6.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 asterisk>=1.6.1<1.6.1.17 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html asterisk>=1.6.2<1.6.2.5 denial-of-service http://downloads.digium.com/pub/security/AST-2010-003.html thunderbird>=3<3.0.1 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-65.html thunderbird>=3<3.0.1 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-66.html thunderbird>=3<3.0.1 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-01.html firefox>=3.5<3.5.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-02.html firefox<3.5.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-03.html firefox<3.5.8 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2010-04.html firefox<3.5.8 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2010-05.html xulrunner<1.9.1.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8 seamonkey<2.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-01.html seamonkey<2.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-02.html seamonkey<2.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-03.html seamonkey<2.0.3 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2010-04.html seamonkey<2.0.3 cross-site-scripting https://www.mozilla.org/security/announce/2009/mfsa2010-05.html thunderbird<3.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-01.html thunderbird<3.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-03.html php<5.2.13 remote-security-bypass http://secunia.com/advisories/38708/ gnome-screensaver<2.28.1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4641 openldap-client<2.4.18 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 drupal>5<5.22 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.16 multiple-vulnerabilities http://drupal.org/node/731710 png<1.2.43 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 cups<1.4.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393 mediawiki<1.15.2 security-restrictions-bypass http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html opera<10.51 arbitrary-code-execution http://secunia.com/advisories/38820/ apache>=2.2<2.2.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 apache>=2.2<2.2.15 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 apache-2.0.[0-9]* sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 dovecot>=1.2<1.2.11 denial-of-service http://www.dovecot.org/list/dovecot-news/2010-March/000152.html gtar-base<1.23 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 gcpio<2.6nb6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 vlc<1.0.6 arbitrary-code-execution http://secunia.com/advisories/38853/ lshell<0.9.10 security-bypass http://secunia.com/advisories/38879/ samba<3.3.12 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 spamass-milter<0.3.1nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1132 viewvc<1.0.10 cross-site-scripting http://secunia.com/advisories/38895/ unbound<1.4.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0969 ikiwiki<3.20100312 cross-site-scripting http://secunia.com/advisories/38983/ Transmission<1.92 remote-system-access http://secunia.com/advisories/39031/ seamonkey{,-bin}<1.1.19 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-49.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2009-59.html seamonkey{,-bin}<1.1.19 ntlm-authentication-hijack https://www.mozilla.org/security/announce/2009/mfsa2009-68.html seamonkey{,-bin}<1.1.19 remote-information-exposure https://www.mozilla.org/security/announce/2009/mfsa2010-06.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution https://www.mozilla.org/security/announce/2009/mfsa2010-07.html m4<1.4.14 insecure-file-permissions http://secunia.com/advisories/38707/ nss<3.12.3 ssl-cert-spoofing https://www.mozilla.org/security/announce/2009/mfsa2009-42.html nss<3.12.3 heap-overflow https://www.mozilla.org/security/announce/2009/mfsa2009-43.html openssl<0.9.8mnb1 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 spice-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}-1.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dpkg<1.14.29 remote-manipulation-data https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396 heimdal<1.3.2 denial-of-service http://secunia.com/advisories/39037/ openssl<0.9.8mnb2 denial-of-service http://www.openssl.org/news/secadv_20100324.txt php5-xmlrpc<5.2.13nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0397 php53-xmlrpc<5.3.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0397 pango<1.26.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0421 deliver-[0-9]* insecure-lock-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0439 deliver-[0-9]* insecure-lock-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1123 ctorrent-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ctorrent-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759 sun-{jre,jdk}6<6.0.19 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 firefox<3.6.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2010/mfsa2010-25.html libnids<1.24 denial-of-service http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 script-insertion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828 firefox<3.0.19 arbitrary-code-execution http://secunia.com/advisories/39240/ firefox<3.5.9 arbitrary-code-execution http://secunia.com/advisories/39136/ seamonkey{,-bin}<2.0.4 arbitrary-code-execution http://secunia.com/advisories/39243/ trac<0.11.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2010-5108 ja-trac<0.11.7pl1 security-bypass http://secunia.com/advisories/39123/ viewvc<1.0.11 cross-site-scripting http://secunia.com/secunia_research/2010-26/ thunderbird<3.0.4 arbitrary-code-execution http://secunia.com/advisories/39242/ expat<2.0.1nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 typo3>=4.3.0<4.3.3 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/ hamlib<1.2.11 privilege-escalation http://secunia.com/advisories/39299/ kdebase<4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 kdebase-workspace<4.3.5nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 sun-{jre,jdk}6<6.0.20 arbitrary-code-execution http://www.kb.cert.org/vuls/id/886582 teTeX-bin<3.0nb24 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 dvipsk<5.98nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 nano<2.2.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160 nano<2.2.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161 irssi<0.8.15 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 irssi<0.8.15 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 sudo<1.7.2p6 arbitrary-command-execution http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html erlang<13.2.3nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 memcached<1.4.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152 clamav<0.96 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098 clamav<0.96 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 abcm2ps<5.9.12 remote-system-access http://secunia.com/advisories/39345/ mediawiki<1.15.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1150 suse{,32}_openssl<11.3 man-in-the-middle-attack http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00000.html mysql-server>=5.1<5.1.45 denial-of-service http://secunia.com/advisories/39454/ p5-Crypt-OpenSSL-DSA<0.13nb6 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0129 mit-krb5>=1.7<1.8.2 remote-system-access http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2010-004.txt vlc>0.5<1.0.6 arbitrary-command-execution http://www.videolan.org/security/sa1003.html libesmtp<1.0.6 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192 libesmtp<1.0.6 ssl-certificate-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194 apache-tomcat<5.5.30 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 apache-tomcat>=6<6.0.27 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 smalltalk<3.1nb6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 apache-tomcat<6.0.30 cross-site-request-forgery http://secunia.com/advisories/39261/ wordpress-2.* sensitive-information-exposure http://secunia.com/advisories/39040/ gcc44<4.4.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc34<3.4.6nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc3-java-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 qt4-libs<4.6.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 qt4-libs<4.6.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 qt4-libs<4.6.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 qt4-libs<4.6.3 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 qt4-libs<4.6.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 qt4-libs<4.6.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 memcached<1.4.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415 postgresql82-server<8.2.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql83-server<8.3.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql84-server<8.4.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 typolight<2.6 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight26<2.6.7nb3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight27<2.7.7 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html typolight28<2.8.3 multiple-vulnerabilities http://www.typolight.org/news/items/consolidated-security-update.html fetchmail<6.3.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 wireshark<1.2.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2010-04.html dvipng<1.12nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829 openttd<1.0.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0402 pcre<8.0.2 denial-of-service http://secunia.com/advisories/39738/ gnustep-base<1.20.0 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1620 gnustep-base<1.20.0 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1457 ghostscript<8.71 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1869 modular-xorg-server<1.6.5nb11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166 p5-POE-Component-IRC<6.32 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3438 mysql-server>=5.0<5.0.91 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.1<5.1.47 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.0<5.0.91 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.1<5.1.47 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.0<5.0.91 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 mysql-server>=5.1<5.1.47 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 libtheora<1.1.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389 aria2<1.9.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1512 kdenetwork4<4.3.5nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000 kdenetwork4<4.3.5nb2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1511 libpurple<2.7.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 geeklog<1.6.1.1 remote-data-manipulation http://www.geeklog.net/article.php/geeklog-1.6.1sr1 mysql-client>=5.0<5.0.90 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 lftp<4.0.6 security-bypass http://www.ocert.org/advisories/ocert-2010-001.html postgresql82-server<8.2.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql82-server<8.2.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql83-server<8.3.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql83-server<8.3.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql84-server<8.4.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql84-server<8.4.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 mit-krb5<1.4.2nb10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 clamav<0.96.1 denial-of-service http://secunia.com/advisories/39895/ libprelude<1.0.0 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 mediawiki<1.15.4 cross-site-scripting http://secunia.com/advisories/39922/ heimdal<1.3.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 html2ps<1.0b6 sensitive-information-exposure http://secunia.com/advisories/39957/ exim<4.72 privilege-escalation http://secunia.com/advisories/40019/ openssl<0.9.8o multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt openssl>=1.0.0<1.0.0a multiple-vulnerabilities http://www.openssl.org/news/secadv_20100601.txt camlimages<3.2.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296 sudo<1.7.2p7 command-injection http://www.sudo.ws/sudo/alerts/secure_path.html py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 cross-site-scripting http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg abcm2ps<5.9.13 arbitrary-code-execution http://secunia.com/advisories/40033/ gnutls<1.4.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7239 bftpd<2.9 privilege-escalation http://secunia.com/advisories/40014/ rpm<4.8.1 privilege-escalation http://secunia.com/advisories/40028/ adobe-flash-plugin<10.1 arbitrary-code-execution http://www.adobe.com/support/security/advisories/apsa10-01.html freeciv-server<2.2.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2445 openoffice3-bin<3.2.1 man-in-the-middle-attack http://www.openoffice.org/security/cves/CVE-2009-3555.html openoffice3{,-bin}<3.2.1 arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2010-0395.html teTeX-bin<3.0nb24 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 dvipsk<5.98nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39573/ php<5.2.14 multiple-vulnerabilities http://secunia.com/advisories/39675/ php>=5.3<5.3.3 multiple-vulnerabilities http://secunia.com/advisories/39675/ wireshark<1.2.9 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2010-06.html ghostscript<8.71nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628 apache>=2.2.9<2.2.15nb3 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068 isc-dhcpd<4.1.1p1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156 tiff<3.9.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 bozohttpd>=20090522<20100617 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195 bozohttpd<20100617 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320 samba<3.0.37nb4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 samba>=3.3.0<3.3.13 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 plone25-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 plone3-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 opera<10.54 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2421 suse{,32}_krb5<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_openssl<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html suse{,32}_libpng<11.3 unknown-impact http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html cups<1.4.3nb6 multiple-vulnerabilities http://cups.org/articles.php?L596 python24-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python25<2.5.5nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26<2.6.4nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26-2.6.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python27<2.7.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python31<3.1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 moodle<1.9.9 cross-site-scripting http://secunia.com/advisories/40248/ firefox<3.6.7 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206 sendmail<8.14.4 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565 w3m<0.5.2nb5 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 w3m-img<0.5.2nb5 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 unrealircd<3.2.8.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4893 adobe-flash-plugin<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html adobe-flash-plugin>=10.0<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.277.0 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.53.64 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-14.html perl<5.10.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 perl<5.10.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 irrtoolset-nox11-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}<2.0.5 multiple-vulnerabilities http://secunia.com/advisories/40326/ firefox<3.6.4 multiple-vulnerabilities http://secunia.com/advisories/40309/ thunderbird<3.0.5 multiple-vulnerabilities http://secunia.com/advisories/40323/ bugzilla<3.2.7 security-bypass http://secunia.com/advisories/40300/ konversation<1.2.3 denial-of-service http://secunia.com/advisories/38711/ xmlrpc-c-ss<1.06.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 xmlrpc-c-ss<1.06.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ufoai<2.3 remote-system-access http://secunia.com/advisories/40321/ squirrelmail<1.4.21 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637 tiff<3.9.4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 png<1.4.3 remote-system-access http://secunia.com/advisories/40302/ suse{,32}_libpng<11.3 remote-system-access http://secunia.com/advisories/40302/ mysql-server>=5.1<5.1.48 denial-of-service http://secunia.com/advisories/40333/ mDNSResponder<108nb2 unknown-impact http://www.vuxml.org/freebsd/1cd87e2a-81e3-11df-81d8-00262d5ed8ee.html qt4-libs<4.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2621 opera<10.60 information-disclosure http://secunia.com/advisories/40375/ tiff<3.9.4nb1 denial-of-service http://secunia.com/advisories/40422/ suse{,32}_libtiff<12.1 denial-of-service http://secunia.com/advisories/40422/ py{15,20,21,22,23,24,25,26,27,31}-Paste<1.7.4 cross-site-scripting http://secunia.com/advisories/40408/ xulrunner<1.9.2.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4 php<5.2.14 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 php>=5.3.0<5.3.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 bind>=9.0<9.4.3pl4 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.5<9.5.2pl1 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.6<9.6.1pl2 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 freeciv-server<2.3.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5645 roundup<1.4.14 cross-site-scripting http://secunia.com/advisories/40433/ bogofilter<1.2.2 denial-of-service http://secunia.com/advisories/40427/ avahi<0.6.26 denial-of-service http://secunia.com/advisories/40470/ suse{,32}<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gdk-pixbuf<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libidn<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt3<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_resmgr<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby-base19>=1.9<1.9.1.429 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489 gv<3.7.0 privilege-escalation http://secunia.com/advisories/40475/ ghostscript<8.71nb6 local-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2055 bind>=9.7.1<9.7.1pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2010-0213 mono-xsp<2.6.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459 pango<1.27.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421 freetype2<2.4.0 remote-system-access http://secunia.com/advisories/40586/ postgresql8{0,1}{,-server,-client}<8.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vte<0.24.3 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0070 vte<0.24.3 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713 openldap-server<2.4.23 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211 openldap-server<2.4.23 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212 pulseaudio<0.9.21nb3 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1299 firefox<3.6.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 xulrunner<1.9.2.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 seamonkey<2.0.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.6 thunderbird>=3.1<3.1.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.1 thunderbird<3.0.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.6 ocaml-mysql<1.1.0 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2942 qemu<0.12.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0741 libpurple<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 openttd<1.0.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2534 qt4-libs<4.7.2 denial-of-service http://secunia.com/advisories/40588/ squirrelmail<1.4.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813 php<5.2.14 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 php>=5.3.0<5.3.3 privacy-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 dovecot>=1.2<1.2.13 access-validation-bypass http://www.dovecot.org/list/dovecot-news/2010-July/000163.html apache>=2.0<2.0.64 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 apache>=2.2<2.2.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 typo3<4.3.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ typo3>=4.4.0<4.4.1 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/ gnupg2<2.0.14nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 bozohttpd<20100621 remote-security-bypass http://secunia.com/advisories/40737/ mediawiki<1.15.5 multiple-vulnerabilities http://secunia.com/advisories/40740/ firefox<3.6.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2010/mfsa2010-48.html cabextract<1.3 denial-of-service http://secunia.com/advisories/40719/ gdm<2.20.11 information-disclosure https://bugzilla.gnome.org/show_bug.cgi?id=571846 socat<1.7.1.3 remote-system-access http://secunia.com/advisories/40806/ mantis<1.2.2 cross-site-scripting http://secunia.com/advisories/40812/ mapserver<5.6.4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2539 mapserver<5.6.4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2540 wireshark<1.2.10 remote-code-execution http://www.wireshark.org/security/wnpa-sec-2010-08.html citrix_ica<11.100 arbitrary-code-execution http://secunia.com/advisories/40808/ wget<1.12nb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252 mantis<1.2.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2574 freetype2<2.4.2 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797 bugzilla-3.0* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla>=2.19.1<3.2.8 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.3.1<3.4.8 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.5.1<3.6.2 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.7<3.7.3 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=2.22rc1<3.2.8 notification-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.3.1<3.4.8 notification-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.5.1<3.6.2 notification-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.7<3.7.3 notification-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=2.17.1<3.2.8 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.3.1<3.4.8 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.5.1<3.6.2 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.7<3.7.3 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=2.23.1<3.2.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.3.1<3.4.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.5.1<3.6.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.7<3.7.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 cabextract<1.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2801 acroread8-[0-9]* remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862 openoffice3{,-bin}<3.3 arbitrary-code-execution http://secunia.com/advisories/40775/ openssl<0.9.8onb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 win32-codecs-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40936/ win32-codecs-[0-9]* remote-system-access http://secunia.com/advisories/40934/ glpng<1.46 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1519 dbus-glib<0.88 local-security-bypass http://secunia.com/advisories/40908/ adobe-flash-plugin<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html adobe-flash-plugin>=10.0<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<9.0.280 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html {firefox-bin,seamonkey-bin,ns}-flash<10.1.82.76 remote-system-access http://www.adobe.com/support/security/bulletins/apsb10-16.html drupal>5<5.23 multiple-vulnerabilities http://drupal.org/node/731710 drupal>6<6.18 multiple-vulnerabilities http://drupal.org/node/731710 opera<10.61 remote-system-access http://secunia.com/advisories/40120/ ruby18-base<1.8.7.174nb6 cross-site-scripting http://secunia.com/advisories/41003/ ruby{,-base,14,14-base,16,16-base}<1.8 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ssmtp<2.63 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7258 openjdk7-icedtea-plugin<1.13 multiple-vulnerabilities http://blog.fuseyism.com/index.php/2010/07/29/icedtea7-113-released/ phpmyadmin<2.11.10.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055 phpmyadmin<2.11.10.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056 PAM<1.1.1 privilege-escalation http://secunia.com/advisories/40978/ mysql-server>=5.1<5.1.49 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html libgdiplus<2.6nb1 remote-system-access http://secunia.com/advisories/40792/ quagga<0.99.17 remote-system-access http://secunia.com/advisories/41038/ squid>=3.1.5.1<3.1.7 denial-of-service http://bugs.squid-cache.org/show_bug.cgi?id=3021 kdegraphics>=4.3.0 remote-system-access http://secunia.com/advisories/40952/ fuse-encfs<1.7 multiple-vulnerabilities http://secunia.com/advisories/41158/ qt4-libs<4.7.0rc1 ssl-certificate-spoofing http://secunia.com/advisories/41236/ nss<3.12.8 ssl-certificate-spoofing http://secunia.com/advisories/41237/ firefox<3.6.11 ssl-certificate-spoofing http://secunia.com/advisories/41244/ koffice-[0-9]* arbitrary-code-execution http://secunia.com/advisories/40966/ p5-libwww<5.835 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2253 corkscrew-[0-9]* buffer-overflow http://people.freebsd.org/~niels/issues/corkscrew-20100821.txt mantis<1.2.3 cross-site-scripting http://secunia.com/advisories/41278/ zope210<2.10.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 zope211<2.11.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 squid>=3.0<3.1.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2010_3.txt xulrunner<1.9.2.9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 firefox<3.6.9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 thunderbird>=3.1<3.1.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.3 thunderbird<3.0.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.7 seamonkey<2.0.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7 horde<3.3.9 cross-site-scripting http://secunia.com/advisories/41283/ sudo<1.7.4p4 local-security-bypass http://secunia.com/advisories/41316/ apache-tomcat<5.5.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 apache-tomcat>=6<6.0.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 mednafen<0.8.13 buffer-overflow http://secunia.com/advisories/41337/ samba>=3.3.0<3.3.14 buffer-overrun http://www.samba.org/samba/security/CVE-2010-3069.html mailscanner-[0-9]* denial-of-service http://secunia.com/advisories/41384/ adobe-flash-plugin<10.1.82.76 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 ns-flash<10.1.82.76 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 seamonkey-bin-flash<10.1.82.76 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 firefox-bin-flash<10.1.82.76 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 mailman<2.1.12nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089 python26<2.6.6nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492 bozohttpd<20100920 remote-file-view http://eterna23.net/bozohttpd/ wireshark<1.4.0 denial-of-service http://secunia.com/advisories/41535/ bzip2<1.0.6 remote-system-access http://cve.circl.lu/cve/CVE-2010-0405 clamav<0.96.3 remote-system-access http://secunia.com/advisories/41503/ poppler<0.14.2nb1 remote-system-access http://secunia.com/advisories/41596/ scmgit-base<1.7.0.7 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.1<1.7.1.2 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.2<1.7.2.1 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 dovecot>=1.2.8<1.2.15 weak-acl-enforcement http://www.dovecot.org/list/dovecot-news/2010-October/000177.html imp<4.3.8 cross-site-scripting http://secunia.com/advisories/41627/ bind>=9.7.0<9.7.2pl2 remote-security-bypass http://www.isc.org/software/bind/advisories/cve-2010-0218 py{26,27,34,35,36}-mercurial<1.6.4 remote-spoofing http://secunia.com/advisories/41674/ ffmpeg<20100927 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 gmplayer<1.0rc20100913nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mencoder<1.0rc20100913nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mplayer<1.0rc20100913nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 typo3<4.4.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/ suse{,32}_openssl<11.3nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 mysql-server<5.1.50 arbitrary-code-execution http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html mysql-server<5.1.51 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html apr-util<1.3.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 apr-util<1.3.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 apr-util<1.3.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ap{2,22}-subversion>=1.5<1.5.8 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 ap{2,22}-subversion>=1.6<1.6.13 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 xpdf<3.02pl4nb3 remote-system-access http://secunia.com/advisories/41709/ php<5.2.14nb1 denial-of-service http://secunia.com/advisories/41724/ php>=5.3.0<5.3.3nb1 denial-of-service http://secunia.com/advisories/41724/ opera<10.63 multiple-vulnerabilities http://secunia.com/advisories/41740/ kdegraphics<3.5.10nb9 remote-system-access http://secunia.com/advisories/41727/ sun-j{re,dk}6<6.0.22 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html gnome-subtitles<1.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3357 postgresql90-plperl<9.0.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql90-pltcl<9.0.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-plperl<8.4.5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-pltcl<8.4.5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-plperl<8.3.12 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-pltcl<8.3.12 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-plperl<8.2.18 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-pltcl<8.2.18 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82{,-server,-client,-adminpack,-plperl,-plpython,-pltcl,-tsearch2}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages monotone-server<0.48.1 denial-of-service http://secunia.com/advisories/41960/ moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/41980/ libpurple<2.7.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 firefox<3.6.12 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 thunderbird<3.1.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 cvs<1.12.13 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3846 webkit-gtk<1.2.5 multiple-vulnerabilities http://secunia.com/advisories/41871/ freetype2<2.4.3nb1 buffer-overflow http://secunia.com/advisories/41738/ suse{,32}_freetype2<11.3nb2 buffer-overflow http://secunia.com/advisories/44008/ libsmi<0.4.8nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2891 python26<2.6.6nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 adobe-flash-plugin<10.1.102.64 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 ns-flash<10.1.102.64 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 seamonkey-bin-flash<10.1.102.64 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 firefox-bin-flash<10.1.102.64 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 mono<2.8.1 information-disclosure http://secunia.com/advisories/41919/ suse{,32}_freetype2<11.3nb1 arbitrary-code-execution http://secunia.com/advisories/41958/ gnucash<2.2.9nb10 privilege-escalation http://secunia.com/advisories/42048/ proftpd<1.3.3c remote-system-access http://secunia.com/advisories/42052/ PAM<1.1.3 privilege-escalation http://secunia.com/advisories/42088/ bugzilla<3.2.9 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.3<3.4.9 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.5<3.6.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.7<4.0rc1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=2.12<3.2.9 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.3<3.4.9 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.5<3.6.3 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7<4.0rc1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7.1<4.0rc1 cross-site-scripting http://secunia.com/advisories/41955/ isc-dhcpd>=4<4.0.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.1<4.1.2 denial-of-service http://secunia.com/advisories/42082/ isc-dhcpd>=4.2<4.2.0p1 denial-of-service http://secunia.com/advisories/42082/ acroread8-[0-9]* arbitrary-code-execution http://secunia.com/advisories/42095/ acroread9<9.4.1 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb10-28.html mysql-server<5.1.52 denial-of-service http://secunia.com/advisories/42097/ cups<1.4.3nb10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 php>=5.3.0<5.3.3nb1 sensitive-information-exposure http://secunia.com/advisories/42135/ seamonkey<2.0.9 multiple-vulnerabilities http://secunia.com/advisories/41923/ mono<2.8nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159 wireshark<1.4.2 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2010-14.html openssl<0.9.8p remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 suse{,32}_openssl<11.3nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 eclipse-[0-9]* cross-site-scripting http://secunia.com/advisories/42236/ ap{2,22}-fcgid<2.3.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872 libtlen<20041113nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 horde<3.3.11 cross-site-scripting http://secunia.com/advisories/42355/ libxml2<2.7.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 openttd>=1.0.0<1.0.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4168 RealPlayerSP>=12.0.0<14.0.1 remote-system-access http://secunia.com/advisories/42203/ xine-lib<1.1.19 arbitrary-code-execution http://secunia.com/advisories/42359/ phpmyadmin<2.11.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php mit-krb5<1.4.2nb11 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324 suse{,32}_krb5<11.3nb1 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020 wordpress<3.0.2 remote-data-manipulation http://secunia.com/advisories/42431/ clamav<0.96.5 denial-of-service http://secunia.com/advisories/42426/ openssl<0.9.8q information-disclosure http://www.openssl.org/news/secadv_20101202.txt bind>=9.6<9.6.2pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.6<9.6.2pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.7<9.7.2pl3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 gnash<0.8.9 insecure-temp-files http://secunia.com/advisories/42416/ p5-CGI<3.50 http-response-splitting http://secunia.com/advisories/42443/ p5-CGI<3.51 http-header-injection http://secunia.com/advisories/42461/ p5-CGI-Simple<1.113 http-header-injection http://secunia.com/advisories/42460/ xenkernel3<3.1.4nb4 denial-of-service http://secunia.com/advisories/42395/ xenkernel33<3.3.2nb1 denial-of-service http://secunia.com/advisories/42395/ mit-krb5<1.4.2nb11 signature-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 p5-IO-Socket-SSL<1.35 security-bypass http://secunia.com/advisories/42508/ ImageMagick<6.6.5.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4167 thunderbird<3.1.7 multiple-vulnerabilities http://secunia.com/advisories/42519/ seamonkey<2.0.11 multiple-vulnerabilities http://secunia.com/advisories/42518/ firefox<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/42517/ wordpress<3.0.3 security-bypass http://secunia.com/advisories/42553/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/40165/ suse{,32}_libcups<11.3nb1 multiple-vulnerabilities http://secunia.com/advisories/41706/ suse{,32}_libxml2<11.3nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 RealPlayerGold<11.0.2.2315 multiple-vulnerabilities http://secunia.com/advisories/38550/ phpmyadmin<2.11.11.1nb1 ui-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480 phpmyadmin<2.11.11.1nb1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481 dbus<1.2.4.6nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 xulrunner<1.9.2.13 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13 php5-intl<5.2.15.1.1.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-4409 php53-intl<5.3.4.1.1.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-4409 typo3<4.4.5 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ fontforge<20100501nb4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4259 echoping-[0-9]* remote-system-access http://secunia.com/advisories/42619/ xfig<3.2.5bnb9 remote-system-access https://bugzilla.redhat.com/show_bug.cgi?id=659676 mantis<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42597/ opensc<0.11.13nb1 local-system-access http://secunia.com/advisories/42658/ pcsc-lite<1.5.5nb2 remote-system-access http://secunia.com/advisories/42659/ gitweb<1.7.3.4 cross-site-scripting http://secunia.com/advisories/42645/ opera<11.0 multiple-vulnerabilities http://secunia.com/advisories/42653/ tor<0.2.1.28 remote-system-access http://secunia.com/advisories/42536/ mhonarc<2.6.16nb1 cross-site-scripting http://secunia.com/advisories/42694/ calibre<0.7.35 multiple-vulnerabilities http://secunia.com/advisories/42689/ py{15,20,21,22,23,24,25,26,27,31}-django<1.2.4 multiple-vulnerabilities http://secunia.com/advisories/42715/ libpurple>=2.7.6<2.7.9 remote-denial-of-service http://www.pidgin.im/news/security//?id=49 libxml2<2.7.8nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 suse{,32}_libxml2<11.3nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 geeklog<1.7.1.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.7.1sr1 wordpress<3.0.4 script-insertion http://wordpress.org/news/2010/12/3-0-4-update/ vlc<1.1.6 denial-of-service http://www.videolan.org/security/sa1007.html wireshark<1.4.2nb1 denial-of-service http://secunia.com/advisories/42767/ mediawiki<1.16.1 cross-site-scripting http://secunia.com/advisories/42810/ ap{2,22}-subversion<1.6.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539 subversion-base<1.6.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644 gimp<2.6.11nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540 gimp<2.6.11nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541 gimp<2.6.11nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542 gimp<2.6.11nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543 typolight28<2.8.4nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 contao29<2.9.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 php<5.2.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 php>=5.3.0<5.3.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 evince<2.30.3nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640 evince<2.30.3nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641 evince<2.30.3nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 evince<2.30.3nb5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643 dpkg<1.14.31 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679 mono>=2.8<2.8.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 mono-xsp>=2.8<2.8.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 ap{2,22}-mono>=2.8<2.8.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 wireshark<1.4.3 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-02.html sudo>=1.7<1.7.4p5 security-bypass http://www.sudo.ws/sudo/alerts/runas_group_pw.html exim<4.73 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345 asterisk<1.6.2.16.1 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html asterisk>=1.8<1.8.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-001.html p5-Convert-UUlib<1.4 denial-of-service http://secunia.com/advisories/42998/ pango<1.28.3nb2 denial-of-service http://secunia.com/advisories/42934/ fuse>=2.0 denial-of-service http://secunia.com/advisories/42961/ maradns<1.4.06 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520 dpkg<1.14.31 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402 suse{,32}_openssl<11.3nb2 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 gif2png<2.5.4 remote-system-access http://secunia.com/advisories/42339/ freeradius>2<2.1.10 denial-of-service http://secunia.com/advisories/41621/ mupdf<0.7nb1 remote-system-access http://secunia.com/advisories/43020/ bugzilla<3.2.10 multiple-vulnerabilities http://secunia.com/advisories/43033/ webkit-gtk<1.2.6 multiple-vulnerabilities http://secunia.com/advisories/43086/ ruby1{8,9}-mail<2.2.15 remote-system-access http://secunia.com/advisories/43077/ opera<11.01 multiple-vulnerabilities http://secunia.com/advisories/43023/ awstats<7.0 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367 isc-dhcpd<4.1.2p1 denial-of-service http://secunia.com/advisories/43006/ exim<4.74 local-privilege-escalation http://secunia.com/advisories/43101/ vlc<1.1.6nb1 remote-system-access http://www.videolan.org/security/sa1102.html moodle<2.0.2 cross-site-scripting http://secunia.com/advisories/43133/ postgresql83-datatypes>=8.3<8.3.14 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql84-datatypes>=8.4<8.4.7 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql90-datatypes>=9.0<9.0.3 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 openssh>=5.6<5.8 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539 bind>=9.5<9.6.3 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record bind>=9.7<9.7.2 denial-of-service https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record tsclient-0.[0-9]* remote-system-access http://secunia.com/advisories/43120/ plone25-[0-9]* remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 plone3-[0-9]* remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 mediawiki<1.16.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0047 openssl<0.9.8qnb1 denial-of-service http://www.openssl.org/news/secadv_20110208.txt ruby1{8,9}-actionpack<2.3.11 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails ruby19-railties<3.0.4 cross-site-request-forgeries http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails bind<9.6 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libpurple<2.7.10 information-leak http://www.pidgin.im/news/security/?id=50 cgiirc<0.5.10 cross-site-scripting http://sourceforge.net/mailarchive/message.php?msg_id=27024589 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.5 multiple-vulnerabilities http://www.djangoproject.com/weblog/2011/feb/08/security/ adobe-flash-plugin<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html ns-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html seamonkey-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html firefox-bin-flash<10.2.152.26 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-02.html wordpress<3.0.5 multiple-vulnerabilities http://wordpress.org/news/2011/02/wordpress-3-0-5/ ffmpeg<20110623.0.7.1 denial-of-service http://secunia.com/advisories/43197/ feh<1.11.2 privilege-escalation http://secunia.com/advisories/43221/ phpmyadmin<2.11.11.2 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986 phpmyadmin<2.11.11.3 script-insertion https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987 qemu<0.11.0 restriction-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0011 apache-tomcat<5.5.33 denial-of-service http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0075.html apache-tomcat>=5.5.0<5.5.32 arbitrary-script-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=5.5.0<5.5.30 restriction-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 wireshark<1.4.3nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538 apache-tomcat>=6<6.0.32 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 apache-tomcat>=6<6.0.30 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 apache-tomcat>=6<6.0.30 restriction-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 proftpd<1.3.3d multiple-vulnerabilities http://www.proftpd.org/docs/NEWS-1.3.3d acroread9<9.4.2 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-03.html sun-jre<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0449 ruby1{8,9}-activerecord>=3.0<3.0.4 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0448 php5-zip<5.2.17nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php5-exif<5.2.17nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php53-zip<5.3.5nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php53-exif<5.3.5nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php>=5<5.3 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages telepathy-gabble<0.11.7 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1000 typo3<4.5 cross-site-request-forgery http://wiki.typo3.org/TYPO3_4.5#Security openldap-server<2.4.24 security-bypass http://secunia.com/advisories/43331/ asterisk<1.6.2.16.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html asterisk>=1.8<1.8.2.4 buffer-overflow http://downloads.digium.com/pub/security/AST-2011-002.html bind>=9.7.1<9.7.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414 t1lib<5.1.2nb2 arbitrary-code-execution http://secunia.com/advisories/43491/ evince<2.32.0nb4 buffer-overflow https://bugzilla.gnome.org/show_bug.cgi?id=640923 python24-[0-9]* sensitive-information-exposure http://secunia.com/advisories/43463/ python25<2.5.5nb2 sensitive-information-exposure http://secunia.com/advisories/43463/ python26<2.6.6nb6 sensitive-information-exposure http://secunia.com/advisories/43463/ mupdf<0.8 remote-system-access http://secunia.com/advisories/42320/ rt<3.8.9 sensitive-information-exposure http://secunia.com/advisories/43438/ suse{,32}_krb5<11.3nb2 denial-of-service http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ mailman<2.1.14.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0707 lft<3.3 unknown-impact http://secunia.com/advisories/43381/ asterisk<1.4.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.6<1.6.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003 avahi<0.6.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002 ruby18-base<1.8.7.370nb2 remote-security-bypass http://secunia.com/advisories/43420/ ruby18-base<1.8.7.334 privilege-escalation http://secunia.com/advisories/43434/ ruby19-base<1.9.2pl180 privilege-escalation http://secunia.com/advisories/43434/ suse{,32}_base<11.3nb3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 wireshark<1.4.4 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713 wireshark<1.4.4 multiple-vulnerabilities http://www.wireshark.org/security/wnpa-sec-2011-04.html moodle<1.9.11 multiple-vulnerabilities http://secunia.com/advisories/43570/ pango<1.28.3nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064 tor<0.2.1.30 denial-of-service http://secunia.com/advisories/43548/ firefox<3.6.14 multiple-vulnerabilities http://secunia.com/advisories/43550/ seamonkey<2.0.12 multiple-vulnerabilities http://secunia.com/advisories/43550/ thunderbird<3.1.8 multiple-vulnerabilities http://secunia.com/advisories/43586/ weechat<0.3.4 spoofing-attack http://secunia.com/advisories/43543/ ap{2,22}-subversion<1.6.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 moodle<1.9.10 multiple-vulnerabilities http://secunia.com/advisories/43427/ openafs<1.4.14 multiple-vulnerabilities http://secunia.com/advisories/43407/ py{24,25,26,27,31}-moin<1.9.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1058 postfix<2.7.3 command-injection http://www.kb.cert.org/vuls/id/555316 postfix>=2.8.20100000<2.8.20110115 command-injection http://www.kb.cert.org/vuls/id/555316 TeXmacs<1.0.7.13 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394 patch<2.7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651 tiff<3.9.4nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5022 suse{,32}_libtiff<11.3nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3087 suse{,32}_libtiff<11.3nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 xulrunner<1.9.2.15 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14 apache-tomcat>=6<6.0.32 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 unixodbc<2.3.0nb1 remote-system-access http://secunia.com/advisories/43679/ webkit-gtk<1.2.7 multiple-vulnerabilities http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS sun-{jre,jdk}6<6.0.24 multiple-vulnerabilities http://secunia.com/advisories/43262/ nagios-base<3.3.1 cross-site-scripting http://secunia.com/advisories/43287/ libpurple<2.7.11 denial-of-service http://secunia.com/advisories/43695/ py{24,25,26,27,31}-feedparser<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/43730/ adobe-flash-plugin<10.2.152.33 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-01.html php5-shmop<5.2.17nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php53-shmop<5.3.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php>=5.3<5.3.6 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153 samba-3.0.[0-9]* memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.3.0<3.3.15 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html samba>=3.5.0<3.5.7 memory-corruption http://samba.org/samba/security/CVE-2011-0719.html php{5,53}-pear<1.9.2 privilege-escalation http://pear.php.net/advisory-20110228.txt php{5,53}-pear<1.9.2nb2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1144 cups<1.4.5 multiple-vulnerabilities http://www.cups.org/articles.php?L597 libzip<0.10 denial-of-service http://secunia.com/advisories/43621/ xenkernel33<3.3.2nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 xenkernel3<3.1.4nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 openslp<1.2.1nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 quagga<0.99.18 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674 quagga<0.99.18 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1675 moodle<2.0.2 multiple-vulnerabilities http://secunia.com/advisories/43570/ vlc<1.1.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3275 vlc<1.1.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3276 suse{,32}_gtk2<11.3nb3 denial-of-service http://lists.opensuse.org/opensuse-updates/2011-03/msg00019.html suse{,32}_base<11.3nb4 arbitrary-code-execution https://hermes.opensuse.org/messages/7712778 loggerhead<1.18.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0728 python23-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python24-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python25<2.5.5nb3 sensitive-information-disclosure http://secunia.com/advisories/43831/ python26<2.6.6nb7 sensitive-information-disclosure http://secunia.com/advisories/43831/ python27<2.7.1nb1 sensitive-information-disclosure http://secunia.com/advisories/43831/ tiff<3.9.4nb3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 suse{,32}_openssl<11.3nb3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 fengoffice<1.7.5 cross-site-scripting http://secunia.com/advisories/43912/ xmlsec1<1.2.17 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425 gdm>=2.28.0<2.32.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0727 suse{,32}_krb5<11.3nb3 arbitrary-code-execution http://secunia.com/advisories/44027/ xymon<4.3.2 cross-site-scripting http://secunia.com/advisories/44036/ perl<5.12.2nb2 remote-security-bypass http://secunia.com/advisories/43921/ erlang<14.1.2 remote-system-access http://secunia.com/advisories/43898/ pure-ftpd<1.0.30 remote-data-manipulation http://secunia.com/advisories/43988/ ruby1{8,9}-rack<1.1.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-rack>=1.2.0<1.2.2 remote-security-bypass http://groups.google.com/group/rack-devel/browse_thread/thread/a1ec9e7880118867 ruby1{8,9}-actionpack>=3.0<3.0.6 cross-site-scripting http://weblog.rubyonrails.org/2011/4/6/rails-3-0-6-has-been-released xrdb<1.0.9 privilege-escalation http://secunia.com/advisories/44040/ libvpx<0.9.6 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489 isc-dhclient<4.2.1p1 remote-system-access http://secunia.com/advisories/44037/ libmodplug<0.8.8.2 remote-system-access http://secunia.com/advisories/44054/ roundcube<0.5.1 remote-security-bypass http://secunia.com/advisories/44050/ rsync<3.0.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097 wordpress<3.1.1 multiple-vulnerabilities http://secunia.com/advisories/44038/ suse{,32}_gtk2<11.3nb2 local-security-bypass http://secunia.com/advisories/43933/ dhcpcd<5.2.12 remote-system-access http://secunia.com/advisories/44070/ tinyproxy<1.8.3 remote-security-bypass http://secunia.com/advisories/43948/ ikiwiki<3.20110328 script-insertion http://secunia.com/advisories/44137/ kdelibs4<4.5.5nb2 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1168 xulrunner<1.9.2.16 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-11.html firefox<3.6.16 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-11.html vlc<1.1.8nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684 mediawiki<1.16.3 multiple-vulnerabilities http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html mediawiki<1.16.4 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000097.html mediawiki<1.16.5 cross-site-scripting http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html mit-krb5<1.8.3nb5 denial-of-service http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-004.txt vsftpd<2.3.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762 php<5.3.6nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 opera<11.10 denial-of-service http://www.securityfocus.com/bid/46872 rt<3.8.11 multiple-vulnerabilities http://secunia.com/advisories/44189/ wireshark<1.4.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2011-06.html adobe-flash-plugin<10.2.159.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 ns-flash<10.2.159.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 seamonkey-bin-flash<10.2.159.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 firefox-bin-flash<10.2.159.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 kdenetwork4<4.5.5nb3 remote-system-access http://secunia.com/advisories/44124/ xfce4-thunar>=1.1<1.2.1 remote-system-access http://secunia.com/advisories/44104/ p5-Jifty-DBI<0.68 remote-data-manipulation http://secunia.com/advisories/44224/ p5-Mojolicious<1.16 sensitive-information-exposure http://secunia.com/advisories/44051/ rdesktop<1.7.0 remote-system-access http://secunia.com/advisories/44200/ webmin<1.550 privilege-escalation http://secunia.com/advisories/44263/ wordpress<3.1.2 remote-security-bypass http://secunia.com/advisories/44372/ suse{,32}_base<12.1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1071.html suse{,32}_base<12.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659 php>=5.3<5.3.13nb2 arbitrary-code-execution http://secunia.com/advisories/44335/ ffmpeg<20110626.0.6.3 denial-of-service http://secunia.com/advisories/44378/ xulrunner<1.9.2.17 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox<3.6.17 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox>=4<4.0.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 seamonkey<2.0.14 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.14 thunderbird<3.1.10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.10 xulrunner>=2<2.0.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 bind>=9.8.0<9.8.0pl1 denial-of-service https://www.isc.org/CVE-2011-1907 mysql-server<5.0.91 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html mysql-server<5.0.92 multiple-vulnerabilities http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html mysql-server<5.0.93 denial-of-service http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html postfix<2.8.3 denial-of-service http://www.postfix.org/CVE-2011-1720.html ampache-[0-9]* cross-site-scripting http://secunia.com/advisories/44497/ xentools33<3.3.2nb7 multiple-vulnerabilities http://secunia.com/advisories/44502/ xentools41<4.1.0nb4 multiple-vulnerabilities http://secunia.com/advisories/44502/ suse{,32}_gtk2<11.3nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 exim<4.76 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407 exim<4.76 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764 php<5.1.3 multiple-vulnerabilities http://secunia.com/advisories/18694/ wordpress<3.1.3 remote-system-access http://secunia.com/advisories/44409/ apr<0.9.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 apr>=1.0<1.4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 openssh<5.8.2 sensitive-information-exposure http://secunia.com/advisories/44347/ horde>=4<4.0.2 multiple-vulnerabilities http://secunia.com/advisories/44408/ simgear-[0-9]* denial-of-service http://secunia.com/advisories/44434/ vino<2.28.3 denial-of-service http://secunia.com/advisories/44463/ libmodplug<0.8.8.3 remote-system-access http://secunia.com/advisories/44388/ cyrus-imapd<2.3.16nb4 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 cyrus-imapd>=2.4<2.4.7 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 adobe-flash-plugin<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ ns-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ seamonkey-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ firefox-bin-flash<10.3.181.14 multiple-vulnerabilities http://secunia.com/advisories/44590/ tor<0.2.1.29 multiple-vulnerabilities http://secunia.com/advisories/42907/ openssh<5.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161 p5-Jifty-DBI<0.68 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2011-1933s p5-libwww<6.00 ssl-cert-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0633 dovecot<1.2.17 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 dovecot>=2<2.0.13 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 viewvc<1.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024 apr<1.4.4nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 openssl<0.9.8qnb3 sensitive-information-exposure http://secunia.com/advisories/44572/ opera<11.11 arbitrary-code-execution http://secunia.com/advisories/44611/ moodle<2.0.3 multiple-vulnerabilities http://secunia.com/advisories/44630/ qemu<0.15.0 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1751 php53-pdo_mysql<5.3.6 sql-injection http://bugs.php.net/bug.php?id=47802 php5-pdo_mysql-[0-9]* sql-injection http://bugs.php.net/bug.php?id=47802 dirmngr<1.1.0nb2 denial-of-service http://secunia.com/advisories/44680/ bind<9.6.3.1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.7.0<9.7.3pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 bind>=9.8.0<9.8.0pl2 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-1910 drupal<6.21 multiple-vulnerabilities http://drupal.org/node/1168756 ruby18-base<1.8.7.334nb3 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 ruby19-base<1.9.2pl180nb1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 rssh<2.3.3 remote-security-bypass http://www.pizzashack.org/rssh/security.shtml fetchmail<6.3.20 denial-of-service http://www.fetchmail.info/fetchmail-SA-2011-01.txt wireshark<1.4.7 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-08.html ejabberd<2.1.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1753 jabberd<1.4.2nb9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1754 jabberd>=2<2.2.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755 libxml2<2.7.8nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone25-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 plone3-[0-9]* cross-site-scripting http://plone.org/products/plone/security/advisories/CVE-2011-1949 ap{2,22}-subversion<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1752-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1783-advisory.txt ap{2,22}-subversion>=1.5.0<1.6.17 denial-of-service http://subversion.apache.org/security/CVE-2011-1921-advisory.txt unbound<1.4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4008 cherokee<1.2.99 cross-site-request-forgery http://secunia.com/advisories/44821/ asterisk>=1.8<1.8.4.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2216 adobe-flash-plugin<10.3.181.22 cross-site-scripting http://www.adobe.com/support/security/bulletins/apsb11-13.html lua-expat<1.2.0 denial-of-service http://secunia.com/advisories/44866/ prosody<0.8.1 denial-of-service http://secunia.com/advisories/44852/ sun-{jre,jdk}6<6.0.26 multiple-vulnerabilities http://secunia.com/advisories/44784/ p5-Data-FormValidator-[0-9]* sensitive-information-exposure http://secunia.com/advisories/44832/ ruby1{8,9}-actionpack>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport>=3.0<3.0.8 cross-site-scripting http://secunia.com/advisories/44789/ asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-003.html asterisk<1.6.2.17.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk>=1.8<1.8.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-004.html asterisk<1.6.2.17.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk>=1.8<1.8.3.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-005.html asterisk<1.6.2.17.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.3.3 privilege-escalation http://downloads.digium.com/pub/security/AST-2011-006.html asterisk>=1.8<1.8.4.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-007.html tiff<3.9.5 multiple-vulnerabilities http://www.remotesensing.org/libtiff/v3.9.5.html dbus<1.2.4.6nb4 denial-of-service http://secunia.com/advisories/44896/ open-vm-tools-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/43798/ vte<0.26.2nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2198 php<5.2.17nb4 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 php>=5.3<5.3.6nb2 filename-injection http://svn.php.net/viewvc?view=revision&revision=312103 vlc<1.1.10 remote-system-access http://secunia.com/advisories/44412/ png>=1.2.23<1.5.3rc02 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 pngcrush<1.7.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 perl<5.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761 erlang<14.1.3 denial-of-service http://www.erlang.org/download/otp_src_R14B03.readme php<5.2.17nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 php>=5.3<5.3.6nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 adobe-flash-plugin<10.3.181.26 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb11-18.html suse{,32}_openssl<11.3nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2011-1945.html tomboy<1.2.1nb5 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005 opera<11.50 denial-of-service http://www.securityfocus.com/bid/48262 ruby1{8,9}-actionpack<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ ruby1{8,9}-activesupport<2.3.12 cross-site-scripting http://secunia.com/advisories/44789/ fabric<1.1.0 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2185 firefox>=4<5.0 sensitive-information-exposure http://secunia.com/advisories/44972/ groff<1.20.1nb4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5044 postgresql84-pgcrypto<8.4.9 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 postgresql90-pgcrypto<9.0.5 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 php>=5.3<5.3.6nb4 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 john<1.7.6nb1 weak-authentication http://www.openwall.com/lists/announce/2011/06/21/1 firefox<3.6.18 multiple-vulnerabilities http://secunia.com/advisories/44982/ thunderbird<3.1.11 multiple-vulnerabilities http://secunia.com/advisories/44982/ libreoffice3-bin<3.3.3 arbitrary-code-execution http://www.kb.cert.org/vuls/id/953183 asterisk>=1.6<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-008.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-009.html asterisk>=1.6.2.15<1.6.2.18.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html asterisk>=1.8<1.8.4.3 denial-of-service http://downloads.digium.com/pub/security/AST-2011-010.html curl>=7.10.6<7.21.7 spoofing-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 suse{,32}_libcurl<12.1 spoofing-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 pidgin<2.9.0 denial-of-service http://www.pidgin.im/news/security/?id=52 seamonkey<2.2 sensitive-information-exposure http://secunia.com/advisories/45007/ apache-tomcat>=5.5<5.5.34 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 apache-tomcat>=6<6.0.33 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 opera<11.50 multiple-vulnerabilities http://secunia.com/advisories/45060/ plone3-[0-9]* privilege-escalation http://plone.org/products/plone/security/advisories/20110622 drupal-5.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<3.1.4 remote-security-bypass http://secunia.com/advisories/45099/ wireshark<1.4.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2011-09.html asterisk>=1.6.2<1.6.2.18.2 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html asterisk>=1.8<1.8.4.4 information-leak http://downloads.digium.com/pub/security/AST-2011-011.html amaya<11.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6005 {firefox-bin,seamonkey-bin,ns}-flash-9.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.4pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.7.0<9.7.3pl3 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2464 bind>=9.8.0<9.8.0pl4 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-2465 mit-krb5-appl<1.0.1nb1 remote-system-access http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-005.txt qemu<0.15.0 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2212 qemu<0.15.0 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527 xml-security-c<1.6.1 denial-of-service http://secunia.com/advisories/45151/ zope210<2.10.13 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 zope211<2.11.8 privilege-escalation http://plone.org/products/plone/security/advisories/20110622 freetype2<2.4.4nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0226 suse{,32}_freetype2<11.3nb3 remote-system-access http://support.novell.com/security/cve/CVE-2011-0226.html squirrelmail<1.4.22 multiple-vulnerabilities http://secunia.com/advisories/45197/ libsndfile<1.0.24nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696 vlc<1.1.10nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587 vlc<1.1.10nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588 apache-tomcat<5.5.34 denial-of-service http://secunia.com/advisories/45232/ apache-tomcat>=6<6.0.33 denial-of-service http://secunia.com/advisories/45232/ foomatic-filters>=4<4.0.6nb1 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964 foomatic-filters<4 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697 ioquake3<1.36.20200125 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764 phpmyadmin<3 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97.2 denial-of-service http://secunia.com/advisories/45382/ kdeutils-[0-9]* directory-traversal http://secunia.com/advisories/45378/ kdeutils4-[0-9]* directory-traversal http://secunia.com/advisories/45378/ freeradius-2.1.11 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2701 opensaml<2.4.3 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411 sun-{jre,jdk}6-[0-9]* arbitrary-code-execution http://secunia.com/advisories/45173/ suse{,32}_libxml2<11.3nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2011-1944.html samba<3.3.16 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba<3.3.16 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html samba>=3.5.0<3.5.10 cross-site-request-forgery http://samba.org/samba/security/CVE-2011-2522.html samba>=3.5.0<3.5.10 cross-site-scripting http://samba.org/samba/security/CVE-2011-2694.html libsoup24<2.34.2nb1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524 suse{,32}_base<11.3nb5 remote-system-access http://lists.opensuse.org/opensuse-updates/2011-07/msg00041.html mapserver<5.6.7 remote-system-access http://secunia.com/advisories/45257/ libmodplug<0.8.8.4 remote-system-access http://secunia.com/advisories/45131/ bugzilla<3.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.4.11 multiple-vulnerabilities http://secunia.com/advisories/45501/ suse{,32}_gtk2<11.3nb5 denial-of-service http://secunia.com/advisories/45308/ gdk-pixbuf<0.22.0nb15 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897 typo3<4.5.4 multiple-vulnerabilities http://secunia.com/advisories/45557/ moodle<2.1.1 remote-security-bypass http://secunia.com/advisories/45487/ ffmpeg<20110907.0.7.4 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2011-002.html mplayer<1.0rc20100913nb10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3362 libXfont<1.4.4 privilege-escalation http://secunia.com/advisories/45544/ adobe-flash-plugin<10.3.183.5 remote-system-access http://www.adobe.com/support/security/bulletins/apsb11-21.html isc-dhcpd<4.2.2 denial-of-service http://secunia.com/advisories/45582/ mplayer<1.0rc20100913nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3625 gimp<2.6.11nb9 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 stunnel<4.42 remote-code-execution http://stunnel.org/?page=sdf_ChangeLog thunderbird<6 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-31.html firefox{,-bin}<3.6.20 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-30.html firefox{,-bin}>=4<6 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-29.html seamonkey{,-bin}<2.3 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-33.html libpurple<2.10.0 multiple-vulnerabilities http://pidgin.im/news/security/ pidgin<2.10.0 unsafe-file-execution http://pidgin.im/news/security/?id=55 suse{,32}_libpng<11.3nb2 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2011-08/msg00026.html gdk-pixbuf2<2.22.1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 roundcube<0.5.4 cross-site-scripting http://secunia.com/advisories/45605/ php-5.3.7 remote-security-bypass http://secunia.com/advisories/45678/ ruby1{8,9}-actionpack>=3.0<3.0.10 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2929 ruby1{8,9}-activerecord>=3.0<3.0.10 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-activerecord<2.3.14 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-actionpack>=3.0<3.0.10 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby1{8,9}-actionpack<2.3.14 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby18-activesupport>=3.0<3.0.10 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby18-activesupport<2.3.14 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby1{8,9}-actionpack<2.3.14 http-header-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186 apache>=2.0<2.0.64nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 apache>=2.2<2.2.19nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 RealPlayerGold-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin>=3.3.0<3.4.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php cups<1.4.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 cups<1.4.8nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170 squid>=3.0<3.1.15 remote-system-access http://www.squid-cache.org/Advisories/SQUID-2011_3.txt apache-tomcat<5.5.34 remote-security-bypass http://secunia.com/advisories/45748/ apache-tomcat>=6<6.0.34 remote-security-bypass http://secunia.com/advisories/45748/ opera<11.51 multiple-vulnerabilities http://secunia.com/advisories/45791/ xenkernel33<3.3.2nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel3<3.1.4nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/45622/ openttd<1.1.3 multiple-vulnerabilities http://secunia.com/advisories/45832/ mantis<1.2.8 multiple-vulnerabilities http://secunia.com/advisories/45829/ firefox<6.0.1 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox36<3.6.21 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-34.html thunderbird<3.1.13 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-34.html seamonkey<2.3.2 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox<6.0.2 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-35.html firefox36<3.6.22 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-35.html thunderbird<3.1.14 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-35.html seamonkey<2.3.3 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-35.html openssl<0.9.8s denial-of-service http://www.openssl.org/news/secadv_20110906.txt wireshark<1.6.2 multiple-vulnerabilities http://web.nvd.nist.gov/view/vuln/detail?vulnId=2011-3266 librsvg<2.34.1 denial-of-service http://secunia.com/advisories/45877/ cyrus-imapd>=2.2<2.3.17 buffer-overflow http://secunia.com/advisories/45938/ cyrus-imapd>=2.4<2.4.11 buffer-overflow http://secunia.com/advisories/45938/ p5-FCGI>=0.70<0.74 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2766 py{15,20,21,22,23,24,25,26,27,31}-django<1.2.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/ mozilla-rootcerts<1.0.20110902 man-in-the-middle-attack https://www.mozilla.org/security/announce/2011/mfsa2011-35.html apache>=2.2.12<2.2.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 typo3<4.5.6 sql-injection http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/ typo3<4.5.6 denial-of-service http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/ phpmyadmin>=3.4.0<3.4.5 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php evolution-data-server<3.1.1 remote-information-exposure http://secunia.com/advisories/45941/ openvas-server-[0-9]* local-privilege-escalation http://secunia.com/advisories/45836/ acroread9<9.4.6 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-24.html swi-prolog-packages<5.11.18nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 firefox<7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 firefox36<3.6.23 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.23 thunderbird<7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7 seamonkey<2.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.4 quagga<0.99.19 denial-of-service http://secunia.com/advisories/46139/ etherape<0.9.12 denial-of-service http://sourceforge.net/mailarchive/message.php?msg_id=27582286 adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-26.html ffmpeg<20111002.0.7.6 remote-system-access http://secunia.com/advisories/46134/ ffmpeg<20111002.0.7.6 multiple-vulnerabilities http://secunia.com/advisories/46245/ ldns<1.6.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3581 php<5.3.8nb1 remote-system-access http://secunia.com/advisories/46107/ awstats<7.0nb3 cross-site-scripting http://secunia.com/advisories/46160/ libpurple<2.10.1 unknown-impact http://developer.pidgin.im/ticket/14636 cyrus-imapd>=2.2<2.3.18 security-bypass http://secunia.com/advisories/46093/ cyrus-imapd>=2.4<2.4.12 security-bypass http://secunia.com/advisories/46093/ kdelibs4<4.5.5nb8 spoofing-attack https://kde.org/info/security/advisory-20111003-1.txt p5-Crypt-DSA<1.17 security-bypass http://secunia.com/advisories/46275/ vlc<1.1.11nb2 denial-of-service http://www.videolan.org/security/sa1107.html puppet-[0-9]* local-system-compromise http://secunia.com/advisories/46223/ ruby1{8,9,93}-puppet<2.7.4 local-system-compromise http://secunia.com/advisories/46223/ puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46286/ ruby1{8,9,93}-puppet<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/46286/ apache<2.0.65 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 apache>=2.2<2.2.21nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 xpdf<3.03 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES typolight28<2.8.4nb5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao29<2.9.5nb5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao210<2.10.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 qemu<0.15.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3346 png>=1.5.4<1.5.5 denial-of-service http://secunia.com/advisories/46148/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/46105/ xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/46105/ perl<5.14.2 remote-system-access http://secunia.com/advisories/46172/ p5-Digest<1.17 remote-system-access http://secunia.com/advisories/46279/ perl<5.14.2nb1 remote-system-access http://secunia.com/advisories/46299/ phppgadmin<5.0.2 code-injection http://archives.postgresql.org/pgsql-announce/2010-11/msg00021.php phppgadmin<5.0.3 cross-site-scripting http://secunia.com/advisories/46248/ geeklog<1.8.1 cross-site-scripting http://secunia.com/advisories/46348/ opera<11.52 remote-system-access http://secunia.com/advisories/46375/ logsurfer<1.8 command-injection http://seclists.org/oss-sec/2011/q4/81 asterisk>=1.8<1.8.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2011-012.html psi-[0-9]* ssl-cert-spoofing http://secunia.com/advisories/46349/ phpmyadmin<3.4.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php clamav<0.97.3 denial-of-service http://secunia.com/advisories/46455/ suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3207.html suse{,32}_openssl<11.3nb5 denial-of-service http://support.novell.com/security/cve/CVE-2011-3210.html suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3193.html suse{,32}_qt4<11.3nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3194.html qt4-libs<4.7.3nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3193 qt4-tiff<4.7.3nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 moodle<2.1.2 multiple-vulnerabilities http://secunia.com/advisories/46247/ sun-{jre,jdk}6<6.0.29 multiple-vulnerabilities http://secunia.com/advisories/46512/ libpurple<2.10.1 denial-of-service http://secunia.com/advisories/46298/ modular-xorg-server<1.6.5nb14 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028 modular-xorg-server<1.6.5nb14 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029 mit-krb5<1.8.4nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529 empathy<3.2.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3635 puppet-[0-9]* man-in-the-middle-attack http://secunia.com/advisories/46550/ ruby1{8,9,93}-puppet<2.7.6 man-in-the-middle-attack http://secunia.com/advisories/46550/ suse{,32}_krb5<11.3nb4 multiple-vulnerabilities http://secunia.com/advisories/46546/ freetype2<2.4.7 remote-system-access http://secunia.com/advisories/46575/ suse{,32}_freetype2<11.3nb4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256 phpldapadmin<1.2.2 multiple-vulnerabilities http://secunia.com/advisories/46551/ PAM-[0-9]* privilege-escalation http://secunia.com/advisories/46583/ libxml2<2.7.8nb4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821 libxml2<2.7.8nb4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834 libxml2<2.7.8nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905 libxml2<2.7.8nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919 suse{,32}_libxml2<11.3nb4 remote-system-access http://secunia.com/advisories/47572/ suse{,32}_libxml2<11.3nb5 remote-system-access http://secunia.com/advisories/47647/ openldap-server<2.4.24nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4079 tor<0.2.2.34 remote-security-bypass http://secunia.com/advisories/46634/ net6-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 obby-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 calibre<0.8.25 multiple-vulnerabilities http://secunia.com/advisories/46620/ squid>=3<3.1.16 denial-of-service http://secunia.com/advisories/46609/ qt4-tiff<4.7.3nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 wireshark<1.6.3 multiple-vulnerabilities http://secunia.com/advisories/46644/ php>=5.3<5.3.8nb1 arbitrary-code-execution http://secunia.com/advisories/46107/ phpmyadmin<3.4.7.1 information-disclosure http://secunia.com/advisories/46447/ ffmpeg<20110907.0.7.4 multiple-vulnerabilities http://secunia.com/advisories/46111/ apache>=2.2<2.2.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 apache<2.0.65 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 apache>=2.2<2.2.21nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 xenkernel41<4.1.2 denial-of-service http://secunia.com/advisories/46105/ caml-light<0.74nb2 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 moscow_ml<2.01nb1 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 adobe-flash-plugin<10.3.183.10 multiple-vulnerabilities http://secunia.com/advisories/46113/ p5-Parallel-ForkManager<1.0.0 insecure-temp-files https://nvd.nist.gov/vuln/detail/CVE-2011-4115 ffmpeg<20111104.0.7.7 multiple-vulnerabilities http://secunia.com/advisories/46736/ gnutls<2.12.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128 adobe-flash-plugin>=10.1<10.3.183.11 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html adobe-flash-plugin>=11<11.1.102.55 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb11-28.html firefox<8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox8 thunderbird<8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird8 proftpd<1.3.3g remote-system-access http://bugs.proftpd.org/show_bug.cgi?id=3711 audacious-plugins<3.0.3 remote-system-access http://jira.atheme.org/browse/AUDPLUG-394 freetype2<2.4.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 suse{,32}_freetype2<12.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 python25-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bind<9.6.3.1.ESV.5pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 bind>=9.7.0<9.7.4pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 bind>=9.8.0<9.8.1pl1 denial-of-service http://www.isc.org/software/bind/advisories/cve-2011-4313 nginx<1.0.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315 dovecot>=2<2.0.16 ssl-cert-spoofing http://secunia.com/advisories/46886/ ruby1{8,9,93}-actionpack>=3<3.0.11 cross-site-scripting http://secunia.com/advisories/46877/ apache>=2.2.12<2.2.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 gnash<0.8.10 insecure-temp-files http://secunia.com/advisories/46955/ ffmpeg<20111121.0.7.8 multiple-vulnerabilities http://secunia.com/advisories/46888/ namazu<2.0.21 cross-site-scripting http://secunia.com/advisories/46925/ ejabberd<2.1.9 denial-of-service http://secunia.com/advisories/46915/ apache>=2.0<2.2.21nb4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639 apache<2.2.21nb5 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317 lighttpd<1.4.29nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362 mediawiki<1.17.1 remote-information-exposure http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html py{25,26,27,31}-clearsilver<0.10.5nb1 denial-of-service http://secunia.com/advisories/47016/ p5-Proc-ProcessTable<0.47 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4363 phpmyadmin<3.4.8 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php p5-PAR<1.003 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4114 libarchive<2.8.4nb4 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777 libarchive<2.8.4nb4 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1778 opera<11.60 denial-of-service http://www.securityfocus.com/bid/50421 chasen-base>=2.4<2.4.4nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4000 privoxy>=3.0.5<3.0.18 http-response-splitting http://www.securityfocus.com/bid/50768 moodle<1.9.15 multiple-vulnerabilities http://secunia.com/advisories/47076/ moodle>2.1<2.1.3 multiple-vulnerabilities http://secunia.com/advisories/47103/ moodle>2.0<2.0.6 multiple-vulnerabilities http://secunia.com/advisories/47103/ acroread9<9.4.7 remote-system-access http://www.adobe.com/support/security/advisories/apsa11-04.html firefox<31 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4688 isc-dhcpd<4.2.3p1 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4539 jasper<1.900.1nb6 remote-system-access http://secunia.com/advisories/47175/ asterisk>=1.6<1.6.2.21 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html asterisk>=1.8<1.8.7.2 information-leak http://downloads.digium.com/pub/security/AST-2011-013.html asterisk>=1.6.2<1.6.2.21 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html asterisk>=1.8<1.8.7.2 denial-of-service http://downloads.digium.com/pub/security/AST-2011-014.html opera<11.60 multiple-vulnerabilities http://secunia.com/advisories/47077/ cacti<0.8.7i cross-site-scripting http://secunia.com/advisories/47195/ icu<4.8.1nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599 typo3<4.5.9 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/ typo3>=4.6.0<4.6.2 remote-code-execution http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/ unbound<1.4.14 denial-of-service http://secunia.com/advisories/47220/ adobe-flash-plugin<11.1.102.62 remote-system-access http://secunia.com/advisories/47161/ tor<0.2.2.35 remote-system-access http://secunia.com/advisories/47276/ firefox<9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9 thunderbird<9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird9 seamonkey<2.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.6 xulrunner192<1.9.2.23 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 xulrunner>=2<9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html opera-[0-9]* sensitive-information-exposure http://secunia.com/advisories/47128/ ipmitool<1.8.11nb1 denial-of-service http://secunia.com/advisories/47173/ p5-HTML-Template-Pro<0.9507 cross-site-scripting http://secunia.com/advisories/47184/ websvn<2.3.1 cross-site-scripting http://secunia.com/advisories/47288/ php{5,53}-tiki6<6.5 cross-site-scripting http://secunia.com/advisories/47278/ plib<1.8.5nb2 remote-system-access http://secunia.com/advisories/47297/ vlc<1.1.13 remote-system-access http://secunia.com/advisories/47325/ vlc08-[0-9]* remote-system-access http://secunia.com/advisories/47325/ phpmyadmin<3.4.9 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php phpmyadmin<3.4.9 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php mit-krb5-appl<1.0.1nb3 remote-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 heimdal<1.4nb2 remote-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 mit-krb5<1.8 remote-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 kth-krb4-[0-9]* remote-root-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 php{5,53}-tiki6<6.5nb1 code-injection http://secunia.com/advisories/47320/ ruby18-base<1.8.7.357 denial-of-service http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2011-4815 plone25-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html plone3-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html jetty<7.6.0rc3 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html php<5.3.8nb2 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html apache-tomcat<5.5.35 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html apache-tomcat>=6<6.0.35 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html apache-tomcat>=7<7.0.23 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html maradns<1.4.09 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html mpack<1.6nb3 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4919 bugzilla>=2.0<3.4.13 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=2.0<3.4.12 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=2.17.1<3.4.13 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.5.1<3.6.7 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.7.1<4.0.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=4.1.1<4.2rc1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=2.23.3<3.4.13 unauthorized-account-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.5.1<3.6.7 unauthorized-account-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.7.1<4.0.3 unauthorized-account-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=4.1.1<4.2rc1 unauthorized-account-creation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 wordpress<3.3.1 unauthorized-account-creation http://secunia.com/advisories/47371/ suse{,32}_base<11.3nb8 information-disclosure http://secunia.com/advisories/47432/ suse{,32}_base<11.3nb8 local-system-compromise http://secunia.com/advisories/47409/ spamdyke<4.2.1 plaintext-injection http://secunia.com/advisories/47435/ firefox<10.0.3 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455 openssl<0.9.8s multiple-vulnerabilities http://secunia.com/advisories/47426/ suse113{,32}_openssl<11.3nb6 multiple-vulnerabilities http://secunia.com/advisories/47426/ ffmpeg<20120112.0.7.11 multiple-vulnerabilities http://secunia.com/advisories/47383/ openttd<1.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0048 gnutls>=3<3.0.11 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0390 mysql-client-5.0.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.0.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-01.html wireshark<1.6.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-02.html wireshark<1.6.5 remote-user-shell http://www.wireshark.org/security/wnpa-sec-2012-03.html emacs>=23<23.3bnb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs-nox11>=23<23.3bnb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs>=24<24.0.93 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 powerdns<2.9.22.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0206 ruby{18,19,193}-rack>=1.3<1.3.6 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html ruby{18,19,193}-rack>=1.2<1.2.5 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html ruby{18,19,193}-rack<1.1.3 denial-of-service http://www.ocert.org/advisories/ocert-2011-003.html mediawiki<1.17.2 sensitive-information-exposure http://secunia.com/advisories/47547/ isc-dhcpd<4.2.3p2 denial-of-service https://www.isc.org/software/dhcp/advisories/cve-2011-4868 apache<2.0.65 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 apache>=2.2.0<2.2.21nb6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 tahoe-lafs<1.9.1 remote-data-manipulation http://secunia.com/advisories/47506/ apache-tomcat>=6.0.30<6.0.34 remote-security-bypass http://secunia.com/advisories/47554/ moodle<2.1.4 remote-security-bypass http://secunia.com/advisories/47559/ moodle>=2.2<2.2.1 remote-security-bypass http://secunia.com/advisories/47559/ jenkins<1.424.2 denial-of-service https://www.cloudbees.com/jenkins-security-advisory-2012-01-12 ffmpeg<20120112.0.7.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893 ffmpeg<20120112.0.7.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895 php<5.3.9 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0057 spamdyke<4.3.0 remote-system-access http://secunia.com/advisories/47548/ openssl<0.9.8t denial-of-service http://www.openssl.org/news/secadv_20120118.txt asterisk>=1.8<1.8.8.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html asterisk>=10.0<10.0.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-001.html php53-suhosin<5.3.9.0.9.33 buffer-overflow http://www.securityfocus.com/archive/1/521309 suse{,32}_qt4<11.3nb2 remote-system-access http://secunia.com/advisories/47645/ smokeping<2.6.7 cross-site-scripting http://secunia.com/advisories/47678/ qemu<1.0.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 qemu<1.3.0 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 curl<7.23.1nb1 sensitive-information-disclosure http://secunia.com/advisories/47690/ php5-suhosin<5.2.17.0.9.33 buffer-overflow http://secunia.com/advisories/47689/ php53-suhosin<5.3.9.0.9.33 buffer-overflow http://secunia.com/advisories/47689/ libvpx<1 unknown-impact http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html openssh<5.6 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814 apache>=2.2.17<2.2.21nb7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021 apache<2.0.65 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 apache>=2.2.0<2.2.21nb7 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 opera<11.61 multiple-vulnerabilities http://secunia.com/advisories/47686/ samba>=3.6.0<3.6.3 denial-of-service http://www.samba.org/samba/history/samba-3.6.3.html drupal>6<6.23 multiple-vulnerabilities http://drupal.org/node/1425084 drupal>7<7.11 multiple-vulnerabilities http://drupal.org/node/1425084 firefox<10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 thunderbird<10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10 seamonkey<2.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7 xulrunner192<1.9.2.26 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 xulrunner>=2<10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 php>=5.3.9<5.3.9nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 xentools33<3.3.2nb10 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xentools41<4.1.2nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xkeyboard-2.4 local-access http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up/ sudo>=1.8.0<1.8.3p2 privilege-escalation http://www.sudo.ws/sudo/alerts/sudo_debug.html ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/47765/ phpldapadmin<1.2.2nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0834 png>=1.5.4<1.5.7 multiple-vulnerabilities http://secunia.com/advisories/47827/ bugzilla>=3.5.1<3.6.8 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=3.7.1<4.0.4 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=4.1.1<4.2rc2 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=2.0<3.4.14 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.5.1<3.6.8 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.7.1<4.0.4 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=4.1<4.2rc2 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 ocaml<4.00.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0839 imp<4.3.11 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0791 horde<3.3.13 cross-site-scripting http://secunia.com/advisories/47904/ putty<0.62 sensitive-information-exposure http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html base-[0-9]* sql-injection http://www.securityfocus.com/bid/51874/discuss apr<1.4.5nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840 suse{,32}<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.4 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.7.5.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247 ImageMagick<6.7.5.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248 firefox>=10<10.0.1 arbitrary-code-execution https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10.0.1 thunderbird>=10<10.0.1 arbitrary-code-execution https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10.0.1 seamonkey>=2.7<2.7.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7.1 firefox36<3.6.24 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.24 firefox36<3.6.26 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.26 netsurf<2.9 sensitive-information-exposure http://secunia.com/advisories/48021/ mysql-server<5.1.62 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.22 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/47586/ mysql-server>=5.1<5.1.61 unknown-impact http://secunia.com/advisories/47928/ python25<2.5.6nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python26<2.6.7nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python27<2.7.2nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python31<3.1.4nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 libvorbis<1.3.2nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444 sun-{jdk,jre}6<6.0.31 multiple-vulnerabilities http://secunia.com/advisories/48009/ openjdk7<1.7.3 multiple-vulnerabilities http://secunia.com/advisories/48009/ openjdk7-icedtea-plugin-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 png<1.5.8nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 adobe-flash-plugin<11.1.102.62 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-03.html phpmyadmin<3.4.10.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190 firefox>=4<10.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-11.html thunderbird<10.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-11.html seamonkey<2.7.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-11.html firefox36<3.6.27 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner>=2<10.0.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner192-[0-9]* arbitrary-code-execution http://secunia.com/advisories/48069/ jenkins-[0-9]* cross-site-scripting http://secunia.com/advisories/48056/ samba<3.0.37nb9 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 samba>=3.1<3.3.16nb3 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 php{5,53,54,55}-tiki6-[0-9]* cross-site-scripting http://secunia.com/advisories/48102/ powerdns-recursor<3.5 spoofing-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1193 libxml2<2.7.8nb8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841 csound5<5.16.6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270 bugzilla>=4.0.2<4.0.5 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 bugzilla>=4.1.1<4.2 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 contao29<2.9.5nb6 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao210<2.10.4nb2 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao211<2.11.2nb1 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 dropbear<2012.55 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920 ruby1{8,9,93}-activesupport>=3<3.0.11nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-activesupport>=3.1.0<3.1.3nb2 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-actionpack>=3<3.0.11nb3 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 ruby1{8,9,93}-actionpack>=3.1.0<3.1.3nb1 cross-site-scripting http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1098 postgresql83{,-server,-client}<8.3.18 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql84{,-server,-client}<8.4.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql90{,-server,-client}<9.0.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ postgresql91{,-server,-client}<9.1.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1377/ openssl<0.9.8tnb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250 p5-XML-Atom<0.39 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1102 taglib<1.7.1 denial-of-service http://secunia.com/advisories/48211/ adobe-flash-plugin>10<11.1.102.63 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html adobe-flash-plugin<10.3.183.16 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-05.html mantis<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/48258/ freetype2<2.4.9 multiple-vulnerabilities http://secunia.com/advisories/48268/ puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/ ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1053/ puppet-[0-9]* privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/ ruby1{8,9,93}-puppet<2.6.14 privilege-escalation http://puppetlabs.com/security/cve/CVE-2012-1054/ kadu>=0.9.0<0.11.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1410 jenkins<1.424.5 cross-site-scripting http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-03-05.cb py{24,25,26,27,31}-sqlalchemy<0.7.0 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0805 ruby{18,19,193}-rails-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activesupport-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activerecord-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionmailer-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activeresource-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack>3<3.0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 ruby{18,19,193}-actionpack>3.1<3.1.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 p5-YAML-LibYAML<0.38nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1152 phpldapadmin<1.2.2nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114 phpldapadmin<1.2.2nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115 p5-DBD-postgresql<2.19.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1151 libxslt<1.1.26nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970 openssl<0.9.8u man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884 openssl<0.9.8u denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619 openldap-server<2.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164 python25-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python26<2.6.7nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python27<2.7.2nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python31<3.1.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 gnash-[0-9]* remote-system-access http://secunia.com/advisories/47183/ firefox>=4<10.0.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox11 thunderbird>=4<10.0.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird11 seamonkey<2.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.8 firefox36<3.6.28 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.28 xulrunner>=2<11 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner10>=2<10.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner192<1.9.2.28 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-19.html libpurple<2.10.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178 pidgin<2.10.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939 nginx<1.0.14 sensitive-information-exposure http://secunia.com/advisories/48366/ lshell<0.9.15 security-bypass http://secunia.com/advisories/48367/ lshell<0.9.15.1 security-bypass http://secunia.com/advisories/48424/ libgdata<0.11.1 man-in-the-middle-attack http://secunia.com/advisories/48315/ audacious-plugins<3.1 remote-system-access http://secunia.com/advisories/48439/ gif2png<2.5.8 remote-system-access http://secunia.com/advisories/48437/ quagga<0.99.20.1 multiple-vulnerabilities http://secunia.com/advisories/48388/ asterisk>=1.6<1.6.2.23 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=1.8<1.8.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=10.0<10.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-002.html asterisk>=1.8<1.8.10.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html asterisk>=10.0<10.2.1 arbitrary-code-execution http://downloads.digium.com/pub/security/AST-2012-003.html moodle<2.1.5 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.5_release_notes#Security_issues maradns<2 remote-spoofing http://secunia.com/advisories/48492/ vlc08-[0-9]* remote-system-access http://secunia.com/advisories/48503/ vlc-1.* remote-system-access http://secunia.com/advisories/48503/ vlc>=2<2.0.1 remote-system-access http://secunia.com/advisories/48500/ libzip<0.10.1 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1162 libzip<0.10.1 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1163 inspircd<2.0.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1836 openoffice3{,-bin}-[0-9]* sensitive-information-exposure http://www.openoffice.org/security/cves/CVE-2012-0037.html libreoffice3-bin<3.4.6 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 gnutls<2.12.17 local-system-compromise https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573 libtasn1<2.12 local-system-compromise https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569 openjpeg<1.5 arbitrary-code-execution http://secunia.com/advisories/48498/ raptor-[0-9]* sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 raptor2<2.0.7 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 mediawiki<1.17.3 multiple-vulnerabilities http://secunia.com/advisories/48504/ suse{,32}_openssl<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2006-7250.html opera<11.62 multiple-vulnerabilities http://secunia.com/advisories/48535/ typo3<4.5.14 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ typo3>=4.6.0<4.6.7 multiple-vulnerabilities https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001/ nginx>=0.1.0<0.7.65 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 nginx>=0.8.0<0.8.22 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-04.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-05.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-06.html wireshark<1.6.6 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-07.html file<5.11 heap-based-buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571 suse{,32}_libpng<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2011-3045.html phppgadmin<5.0.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1600 png<1.5.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 adobe-flash-plugin>10<11.2.202.228 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html adobe-flash-plugin<10.3.183.18 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-07.html expat<2.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876 expat<2.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147 expat<2.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148 suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-0876.html suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1147.html suse{,32}_libexpat<12.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2012-1148.html jdbc-postgresql80-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql81-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql82-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages csound5-[0-9]* remote-system-access http://secunia.com/advisories/48719/ csound5<5.16.7 remote-system-access http://secunia.com/advisories/48148/ rpm<4.9.1.3 remote-system-access http://secunia.com/advisories/48651/ tiff<4.0.1nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 suse{,32}_libtiff<12.1nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 ImageMagick<6.7.5.10nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610 ImageMagick<6.7.5.10nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259 ImageMagick<6.7.5.10nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260 ImageMagick<6.7.5.10nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798 ap{2,22}-fcgid>=2.3.6<2.3.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1181 slock<1.0 local-security-bypass http://secunia.com/advisories/48700/ gajim<0.15 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2085 gajim<0.15 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2086 mysql-server>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/ mysql-client>=5.5<5.5.20 unknown-impact http://secunia.com/advisories/48744/ ffmpeg<20120919.0.10.5 multiple-vulnerabilities http://secunia.com/advisories/48770/ flightgear-[0-9]* buffer-overflow http://secunia.com/advisories/48780/ acroread9<9.5.1 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-08.html samba<3.0.37nb10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.3<3.3.16nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.5<3.5.14 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.6<3.6.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 puppet-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/48743/ ruby1{8,9}-puppet<2.7.13 multiple-vulnerabilities http://secunia.com/advisories/48743/ suse{,32}_openssl<12.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2012-1165.html openssl<0.9.8u denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 openssl>=1.0<1.0.0h denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 links{,-gui}<2.6 local-system-compromise http://secunia.com/advisories/48689/ gcc<4.5 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc3-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc34-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc44-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.1nb1 local-system-compromise http://secunia.com/advisories/48805/ gallery>=2.0<2.3.2 cross-site-scripting http://secunia.com/advisories/48767/ gallery>=3.0<3.0.3 cross-site-scripting http://secunia.com/advisories/48767/ suse{,32}_libpng<12.1nb2 local-system-compromise http://support.novell.com/security/cve/CVE-2011-3048.html openjpeg<1.5.0 arbitrary-code-execution http://secunia.com/advisories/48781/ phpmyadmin>=3.4.0<3.4.10.2 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php mysql-server<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html mysql-client<5.0.95 unknown-impact http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html mysql-server>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html mysql-client>=5.1<5.1.62 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html mysql-server>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html mysql-client>=5.1<5.1.63 unknown-impact http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html mysql-server>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html mysql-client>=5.5<5.5.22 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html mysql-server>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html mysql-client>=5.5<5.5.23 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html mysql-server>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html mysql-client>=5.5<5.5.24 unknown-impact http://dev.mysql.com/doc/refman/5.5/en/news-5-5-24.html gajim<0.15 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2093 typo3<4.5.15 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/ typo3>=4.6.0<4.6.8 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-002/ openssl<0.9.8v denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0<1.0.0i denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0.1<1.0.1a denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 php{5,53}-owncloud<3.0.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2269 php{5,53}-owncloud<3.0.2 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2270 bugzilla>=2.17.4<3.6.9 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=3.7.1<4.0.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=4.1.1<4.2.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=2.17.4<3.6.9 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=3.7.1<4.0.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=4.1.1<4.2.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 php{5,53}-owncloud<3.0.2 remote-security-bypass https://seclists.org/fulldisclosure/2012/Apr/223 ruby1{8,9,93}-rubygems<1.8.23 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby19-base<1.9.2pl320 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby193-base<1.9.3p194 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 mysql-server>=5.1<5.1.61 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.5<5.5.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.1<5.1.62 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.5<5.5.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.1<5.1.62 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1696 mysql-server>=5.5<5.5.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1697 mysql-server>=5.1<5.1.62 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 mysql-server>=5.5<5.5.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 apache>=2.0<2.2.22nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 apache>=2.4<2.4.2 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 asterisk>=1.6<1.6.2.24 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=1.8<1.8.11.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=10.0<10.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-004.html asterisk>=1.6<1.6.2.24 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=1.8<1.8.11.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=10.0<10.3.1 buffer-overrun http://downloads.digium.com/pub/security/AST-2012-005.html asterisk>=1.8<1.8.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html asterisk>=10.0<10.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-006.html firefox36-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner192-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.1nb3 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-0884.html wordpress<3.3.2 multiple-vulnerabilities http://secunia.com/advisories/48957/ firefox10<10.0.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.4 firefox<12 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox12 thunderbird10<10.0.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.4 thunderbird<12 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12 seamonkey<2.9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.9 xulrunner<12 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-20.html xulrunner10<10.0.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-20.html openssl<0.9.8w denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131 net-snmp<5.6.1.1nb3 denial-of-service http://secunia.com/advisories/48938/ ruby1{8,9,93}-mail<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/48970/ python32<3.2.4 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2135 php{5,53,54,55}-concrete5<5.7.4.2 cross-site-scripting http://secunia.com/advisories/48997/ samba>=3.5<3.5.15 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 samba>=3.6<3.6.5 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 drupal>=7<7.13 multiple-vulnerabilities http://secunia.com/advisories/49012/ p5-Config-IniFiles<2.71 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2451 php<5.3.12nb1 sensitive-information-exposure http://secunia.com/advisories/49014/ libpurple<2.10.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214 adobe-flash-plugin<10.3.183.19 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html adobe-flash-plugin>=11<11.2.202.235 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-09.html php{5,53}-orangehrm<2.7 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1506 php{5,53}-orangehrm<2.7 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1507 opera<11.64 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/ openssl<0.9.8x denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 drupal<6.27 information-disclosure http://secunia.com/advisories/49131/ drupal>=7.0<7.15 information-disclosure http://secunia.com/advisories/49131/ sympa<6.1.11 multiple-vulnerabilities http://secunia.com/advisories/49045/ pidgin-otr<3.2.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2369 socat<1.7.2.1 remote-system-access http://secunia.com/advisories/49105/ gdk-pixbuf2<2.26.1nb2 remote-system-access http://secunia.com/advisories/49125/ taglib<1.7.2 denial-of-service http://secunia.com/advisories/49159/ libxml2<2.7.8nb10 remote-system-access http://secunia.com/advisories/49177/ openoffice3{,-bin}<3.4 remote-system-access http://secunia.com/advisories/46992/ libreoffice3{,-bin}<3.5.3 remote-system-access http://secunia.com/advisories/47244/ sudo<1.7.9p1 local-security-bypass http://secunia.com/advisories/49219/ ikiwiki<3.20120516 cross-site-scripting http://secunia.com/advisories/49232/ moodle<2.1.6 multiple-vulnerabilities http://secunia.com/advisories/49233/ wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-08.html wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-09.html wireshark<1.6.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-10.html rt<3.8.12 multiple-vulnerabilities http://secunia.com/advisories/49259/ haproxy<1.4.21 arbitrary-code-execution http://secunia.com/advisories/49261/ py{25,26,27,31,32}-crypto<2.6 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2417 apache-ant<1.8.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098 py{25,26,27,31,32}-feedparser<5.1.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921 xentools41<4.1.3nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625 xentools41<4.1.3nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544 asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-007.html asterisk>=1.8<1.8.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html asterisk>=10.0<10.4.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-008.html qemu<1.1.0 local-security-bypass http://secunia.com/advisories/49283/ focal81<0nb1 uses-gets http://gnats.netbsd.org/46510 asterisk<1.8 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql84-pgcrypto<8.4.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ postgresql90-pgcrypto<9.0.8 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ postgresql91-pgcrypto<9.1.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1397/ ups-nut<2.6.4 denial-of-service http://secunia.com/advisories/49348/ ruby{18,19,193}-activerecord>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-activerecord>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-activerecord>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3<3.0.13 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3.1<3.1.5 sql-injection http://secunia.com/advisories/49297/ ruby{18,19,193}-actionpack>=3.2<3.2.4 sql-injection http://secunia.com/advisories/49297/ gimp>=2.6.11<2.8.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763 bind>=9.6<9.6.3.1.ESV.7pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.7<9.7.6pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.8<9.8.3pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 bind>=9.9<9.9.1pl1 sensitive-information-exposure http://www.isc.org/software/bind/advisories/cve-2012-1667 mit-krb5<1.8.6nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013 xulrunner<13 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner<13 privilege-escalation https://www.mozilla.org/security/announce/2012/mfsa2012-35.html xulrunner<13 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner<13 information-disclosure https://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner<13 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-38.html nss<3.13.5 denial-of-service https://www.mozilla.org/security/announce/2012/mfsa2012-39.html xulrunner<13 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-40.html xulrunner10<10.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner10<10.0.5 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner10<10.0.5 information-disclosure https://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner10<10.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-38.html xulrunner10<10.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-40.html firefox10<10.0.5 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.5 firefox<13 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox13 thunderbird10<10.0.5 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.5 thunderbird<13 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13 seamonkey<2.10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.10 quagga-[0-9]* denial-of-service http://secunia.com/advisories/49401/ adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html adobe-flash-plugin>=11<11.2.202.236 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-14.html xenkernel33-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel3-[0-9]* privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel41<4.1.2nb1 privilege-escalation http://wiki.xen.org/wiki/Security_Announcements#XSA-7_64-bit_PV_guest_privilege_escalation_vulnerability xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-8_guest_denial_of_service_on_syscall.2Fsysenter_exception_generation xenkernel33-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 xenkernel3-[0-9]* denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 xenkernel41<4.1.2nb2 denial-of-service http://wiki.xen.org/wiki/Security_Announcements#XSA-9_PV_guest_host_Denial_of_Service_.28AMD_erratum_.23121.29 mantis<1.2.11 remote-security-bypass http://secunia.com/advisories/49414/ mysql-server>=5.1<5.1.63 multiple-vulnerabilities http://secunia.com/advisories/49409/ mysql-server>=5.5<5.5.25 multiple-vulnerabilities http://secunia.com/advisories/49409/ sun-{jdk,jre}6<6.0.33 multiple-vulnerabilities http://secunia.com/advisories/49472/ ruby{18,19,193}-activerecord>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-activerecord>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-activerecord>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3<3.0.14 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3.1<3.1.6 sql-injection http://secunia.com/advisories/49457/ ruby{18,19,193}-actionpack>=3.2<3.2.6 sql-injection http://secunia.com/advisories/49457/ asterisk>=10.0<10.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-009.html contao211<2.11.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2012-4383 mediawiki<1.19.1 cross-site-scripting http://secunia.com/advisories/49484/ opera<12 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unix/1200/ suse{,32}_libxml2<12.1nb2 remote-system-access http://support.novell.com/security/cve/CVE-2011-3102.html ioquake3<1.36.20200125 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3345 tiff<4.0.2 arbitrary-code-execution http://secunia.com/advisories/49493/ ap{2,22}-modsecurity{,2}<2.6.6 remote-security-bypass http://secunia.com/advisories/49576/ apache-roller<5.0.1 cross-site-scripting http://secunia.com/advisories/49593/ mini_httpd-[0-9]* escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2009-4490 thttpd-[0-9]* escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2009-4491 wordpress<3.4.1 multiple-vulnerabilities http://wordpress.org/news/2012/06/wordpress-3-4-1/ typo3<4.5.17 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ typo3>=4.6.0<4.6.10 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ typo3>=4.7.0<4.7.2 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-003/ suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2088.html suse{,32}_libtiff<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2113.html asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-010.html asterisk>=1.8<1.8.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html asterisk>=10.0<10.5.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-011.html libpurple<2.10.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3374 at-spi2-atk<2.5.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3378 mono<2.10.9nb12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382 vlc<2.0.2 remote-system-access http://secunia.com/advisories/49835/ libreoffice3{,-bin}<3.4.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 openoffice3{,-bin}-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 ruby1{8,9}-puppet<2.7.18 multiple-vulnerabilities http://secunia.com/advisories/49863/ libexif<0.6.21 multiple-vulnerabilities http://secunia.com/advisories/49857/ bash>4.2<4.2nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410 tcl-snack-[0-9]* remote-system-access http://secunia.com/advisories/49889/ openjpeg<1.5.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3358 moodle<2.1.7 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.1.7_release_notes firefox10<10.0.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.6 firefox<14 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox14 thunderbird10<10.0.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.6 thunderbird<14 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14 seamonkey<2.11 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.11 xulrunner<14 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-42.html xulrunner10<10.0.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-42.html tiff<4.0.2nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-3401.html php<5.3.15 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3365 nsd<3.2.12 denial-of-service http://secunia.com/advisories/49795/ suse{,32}_gtk2<12.1nb2 remote-system-access http://secunia.com/advisories/49983/ wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-11.html wireshark<1.6.9 denial-of-service http://www.wireshark.org/security/wnpa-sec-2012-12.html contao211<2.11.5 information-leak https://github.com/contao/core/issues/4535 squidclamav<6.7 denial-of-service https://secunia.com/advisories/49057/ isc-dhcp<4.2.4p1 multiple-vulnerabilities https://secunia.com/advisories/50018/ bind>=9.6<9.6.3.1.ESV.7pl2 denial-of-service http://secunia.com/advisories/50020/ bind>=9.7<9.7.6pl2 denial-of-service http://secunia.com/advisories/50020/ bind>=9.8<9.8.3pl2nb1 denial-of-service http://secunia.com/advisories/50020/ bind>=9.9<9.9.1pl2 denial-of-service http://secunia.com/advisories/50020/ RTFM<2.4.4 cross-site-scripting http://secunia.com/advisories/50024/ bugzilla>=2.17.5<3.6.10 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=3.7.1<4.0.7 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=4.1.1<4.2.2 sensitive-information-exposure https://secunia.com/advisories/50040/ bugzilla>=4.3.1<4.3.2 sensitive-information-exposure https://secunia.com/advisories/50040/ ganglia-webfrontend>=3.1.7<3.5.1 remote-code-execution https://secunia.com/advisories/50047/ ruby{18,19,193}-actionpack>=3<3.0.16 denial-of-service https://secunia.com/advisories/48682/ ruby{18,19,193}-actionpack>=3.1<3.1.7 denial-of-service https://secunia.com/advisories/48682/ ruby{18,19,193}-actionpack>=3.2<3.2.7 denial-of-service https://secunia.com/advisories/48682/ Transmission<2.61 cross-site-scripting https://secunia.com/advisories/50027/ xenkernel33<3.3.2nb6 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html xenkernel41<4.1.2nb3 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html openttd<1.2.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3436 libxml2<2.8.0nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807 suse{,32}_libxml2<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-2807.html ImageMagick<6.7.6.6nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3437 GraphicsMagick<1.3.16nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438 openldap-client<2.4.32 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668 py{25,26,27,31,32}-django<1.4.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442 py{25,26,27,31,32}-django<1.4.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443 py{25,26,27,31,32}-django<1.4.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444 mit-krb5>=1.8<1.10.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014 mit-krb5>=1.10<1.10.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015 libvirt-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3445 suse{,32}_libjpeg<12.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-2806.html icedtea-web<1.2.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422 icedtea-web<1.2.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423 suse{,32}_libpng<12.1nb3 denial-of-service http://support.novell.com/security/cve/CVE-2012-3425.html libreoffice3-bin<3.5.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 libreoffice<3.5.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 opera<12.01 arbitrary-code-execution http://www.opera.com/support/kb/view/1016/ opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1025/ opera<12.01 cross-site-scripting http://www.opera.com/support/kb/view/1026/ opera<12.01 remote-code-execution http://www.opera.com/support/kb/view/1027/ ntop<5.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4165 openoffice3<3.4.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 openoffice3-bin<3.4.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 phpmyadmin>=3.5<3.5.2.1 information-disclosure http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php koffice<2.3.3 buffer-overflow http://secunia.com/advisories/50199/ gnome-screensaver>=3.4.2<3.4.4 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3452 emacs24{,-nox11}<24.1nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 emacs{,-nox11}>23.1<23.4nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 typo3<4.5.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ typo3>=4.6.0<4.6.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ typo3>=4.7.0<4.7.4 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-004/ adobe-flash-plugin<11.2.202.238 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb12-18.html php{5,53}-owncloud<4.0.6 multiple-vulnerabilities http://secunia.com/advisories/49894/ php{5,53}-owncloud<4.0.7 multiple-vulnerabilities http://secunia.com/advisories/50214/ acroread9-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/50290/ fetchmail<6.3.21nb1 multiple-vulnerabilities http://www.fetchmail.info/fetchmail-SA-2012-02.txt fetchmail<6.3.22 information-disclosure http://www.fetchmail.info/fetchmail-SA-2012-01.txt ruby{18,19,193}-rails<3.0.17 cross-site-scripting http://secunia.com/advisories/50128/ ruby{18,19,193}-rails>=3.1<3.1.8 cross-site-scripting http://secunia.com/advisories/50128/ ruby{18,19,193}-rails>=3.2<3.2.8 cross-site-scripting http://secunia.com/advisories/50128/ rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/50272/ wireshark<1.6.10 multiple-vulnerabilities http://secunia.com/advisories/50276/ postgresql83-server<8.3.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql84-server<8.4.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql90-server<9.0.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ postgresql91-server<9.1.5 multiple-vulnerabilities http://www.postgresql.org/about/news/1407/ phpmyadmin>=3.4<3.5.2.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php nss<3.13.4 denial-of-service http://secunia.com/advisories/49288/ xenkernel41<4.1.2nb4 denial-of-service http://lists.xen.org/archives/html/xen-devel/2012-08/msg00855.html gimp<2.8.0nb3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481 gimp<2.8.2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403 tinyproxy<1.8.3nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-3505 inn<2.5.3 remote-data-manipulation http://secunia.com/advisories/50320/ apache>=2.4<2.4.3 multiple-vulnerabilities http://httpd.apache.org/security/vulnerabilities_24.html#2.4.3 adobe-flash-plugin<11.2.202.238 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-19.html gnugk<3.1 unknown http://secunia.com/advisories/50343/ jabberd>=2<2.2.17 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3525 xetex<0.9998 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 firefox10<10.0.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7 firefox<15 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox15 thunderbird10<10.0.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.7 thunderbird<15 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird15 seamonkey<2.12 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.12 xulrunner<15 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-57.html xulrunner10<10.0.7 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-57.html openjpeg<1.5.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3535 mono<2.10.9nb12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543 asterisk>=1.8<1.8.15.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html asterisk>=10.0<10.7.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2012-012.html asterisk>=1.8<1.8.15.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html asterisk>=10.0<10.7.1 unauthorized-access http://downloads.digium.com/pub/security/AST-2012-013.html opera<12.02 arbitrary-code-execution http://www.opera.com/support/kb/view/1028/ sun-{jdk,jre}6<6.0.35 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681 mediawiki<1.19.2 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html bugzilla>=2.12<3.6.10 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=3.7.1<4.0.7 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=4.1.1<4.2.2 information-disclosure http://secunia.com/advisories/50433/ bugzilla>=4.3.1<4.3.2 information-disclosure http://secunia.com/advisories/50433/ ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50468/ wireshark<1.6.10nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 wireshark>=1.8.0<1.8.2nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 py{25,26,27,31,32}-moin<1.9.5 remote-security-bypass http://secunia.com/advisories/50496/ openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/50133/ php{53,54}-concrete5<5.6.0 multiple-vulnerabilities http://secunia.com/advisories/50001/ xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html xenkernel41<4.1.3 denial-of-service http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00003.html qemu<1.2.0 privilege-escalation http://secunia.com/advisories/50461/ php{53,54}-tiki6>=8<8.5 unknown-impact http://secunia.com/advisories/50488/ mcrypt<2.6.8nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4409 webmin<1.600 multiple-vulnerabilities http://secunia.com/advisories/50512/ xenkernel41<4.1.3 privilege-escalation http://lists.xen.org/archives/html/xen-announce/2012-09/msg00008.html wordpress<3.4.2 remote-security-bypass http://wordpress.org/news/2012/09/wordpress-3-4-2/ freeradius>=2<2.1.12nb4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 openslp<1.2.1nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4428 tor<0.2.2.39 denial-of-service http://secunia.com/advisories/50578/ vino-[0-9]* information-disclosure http://secunia.com/advisories/50527/ isc-dhcp<4.2.4p2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 bacula<5.2.11 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-4430 apache>=2.2<2.2.23 multiple-vulnerabilities http://www.apache.org/dist/httpd/Announcement2.2.html bind>=9.6<9.6.3.1.ESV.7pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.7<9.7.6pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.8<9.8.3pl3 denial-of-service https://kb.isc.org/article/AA-00778 bind>=9.9<9.9.1pl3 denial-of-service https://kb.isc.org/article/AA-00778 dbus>=1.5<1.6.6 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3524 xmlrpc-c-ss>=1.26<1.32 denial-of-service http://secunia.com/advisories/50648/ moodle<2.1.8 multiple-vulnerabilities http://secunia.com/advisories/50588/ optipng<0.7.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4432 jenkins<1.466.2 multiple-vulnerabilities http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb gnupg<1.4.12 remote-spoofing http://secunia.com/advisories/50639/ gnupg2<2.0.19 remote-spoofing http://secunia.com/advisories/50639/ wordpress<3.5 cross-site-scripting http://secunia.com/advisories/50715/ ghostscript<8.71nb10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405 ap{2,22}-rpaf<0.6 denial-of-service http://secunia.com/advisories/50400/ libxslt<1.1.27 multiple-vulnerabilities http://secunia.com/advisories/50864/ wireshark<1.8.3 multiple-vulnerabilities http://secunia.com/advisories/50843/ apache-tomcat-5.5.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox10<10.0.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.8 firefox<16 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16 thunderbird10<10.0.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.8 thunderbird<16 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16 seamonkey<2.13 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13 xulrunner<16 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-74.html xulrunner10<10.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-74.html bind>=9.6<9.6.3.1.ESV.7pl4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.7<9.7.7 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.8<9.8.4 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 bind>=9.9<9.9.2 denial-of-service https://www.isc.org/software/bind/advisories/cve-2012-5166 thunderbird10<10.0.9 security-bypass https://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox10<10.0.9 security-bypass https://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox<16.0.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16.0.1 thunderbird<16.0.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16.0.1 seamonkey<2.13.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13.1 xulrunner<16.0.1 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-88.html adobe-flash-plugin<10.3.183.20 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html adobe-flash-plugin>=11<11.2.202.243 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html phpmyadmin>=3.5<3.5.3 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php phpmyadmin>=3.5<3.5.3 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php xlockmore-lite>=5.0<5.38nb2 local-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore-lite>=5.39<5.41 local-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.0<5.38nb7 local-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.39<5.41 local-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 awstats<7.1 cross-site-scripting http://awstats.sourceforge.net/docs/awstats_changelog.txt sun-{jdk,jre}6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/50949/ drupal>=7.0<7.16 multiple-vulnerabilities http://drupal.org/node/1815912 ruby18-base<1.8.7.370nb2 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/ ruby193-base<1.9.3p286 security-bypass http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-4464-cve-2012-4466/ ffmpeg<20121028.1.0 multiple-vulnerabilities http://secunia.com/advisories/50963/ ap{2,22}-modsecurity{,2}<2.7.0 remote-security-bypass http://secunia.com/advisories/49853/ openjdk7{,-bin}<1.7.8 multiple-vulnerabilities http://secunia.com/advisories/51029/ py{25,26,27,31,32}-django<1.4.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4520 tiff<4.0.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 tiff<4.0.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 tiff<4.0.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 suse{,32}_libtiff<12.1nb3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 viewvc<1.1.16 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4533 exim<4.80.1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671 php{53,54}-tiki6<6.8 remote-system-access https://secunia.com/advisories/51067/ rt<3.8.15 multiple-vulnerabilities https://secunia.com/advisories/51062/ firefox<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html firefox10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html seamonkey<2.13.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html thunderbird<16.0.2 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html thunderbird10<10.0.10 cross-site-scripting https://www.mozilla.org/security/announce/2012/mfsa2012-90.html RTFM<2.4.5 security-bypass https://secunia.com/advisories/51062/ webkit-gtk<1.8.3 multiple-vulnerabilities https://secunia.com/advisories/51070/ kdelibs4<4.10.2 multiple-vulnerabilities https://secunia.com/advisories/51097/ suse{,32}_gtk2<12.1nb4 multiple-vulnerabilities https://secunia.com/advisories/51170/ tiff<4.0.3nb1 buffer-overflow https://secunia.com/advisories/51133/ pgbouncer<1.5.3 denial-of-service https://secunia.com/advisories/51128/ mysql-server>=5.1<5.1.66 multiple-vulnerabilities http://secunia.com/advisories/51008/ mysql-server>=5.5<5.5.28 multiple-vulnerabilities http://secunia.com/advisories/51008/ libproxy<0.3.1nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505 libproxy<0.3.1nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5580 wbm-passwd<1.605 cross-site-scripting https://secunia.com/advisories/51201/ typo3<4.5.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ typo3>=4.6.0<4.6.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ typo3>=4.7.0<4.7.6 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/ ruby193-base<1.9.3p327 security-bypass http://www.ruby-lang.org/en/news/2012/11/09/ruby19-hashdos-cve-2012-5371/ opera<12.10 multiple-vulnerabilities http://secunia.com/advisories/51183/ adobe-flash-plugin<10.3.183.43 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html adobe-flash-plugin>=11<11.2.202.251 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-22.html apache-tomcat<5.5.36 multiple-vulnerabilities http://secunia.com/advisories/51138/ apache-tomcat>=6<6.0.36 multiple-vulnerabilities http://secunia.com/advisories/51138/ apache-tomcat>=7<7.0.30 multiple-vulnerabilities http://secunia.com/advisories/51138/ gegl<0.2.0nb7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433 icedtea-web<1.2.2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540 weechat<0.3.9.1 remote-system-access http://secunia.com/advisories/51231/ gajim<0.15.3 remote-spoofing http://secunia.com/advisories/51209/ roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6130 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6131 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6132 roundup<1.4.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2012-6133 xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51200/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51200/ xenkernel41<4.1.3nb1 denial-of-service http://secunia.com/advisories/51200/ xmlrpc-c-ss<1.16.42 unknown-impact http://xmlrpc-c.sourceforge.net/change_super_stable.html moodle<2.1.9 multiple-vulnerabilities http://secunia.com/advisories/51243/ openvas-server<3.0.4 remote-system-access http://secunia.com/advisories/49128/ mantis<1.2.12 sensitive-information-exposure http://secunia.com/advisories/51300/ weechat<0.3.9.2 remote-system-access http://secunia.com/advisories/51294/ horde<4.0.9 cross-site-scripting http://secunia.com/advisories/51233/ kronolith<3.0.18 cross-site-scripting http://secunia.com/advisories/51233/ firefox10<10.0.11 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.11 firefox<17 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox17 thunderbird10<10.0.11 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.11 thunderbird<17 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17 seamonkey<2.14 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.14 xulrunner<17 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-91.html xulrunner10<10.0.11 arbitrary-code-execution https://www.mozilla.org/security/announce/2012/mfsa2012-91.html opera<12.11 multiple-vulnerabilities http://secunia.com/advisories/51331/ lighttpd-1.4.31 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533 php{53,54}-owncloud<4.5.2 multiple-vulnerabilities http://secunia.com/advisories/51357/ jenkins<1.480.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20 tor<0.2.3.25 denial-of-service http://secunia.com/advisories/51329/ libssh<0.53 multiple-vulnerabilities http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/ rssh<2.3.4 remote-security-bypass http://secunia.com/advisories/51343/ mediawiki<1.19.3 multiple-vulnerabilities http://secunia.com/advisories/51424/ wireshark<1.8.4 multiple-vulnerabilities http://secunia.com/advisories/51422/ dovecot>=2<2.1.11 denial-of-service http://secunia.com/advisories/51455/ mysql-server>=5.1<5.1.67 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612 mysql-server>=5.1<5.5 valid-account-enumeration https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 mysql-server>=5.5<5.6 valid-account-enumeration https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00828 bind>=9.9<9.9.2pl1 denial-of-service https://kb.isc.org/article/AA-00828 opera<12.12 multiple-vulnerabilities http://secunia.com/advisories/51462/ apache-tomcat>=7.0<7.0.31 multiple-vulnerabilities http://secunia.com/advisories/51425/ apache-tomcat>=6.0<6.0.35 multiple-vulnerabilities http://secunia.com/advisories/51425/ p5-Locale-Maketext<1.23 arbitrary-code-execution http://secunia.com/advisories/51498/ perl<5.14.2nb6 arbitrary-code-execution http://secunia.com/advisories/51498/ perl>=5.16.1<5.16.2nb1 arbitrary-code-execution http://secunia.com/advisories/51498/ bogofilter<1.2.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5468 xenkernel3-[0-9]* denial-of-service http://secunia.com/advisories/51397/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51397/ xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51397/ gimp<2.8.2nb7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576 mupdf<1.1 remote-system-access https://nvd.nist.gov/vuln/detail/CVE-2012-5340 adobe-flash-plugin<10.3.183.48 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html adobe-flash-plugin>=11<11.2.202.258 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb12-27.html ffmpeg<20121209.1.0.1nb1 remote-system-access http://secunia.com/advisories/51464/ libxml2<2.9.0nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 suse{,32}_libxml2<12.1nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 squid<2.7.9nb5 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt squid>=3.1<3.1.23 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2012_1.txt drupal<6.27 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal<6.27 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5652 drupal<6.27 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 drupal>=7.0<7.18 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal>=7.0<7.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 isearch<1.47.01nb1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2012-5663 nagios-base<3.4.4 arbitrary-code-execution http://secunia.com/advisories/51537/ tiff<4.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 qt4-libs<4.8.4 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5624 horde-3.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imp-4.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages turba-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ingo-1.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kronolith-2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-tiki6<6.9 remote-system-access http://secunia.com/advisories/51650/ php{53,54}-owncloud<4.5.5 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5665 php{53,54}-owncloud<4.5.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5666 grep<2.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5667 freetype2<2.4.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668 freetype2<2.4.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669 freetype2<2.4.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670 elinks>0.11<0.12rc6 remote-security-bypass http://bugzilla.elinks.cz/show_bug.cgi?id=1124 vlc<2.0.5 buffer-overflow http://secunia.com/advisories/51692/ gnupg<1.4.13 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 asterisk>=1.8<1.8.19.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=10.0<10.11.1 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=11.0<11.1.2 stack-overflow http://downloads.digium.com/pub/security/AST-2012-014.html asterisk>=1.8<1.8.19.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html asterisk>=10.0<10.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html asterisk>=11.0<11.1.2 denial-of-service http://downloads.digium.com/pub/security/AST-2012-015.html py{26,27}-moin<1.9.6 multiple-vulnerabilities http://secunia.com/advisories/51663/ swi-prolog<6.2.5 buffer-overflow http://secunia.com/advisories/51709/ rpm>=4.10.0<4.10.2 security-bypass http://secunia.com/advisories/51706/ ruby{18,19,193}-activerecord>3.0<3.0.18 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.1<3.1.9 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.2<3.2.10 sql-injection http://secunia.com/advisories/51697/ ruby{18,19,193}-activerecord>3.0<3.0.19 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.1<3.1.10 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.2<3.2.11 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3<3.0.19 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.1<3.1.10 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.2<3.2.11 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activesupport>=3<3.0.19 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.1<3.1.10 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.2<3.2.11 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 php{53,54}-concrete5<5.6.0.2nb1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5181 proftpd<1.3.4c privilege-elevation http://bugs.proftpd.org/show_bug.cgi?id=3841 jenkins<1.480.2 multiple-vulnerabilities http://secunia.com/advisories/51712/ nginx<1.7.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968 firefox10<10.0.12 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.12 firefox<18 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox18 thunderbird10<10.0.12 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.12 thunderbird<17.0.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2 seamonkey<2.15 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.15 xulrunner<18 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-01.html xulrunner10<10.0.12 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-01.html adobe-flash-plugin<10.3.183.50 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html adobe-flash-plugin>=11<11.2.202.261 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-01.html freeradius<2.2.0 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4966 sun-{jdk,jre}7<7.0.11 remote-system-access http://secunia.com/advisories/51820/ xenkernel41<4.1.4 denial-of-service http://secunia.com/advisories/51734/ ettercap<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/ ettercap-NG<0.7.5.2 remote-system-access http://secunia.com/advisories/51731/ acroread9<9.5.3 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-02.html gnupg2<2.0.19nb2 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 couchdb<1.2.1 remote-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5649 couchdb<1.2.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5650 drupal<6.28 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001 drupal>=7.0<7.19 multiple-vulnerabilities http://drupal.org/SA-CORE-2013-001 ruby{18,193}-rack<1.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack<1.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack<1.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 mysql-server>=5.1<5.1.67 multiple-vulnerabilities http://secunia.com/advisories/51894/ mysql-server>=5.5<5.5.29 multiple-vulnerabilities http://secunia.com/advisories/51894/ xentools41<4.1.4nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 atheme-[0-9]* denial-of-service http://secunia.com/advisories/51852/ mantis<1.2.13 cross-site-scripting http://secunia.com/advisories/51853/ moodle<2.3.4 multiple-vulnerabilities http://secunia.com/advisories/51842/ php{53,54}-owncloud<4.5.6 multiple-vulnerabilities http://secunia.com/advisories/51872/ suse{,32}_qt4<12.1nb1 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2012-4929.html suse{,32}_qt4<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2012-5624.html suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5668.html suse{,32}_freetype2<12.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2012-5669.html py{25,26,27,31,32}-django-cms<2.3.5 script-insertion http://secunia.com/advisories/51953/ wordpress<3.5.1 multiple-vulnerabilities http://secunia.com/advisories/51967/ bind>=9.8<9.8.4pl1 denial-of-service https://kb.isc.org/article/AA-00855 bind>=9.9<9.9.2pl1nb2 denial-of-service https://kb.isc.org/article/AA-00855 ruby{18,19,193}-activesupport>=3<3.0.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ruby{18,19,193}-activemodel>=3<3.0.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ffmpeg<20130121.1.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6617 ffmpeg<20130121.1.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6618 ffmpeg<20130120.1.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2013-0860 ffmpeg<20130120.1.1.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-0861 libupnp<1.6.18 buffer-overflow http://secunia.com/advisories/51949/ libssh<0.54 null-dereference http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/ libvirt<1.0.2 arbitrary-code-execution http://secunia.com/advisories/52003/ wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-01.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-02.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-03.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-04.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-05.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-06.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-07.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-08.html wireshark<1.8.5 denial-of-service http://www.wireshark.org/security/wnpa-sec-2013-09.html opera<12.13 multiple-vulnerabilities http://secunia.com/advisories/52005/ vlc<2.0.5nb2 buffer-overflow http://secunia.com/advisories/51995/ ircd-hybrid<7.2.3nb6 denial-of-service http://secunia.com/advisories/51948/ latd>=1.25<1.31 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0251 samba<3.5.21 clickjacking http://www.samba.org/samba/security/CVE-2013-0213 samba>=3.6<3.6.12 clickjacking http://www.samba.org/samba/security/CVE-2013-0213 samba<3.5.21 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214 samba>=3.6<3.6.12 cross-site-scripting http://www.samba.org/samba/security/CVE-2013-0214 miniupnpd<1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0229 samba<3.5 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}6<6.0.39 multiple-vulnerabilities http://secunia.com/advisories/52064/ sun-{jdk,jre}7<7.0.13 multiple-vulnerabilities http://secunia.com/advisories/52064/ ruby193-base<1.9.3p385 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ ruby{18,19,193}-rdoc<3.12.1 cross-site-scripting http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/ ruby19-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41<4.1.4nb4 denial-of-service http://secunia.com/advisories/52055/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/51881/ xenkernel41<4.1.3nb2 denial-of-service http://secunia.com/advisories/51881/ openssl<0.9.8y multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt openssl>=1.0.0<1.0.1d multiple-vulnerabilities http://www.openssl.org/news/secadv_20130205.txt qt4-libs<4.8.5 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254 curl>=7.26.0<7.28.1nb3 remote-system-access http://secunia.com/advisories/52103/ openssl-1.0.1d{,nb1} data-corruption http://www.mail-archive.com/openssl-dev@@openssl.org/msg32009.html ruby{18,193}-rack<1.2.8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.3<1.3.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262 roundcube<0.8.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6121 postgresql83-server<8.3.23 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql84-server<8.4.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql90-server<9.0.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql91-server<9.1.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql92-server<9.2.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 polarssl<1.2.5 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 gnutls<3.0.28 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619 ffmpeg<20130206.1.1.2 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0862 ffmpeg<20130206.1.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0863 ffmpeg<20130206.1.1.2 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0864 ffmpeg<20130206.1.1.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0865 ffmpeg<20130206.1.1.2 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0866 ffmpeg<20130206.1.1.2 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0867 ffmpeg<20130206.1.1.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ffmpeg<20130206.1.1.2 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0869 ffmpeg010<0.10.7 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ruby1{8,93}-puppet<2.7.1 multiple-vulnerabilities http://secunia.com/advisories/52127/ adobe-flash-plugin<10.3.183.51 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html adobe-flash-plugin>=11<11.2.202.262 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-04.html ruby{18,193}-activerecord<3.1.11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-activerecord>3.2<3.2.12 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-rails<3.1.0 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277 ruby{18,193}-json<1.7.7 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby{18,193}-json-pure<1.7.7 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby193-base<1.9.3p385nb2 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ganglia-webfrontend-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275 adobe-flash-plugin<10.3.183.61 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html adobe-flash-plugin>=11<11.2.202.270 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-05.html libpurple<2.10.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271 libpurple<2.10.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272 libpurple<2.10.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273 libpurple<2.10.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274 openjdk7{,-bin}<1.7.12 multiple-vulnerabilities http://secunia.com/advisories/52154/ sun-{jdk,jre}6-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jenkins<1.480.3 multiple-vulnerabilities http://secunia.com/advisories/52236/ lighttpd<1.4.30 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 lighttpd<1.4.30 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 firefox10-[0-9]* multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html firefox17<17.0.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.3 firefox<19 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19 thunderbird10-[0-9]* multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html thunderbird<17.0.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.3 seamonkey<2.16 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16 xulrunner10-[0-9]* arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner17<17.0.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner<19 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-21.html firefox10-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird10-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner10-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dbus-glib<0.100.1 privilege-escalation http://secunia.com/advisories/52225/ sun-{jdk,jre}6<6.0.41 multiple-vulnerabilities http://secunia.com/advisories/52257/ sun-{jdk,jre}7<7.0.15 multiple-vulnerabilities http://secunia.com/advisories/52257/ py{25,26,27,31,32}-django<1.4.4 multiple-vulnerabilities http://secunia.com/advisories/52243/ ruby193-base<1.9.3p392 denial-of-service http://www.ruby-lang.org/en/news/2013/02/22/rexml-dos-2013-02-22/ drupal>=7.0<7.20 denial-of-service http://drupal.org/SA-CORE-2013-002 geeklog<1.8.2.1 cross-site-scripting http://www.geeklog.net/article.php/geeklog-1.8.2sr1 acroread9<9.5.4 remote-system-access http://www.adobe.com/support/security/advisories/apsa13-02.html php{53,54}-owncloud<4.5.7 multiple-vulnerabilities http://secunia.com/advisories/52303/ hplip{,3}<3.11.10 multiple-vulnerabilities http://secunia.com/advisories/42956/ openjdk7{,-bin}<1.7.13 multiple-vulnerabilities http://secunia.com/advisories/52257/ php{53,54}-piwigo<2.4.7 cross-site-request-forgery http://secunia.com/advisories/52228/ bugzilla>=2.0<3.6.13 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=3.7.1<4.0.10 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=4.1.1<4.2.5 multiple-vulnerabilities http://secunia.com/advisories/52254/ bugzilla>=4.3.1<4.4rc2 multiple-vulnerabilities http://secunia.com/advisories/52254/ suse{,32}_openssl<12.1nb4 multiple-vulnerabilities http://secunia.com/advisories/52292/ apache-maven<3.0.5 man-in-the-middle-attack http://secunia.com/advisories/52381/ mit-krb5>=1.6.3<1.10.3nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415 mit-krb5>=1.6.3<1.10.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016 scmgit-base<1.8.1.4 man-in-the-middle-attack http://secunia.com/advisories/52361/ apache>=2.2<2.2.24 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.2<2.2.24 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 apache>=2.4.0<2.4.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.4.0<2.4.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 sudo<1.7.10p6 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776 poppler<0.22.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788 poppler<0.22.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789 poppler<0.22.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790 adobe-flash-plugin<10.3.183.67 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html adobe-flash-plugin>=11<11.2.202.273 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-08.html libxml2<2.9.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338 libxml2<2.9.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339 openafs<1.6.2 multiple-vulnerabilities https://www.openafs.org/security/OPENAFS-SA-2013-001.txt openafs<1.6.2 denial-of-service https://www.openafs.org/security/OPENAFS-SA-2013-002.txt sun-{jdk,jre}6<6.0.43 multiple-vulnerabilities http://secunia.com/advisories/52451/ sun-{jdk,jre}7<7.0.17 multiple-vulnerabilities http://secunia.com/advisories/52451/ ffmpeg<20130223.1.1.3 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0872 ffmpeg<20130223.1.1.3 double-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0873 ffmpeg<20130223.1.1.3 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0874 ffmpeg<20130223.1.1.3 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0875 ffmpeg<20130223.1.1.3 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0876 ffmpeg<20130223.1.1.3 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0877 ffmpeg<20130223.1.1.3 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0878 ffmpeg<20130223.1.1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2276 ffmpeg<20130223.1.1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2277 ruby{18,193}-extlib<0.9.16 remote-system-access http://secunia.com/advisories/52440/ stunnel<4.55 multiple-vulnerabilities http://secunia.com/advisories/52460/ perl<5.16.2nb4 denial-of-service http://secunia.com/advisories/52472/ mediawiki<1.20.3 multiple-vulnerabilities http://secunia.com/advisories/52485/ typo3<4.5.24 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ typo3>=4.6.0<4.6.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ typo3>=4.7.0<4.7.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ php53-soap<5.3.22 sensitive-information-exposure http://secunia.com/advisories/52377/ php54-soap<5.4.12 sensitive-information-exposure http://secunia.com/advisories/52377/ icu<50.1.1 unknown-impact http://secunia.com/advisories/52511/ suse{,32}_qt4<12.1nb3 local-security-bypass http://support.novell.com/security/cve/CVE-2013-0254.html openjdk7{,-bin}<1.7.16 multiple-vulnerabilities http://secunia.com/advisories/52490/ wireshark<1.8.6 denial-of-service http://secunia.com/advisories/52471/ firefox17<17.0.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.4 firefox<19.0.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19.0.2 thunderbird<17.0.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.4 seamonkey<2.16.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16.1 webkit-gtk<2.1.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 webkit-gtk3<2.1.1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 adobe-flash-plugin<10.3.183.68 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html adobe-flash-plugin>=11<11.2.202.275 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-09.html ffmpeg<20130315.1.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg<20130315.1.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ffmpeg010<20150312.0.10.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg010<20150312.0.10.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1640/ ruby1{8,9,93}-puppet<3.1.1 insufficient-input-validation http://puppetlabs.com/security/cve/CVE-2013-1652/ ruby1{8,9,93}-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1653/ ruby1{8,9,93}-puppet<3.1.1 weak-cryptography http://puppetlabs.com/security/cve/CVE-2013-1654/ ruby193-puppet<3.1.1 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-1655/ ruby1{8,9,93}-puppet<2.6.18 remote-code-execution http://puppetlabs.com/security/cve/CVE-2013-2274/ ruby1{8,9,93}-puppet<3.1.1 remote-security-bypass http://puppetlabs.com/security/cve/CVE-2013-2275/ squid>=3.2<3.3.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1839 php{53,54}-owncloud<4.5.8 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1851 clamav<0.97.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7088 clamav<0.97.7 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7087 clamav<0.97.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-7089 ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/ mysql-server>=5.1<5.1.70 denial-of-service http://secunia.com/advisories/52639/ mysql-server>=5.5<5.5.32 denial-of-service http://secunia.com/advisories/52639/ mysql-server>=5.6<5.6.12 denial-of-service http://secunia.com/advisories/52639/ ruby{18,19,193}-ruby-activerecord<3.2.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855 ruby{18,19,193}-ruby-activesupport<3.2.13 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857 djvulibre-lib<3.5.25.3 remote-code-execution http://secunia.com/advisories/52697/ ptlib<2.10.10 denial-of-service http://secunia.com/advisories/52659/ ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/52673/ py{25,26,27,31,32}-pip<1.3 insecure-temp-files http://secunia.com/advisories/52674/ x3270<3.3.12ga12 man-in-the-middle-attack http://secunia.com/advisories/52650/ mysql-client>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/ mysql-server>=5.1<5.1.65 multiple-vulnerabilities http://secunia.com/advisories/52445/ mysql-client>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/ mysql-server>=5.1<5.1.65 sensitive-information-exposure http://secunia.com/advisories/52669/ tnftpd<20130322 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0418 se<3.0.1 local-command-inject http://se-editor.org/security/SE-SA-2013-001.txt asterisk>=11.0<11.2.2 buffer-overflow http://downloads.digium.com/pub/security/AST-2013-001.html asterisk>=1.8<1.8.20.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=10.0<10.12.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=11.0<11.2.2 denial-of-service http://downloads.digium.com/pub/security/AST-2013-002.html asterisk>=1.8<1.8.20.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html asterisk>=10.0<10.12.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html asterisk>=11.0<11.2.2 information-disclosure http://downloads.digium.com/pub/security/AST-2013-003.html moodle>=2.3<2.3.5 multiple-vulnerabilities http://secunia.com/advisories/52691/ moodle>=2.4<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/52691/ libxslt<1.1.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139 roundcube<0.8.6 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1904 bind>=9.7<9.7.7nb5 denial-of-service https://kb.isc.org/article/AA-00871 bind>=9.8<9.8.4pl2 denial-of-service https://kb.isc.org/article/AA-00871 bind>=9.9<9.9.2pl2 denial-of-service https://kb.isc.org/article/AA-00871 pixman<0.28.2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1591 ap{2,22}-modsecurity{,2}<2.7.3 sensitive-information-exposure http://secunia.com/advisories/52847/ firefox17<17.0.5 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.5 firefox<20 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox20 thunderbird<17.0.5 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5 seamonkey<2.17 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.17 xulrunner17<17.0.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-30.html xulrunner<20 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-30.html samba>=3.6<3.6.5 local-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454 postgresql83-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql84-server<8.4.17 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql90-server<9.0.13 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql91-server<9.1.9 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ postgresql92-server<9.2.4 multiple-vulnerabilities http://www.postgresql.org/about/news/1456/ opera<12.15 multiple-vulnerabilities http://secunia.com/advisories/52859/ haproxy<1.4.23 denial-of-service http://secunia.com/advisories/52725/ php{53,54}-owncloud<5.0.1 multiple-vulnerabilities http://secunia.com/advisories/52833/ mantis<1.2.15 cross-site-scripting http://secunia.com/advisories/52843/ mantis<1.2.14 cross-site-scripting http://secunia.com/advisories/52883/ xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/52857/ xenkernel41<4.1.4nb2 privilege-escalation http://secunia.com/advisories/52857/ ap{2,22}-subversion<1.7.9 denial-of-service http://secunia.com/advisories/52966/ adobe-flash-plugin<10.3.183.75 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html adobe-flash-plugin>=11<11.2.202.280 arbitrary-code-execution http://www.adobe.com/support/security/bulletins/apsb13-11.html php{53,54}-owncloud<5.0.4 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1942 php{53,54}-owncloud<5.0.4 weak-password-generator https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1941 php{53,54}-owncloud<5.0.4 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1939 curl<7.30 remote-information-disclosure http://secunia.com/advisories/53051/ suse{,32}_libcurl<12.1nb1 remote-information-disclosure http://support.novell.com/security/cve/CVE-2013-1944.html mediawiki<1.20.4 multiple-vulnerabilities http://secunia.com/advisories/53054/ qemu<1.4.1 local-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1922 mit-krb5<1.10.4nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416 xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00005.html xenkernel41<4.1.4nb2 denial-of-service http://lists.xen.org/archives/html/xen-announce/2013-04/msg00006.html libxml2<2.9.0nb3 multiple-vulnerabilities http://secunia.com/advisories/53061/ suse{,32}_libxml2<12.1nb6 multiple-vulnerabilities http://support.novell.com/security/cve/CVE-2013-1969.html sun-{jdk,jre}6<6.0.45 multiple-vulnerabilities http://secunia.com/advisories/53008/ sun-{jdk,jre}7<7.0.21 multiple-vulnerabilities http://secunia.com/advisories/53008/ icedtea-web<1.2.3 multiple-vulnerabilities http://secunia.com/advisories/53109/ mysql-server>=5.1<5.1.69 multiple-vulnerabilities http://secunia.com/advisories/53022/ mysql-server>=5.5<5.5.31 multiple-vulnerabilities http://secunia.com/advisories/53022/ mysql-server>=5.6<5.6.11 multiple-vulnerabilities http://secunia.com/advisories/53022/ php{53,54}-owncloud<5.0.5 multiple-vulnerabilities http://secunia.com/advisories/53118/ libxmp<4.1.0 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1980 tinc<1.0.21 remote-system-access http://secunia.com/advisories/53108/ phpmyadmin<3.5.8 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php phpmyadmin<3.5.8.1 remote-system-access http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php clamav<0.97.8 multiple-vulnerabilities http://secunia.com/advisories/53150/ mediawiki<1.20.5 multiple-vulnerabilities http://secunia.com/advisories/53284/ memcached<1.4.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971 jenkins<1.509.1 multiple-vulnerabilities http://secunia.com/advisories/53286/ jenkins<1.514 multiple-vulnerabilities http://secunia.com/advisories/53286/ xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53187/ nginx>=1.3.9<1.4.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028 abcmidi<20130430 arbitrary-code-execution http://secunia.com/advisories/53318/ qemu<1.4.2 data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007 telepathy-idle<0.1.16 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6746 mit-krb5<1.10.4nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 mit-krb5>=1.10.5<1.10.5nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 firefox17<17.0.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.6 firefox<21 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox21 thunderbird<17.0.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.6 xulrunner17<17.0.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-41.html xulrunner<21 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-41.html tiff<4.0.3nb3 multiple-vulnerabilities http://secunia.com/advisories/53237/ xenkernel41<4.1.6.1 denial-of-service http://secunia.com/advisories/53312/ apache-tomcat>=7<7.0.33 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544 adobe-flash-plugin<10.3.183.86 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-14.html php{53,54}-owncloud<5.0.6 multiple-vulnerabilities http://secunia.com/advisories/53392/ ruby193-base<1.9.3p429 local-security-bypass http://secunia.com/advisories/53432/ acroread9<9.5.5 multiple-vulnerabilities https://www.adobe.com/support/security/bulletins/apsb13-15.html libvirt>1.0.0 denial-of-service http://secunia.com/advisories/53440/ wireshark<1.8.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486 wireshark<1.8.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487 wireshark<1.8.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 moodle<2.4.4 multiple-vulnerabilities http://secunia.com/advisories/52522/ dovecot>=2<2.2.2 denial-of-service http://secunia.com/advisories/53492/ suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1960.html suse{,32}_libtiff<12.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-1961.html xentools41<4.1.6.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 xentools42<4.2.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 rt<3.8.17 multiple-vulnerabilities http://secunia.com/advisories/53522/ rt>=4<4.0.13 multiple-vulnerabilities http://secunia.com/advisories/53522/ transifex-client<0.9 ssl-certificate-spoofing http://secunia.com/advisories/53413/ xf86-video-openchrome<0.3.3 buffer-overflow http://secunia.com/advisories/53424/ MesaLib<7.11.2nb3 multiple-vulnerabilities http://secunia.com/advisories/53558/ libXinerama<1.1.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985 libXtst<1.2.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXxf86vm<1.1.3 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXvmc<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXxf86dga<1.1.4 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXext<1.3.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXfixes<5.0.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXp<1.0.2 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libFS<1.0.5 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXrender<0.9.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXrandr<1.4.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXt<1.1.4 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXres<1.0.7 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXv<1.0.8 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libXcursor<1.1.14 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libxcb<1.9.1 buffer-overflow http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libX11<1.5.99.902 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 libraw<0.15.2 remote-system-access http://secunia.com/advisories/53547/ ap{2,22}-modsecurity{,2}<2.7.4 denial-of-service http://secunia.com/advisories/53535/ apache<2.0.65 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 apache>=2.2<2.2.24nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 gnutls>=2.12.23<3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116 telepathy-gabble<0.16.6 remote-security-bypass http://www.secunia.com/advisories/53626/ subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-2112-advisory.txt subversion-base<1.7.10 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt subversion16-base<1.6.23 denial-of-service http://subversion.apache.org/security/CVE-2013-1968-advisory.txt bind>=9.6.3.1.ESV.9<9.6.3.1.ESV.9pl1 denial-of-service https://kb.isc.org/article/AA-00967 bind>=9.8.5<9.8.5pl1 denial-of-service https://kb.isc.org/article/AA-00967 bind>=9.9.3<9.9.3pl1 denial-of-service https://kb.isc.org/article/AA-00967 suse{,32}<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<12.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54}-owncloud<5.0.7 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2149 php{53,54}-owncloud<5.0.7 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2150 php>=5.3<5.3.26 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 php>=5.4<5.4.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 MesaLib<10 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1872 xenkernel41<4.1.6.1 multiple-vulnerabilities http://secunia.com/advisories/53591/ xenkernel42<4.2.3 multiple-vulnerabilities http://secunia.com/advisories/53591/ wireshark<1.8.8 multiple-vulnerabilities http://secunia.com/advisories/53762/ adobe-flash-plugin<10.3.183.90 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html adobe-flash-plugin>=11<11.2.202.280 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-16.html wordpress<3.5.2 denial-of-service http://secunia.com/advisories/53676/ xenkernel20-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel3-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel33-[0-9]* privilege-escalation http://secunia.com/advisories/53686/ xenkernel41<4.1.6.1 privilege-escalation http://secunia.com/advisories/53686/ xenkernel42<4.2.3 privilege-escalation http://secunia.com/advisories/53686/ dbus<1.6.12 denial-of-service http://secunia.com/advisories/53317/ haproxy<1.4.24 denial-of-service http://secunia.com/advisories/53803/ firefox17<17.0.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.7 firefox<22 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox22 thunderbird<17.0.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.7 xulrunner17<17.0.7 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-49.html xulrunner<22 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-49.html acroread9-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xml-security-c<1.7.1 remote-spoofing http://santuario.apache.org/secadv.data/CVE-2013-2153.txt xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2154.txt xml-security-c<1.7.1 denial-of-service http://santuario.apache.org/secadv.data/CVE-2013-2155.txt xml-security-c<1.7.1 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2156.txt ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/53766/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/53766/ #ffmpeg2 not affected by http://secunia.com/advisories/53766/ sun-{jdk,jre}6<6.0.51 multiple-vulnerabilities http://secunia.com/advisories/53846/ sun-{jdk,jre}7<7.0.25 multiple-vulnerabilities http://secunia.com/advisories/53846/ openjdk7{,-bin}<1.7.25 multiple-vulnerabilities http://secunia.com/advisories/53846/ vlc<2.0.7 multiple-vulnerabilities http://www.videolan.org/vlc/releases/2.0.7.html xentools41<4.1.6.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 xentools42<4.2.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 curl>=7.7<7.30.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174 xml-security-c<1.7.2 arbitrary-code-execution http://santuario.apache.org/secadv.data/CVE-2013-2210.txt xenkernel41<4.1.6.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 xenkernel42<4.2.3 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 ruby18-base<1.8.7.374 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ ruby193-base<1.9.3p448 remote-spoofing http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/ ruby18-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery-1.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery<3.0.8 cross-site-scripting http://secunia.com/advisories/53664/ gallery<3.0.9 unknown http://secunia.com/advisories/53964/ libzrtpcpp<3.2.0 multiple-vulnerabilities http://secunia.com/advisories/53818/ ruby1{8,9,93}-puppet<3.2.2 remote-system-access http://puppetlabs.com/security/cve/CVE-2013-3567/ libvirt<1.1.0 denial-of-service http://secunia.com/advisories/53969/ salt<0.15.1 multiple-vulnerabilities http://secunia.com/advisories/53958/ libXi<1.7.2 multiple-vulnerabilities http://www.debian.org/security/2013/dsa-2683 mantis<1.2.15 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=249 quagga<0.99.22.3 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236 suse{,32}_libcurl<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2174.html libkdcraw-[0-9]* remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2126 suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2062.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1981.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-1997.html suse{,32}_x11<13.1 remote-system-access http://support.novell.com/security/cve/CVE-2013-2004.html ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54044/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54044/ #ffmpeg2 not affected by http://secunia.com/advisories/54044/ subversion16{,-base}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adove-flash-plugin-10.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adobe-flash-plugin>=11<11.2.202.297 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb13-17.html vlc<2.0.8 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245 libxml2>2.8.0<2.9.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877 squid<3.3.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115 php<5.3.27 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 nagstamon<0.9.10 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4114 squid<3.3.8 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2013_3.txt apache<2.2.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896 apache-ant<1.9.2 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/54164/ ffmpeg010<20150312.0.10.16 multiple-vulnerabilities http://secunia.com/advisories/54164/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54164/ moodle<2.5.1 multiple-vulnerabilities http://secunia.com/advisories/54130/ cyrus-saslauthd<2.1.26nb2 denial-of-service http://secunia.com/advisories/54098/ php{53,54,55}-tiki6<6.12 multiple-vulnerabilities http://secunia.com/advisories/54149/ openoffice3-[0-9]* remote-system-access http://secunia.com/advisories/54133/ openoffice3-bin-[0-9]* remote-system-access http://secunia.com/advisories/54133/ openafs<1.6.5 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt openafs>=1.7<1.7.26 sensitive-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2013-004.txt xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/53797/ xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/53797/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/53797/ libvirt-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54169/ apache>=2.4<2.4.6 multiple-vulnerabilities http://secunia.com/advisories/54241/ php>=5.4<5.4.17nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 icedtea-web<1.5prenb3 multiple-vulnerabilities http://secunia.com/advisories/53846/ minidlna<1.1.0 sql-injection http://secunia.com/advisories/54127/ wireshark<1.8.9 multiple-vulnerabilities http://secunia.com/advisories/54296/ wireshark>=1.9<1.10.1 multiple-vulnerabilities http://secunia.com/advisories/54296/ phpmyadmin<3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php phpmyadmin<=3.5.8.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php phpmyadmin>=4<4.0.4.2 sql-injection http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php bind>=9.8<9.8.5pl2 denial-of-service https://kb.isc.org/article/AA-01016 bind>=9.9<9.9.3pl2 denial-of-service https://kb.isc.org/article/AA-01016 py{26,27,32,33}-django<1.6 sensitive-information-exposure http://secunia.com/advisories/54197/ gnupg<1.4.14 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 libgcrypt<1.5.3 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 typo3<4.5.29 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=4.7<4.7.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=6.0<6.0.8 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ typo3>=6.1<6.1.3 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-002/ libvirt-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4153 libvirt-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4154 apache-2.0.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba<3.5.22 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124 samba>3.6<3.6.17 denial-of-service http://www.samba.org/samba/security/CVE-2013-4124 putty<0.62nb10 heap-overflow http://secunia.com/advisories/54354/ php{53,54}-owncloud<5.0.8 cross-site-scripting http://secunia.com/advisories/54357/ firefox<23 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox23 firefox17<17.0.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8 thunderbird<17.0.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.8 seamonkey<2.20 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.20 xulrunner17<17.0.8 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-63.html xulrunner<23 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-63.html cacti<0.8.8b sql-injection http://secunia.com/advisories/54386/ filezilla<3.7.2 multiple-vulnerabilities http://secunia.com/advisories/54415/ libmodplug<0.8.8.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 libmodplug<0.8.8.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 vlc<2.0.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.8 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388 chrony<1.29 multiple-vulnerabilities http://secunia.com/advisories/54385/ polarssl<1.2.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4623 dovecot>=2<2.2.5 denial-of-service http://secunia.com/advisories/54438/ libvirt-[0-9]* denial-of-service http://secunia.com/advisories/54400/ python26<2.6.8nb4 ssl-certificate-spoofing http://secunia.com/advisories/54393/ python27<2.7.5nb1 ssl-certificate-spoofing http://secunia.com/advisories/54393/ python32-[0-9]* ssl-certificate-spoofing http://secunia.com/advisories/54393/ python33<3.3.3 ssl-certificate-spoofing http://secunia.com/advisories/54393/ php>=5.3<5.3.27nb2 ssl-certificate-spoofing http://secunia.com/advisories/54480/ php>=5.4<5.4.17nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/ php>=5.5<5.5.1nb1 ssl-certificate-spoofing http://secunia.com/advisories/54480/ ruby193-puppet<3.2.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761 phpmyadmin<4.0.5 clickjacking-attack http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php py{26,27,32,33}-django>=1.5<1.5.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 py{26,27,32,33}-django<1.4.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html xenkernel42<4.2.5 denial-of-service http://xenbits.xenproject.org/xsa/advisory-59.html ffmpeg1<1.2.12 denial-of-service http://secunia.com/advisories/54389/ ffmpeg010<20150312.0.10.16 denial-of-service http://secunia.com/advisories/54389/ ffmpeg2<2.1 denial-of-service http://secunia.com/advisories/54389/ py{26,27,32,33}-graphite-web<0.9.11 remote-system-access http://secunia.com/advisories/54556/ ffmpeg2<2.0.1 denial-of-service http://secunia.com/advisories/54541/ ruby1{8,9,93}-puppet<3.2.4 multiple-vulnerabilities http://secunia.com/advisories/54623/ cacti<0.8.8b multiple-vulnerabilities http://secunia.com/advisories/54531/ asterisk>=1.8.17<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-004.html asterisk>=1.8<1.8.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html asterisk>=10.0<10.12.3 information-disclosure http://downloads.digium.com/pub/security/AST-2013-005.html asterisk>=11.0<11.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-005.html roundcube<0.9.3 cross-site-scripting http://secunia.com/advisories/54536/ tiff<4.0.3nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231 tiff<4.0.3nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232 tiff<4.0.3nb6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243 ImageMagick<6.7.8.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4298 mediawiki<1.21.2 multiple-vulnerabilities http://secunia.com/advisories/54715/ mediawiki<1.21.2 remote-security-bypass http://secunia.com/advisories/54723/ ansible<1.2.3 symlink-attack http://secunia.com/advisories/54686/ typo3>=6.0<6.0.9 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/ typo3>=6.1<6.1.4 remote-security-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-003/ py{26,27,32,33}-OpenSSL<0.13.1 information-disclosure http://secunia.com/advisories/54691/ moodle<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/54693/ wireshark<1.10.2 multiple-vulnerabilities http://secunia.com/advisories/54765/ adobe-flash-plugin<11.2.202.310 system-compromise http://www.adobe.com/support/security/bulletins/apsb13-21.html wordpress<3.6.1 multiple-vulnerabilities http://secunia.com/advisories/54803/ py{26,27,32,33}-django>=1.5<1.5.3 sensitive-information-disclosure http://secunia.com/advisories/54772/ py{26,27,32,33}-django<1.4.7 sensitive-information-disclosure http://secunia.com/advisories/54772/ xentools41<4.1.6.1 denial-of-service http://secunia.com/advisories/54593/ xentools42<4.2.3 denial-of-service http://secunia.com/advisories/54593/ py{26,27,32,33}-django>=1.5<1.5.4 denial-of-service http://secunia.com/advisories/54815/ py{26,27,32,33}-django<1.4.8 denial-of-service http://secunia.com/advisories/54815/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54857/ firefox<24 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox24 firefox17<17.0.9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9 thunderbird<17.0.9 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.9 seamonkey<2.21 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.21 xulrunner17<17.0.9 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-76.html xulrunner<24 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-76.html mplayer<1.1.1 remote-data-manipulation http://secunia.com/advisories/54871/ hplip<3.13.10 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 polkit<0.112 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288 ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/54921/ libvirt-0.[0-9]* denial-of-service http://secunia.com/advisories/54804/ ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54972/ ffmpeg2<2.1.4 denial-of-service http://secunia.com/advisories/54967/ ruby1{8,9,93}-rubygems<2.0.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby193-base<1.9.3p448nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby200-base<2.0.0p247nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55122/ vino<3.9.92 denial-of-service http://secunia.com/advisories/54995/ xenkernel41<4.1.6.1nb1 information-leak http://secunia.com/advisories/54838/ xenkernel42<4.2.4 information-leak http://secunia.com/advisories/54838/ xenkernel33-[0-9]* information-leak http://secunia.com/advisories/54838/ librsvg<2.36.4nb6 information-disclosure http://secunia.com/advisories/55088/ gnupg<1.4.15 denial-of-service http://secunia.com/advisories/55071/ gnupg2<2.0.22 denial-of-service http://secunia.com/advisories/55071/ dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-4421 dropbear<2013.59 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2013-4434 nss<3.15.2 uninitialized-memory-read http://secunia.com/advisories/55050/ libtar-[0-9]* data-manipulation http://secunia.com/advisories/55138/ libvirt-1.[0-9]* denial-of-service http://secunia.com/advisories/55202/ libtar<1.2.20 arbitrary-code-execution http://secunia.com/advisories/55188/ ap{2,22}-fcgid<2.3.9 buffer-overflow http://secunia.com/advisories/55197/ vino<3.9.92 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745 libvirt-1.[0-9]* multiple-vulnerabilities http://secunia.com/advisories/54786/ isync<1.0.6 man-in-the-middle-attack http://secunia.com/advisories/55190/ xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55229/ xentools42<4.2.4 denial-of-service http://secunia.com/advisories/55239/ modular-xorg-server<1.12.4nb3 system-compromise https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396 polarssl<1.2.9 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5915 ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/55293/ py{26,27,32,33}-scipy<0.12.1 privilege-escalation http://secunia.com/advisories/55256/ opera<12.16 unknown-impact http://www.opera.com/docs/changelogs/unified/1216/ sun-{jdk,jre}6<6.0.65 multiple-vulnerabilities http://secunia.com/advisories/55315/ sun-{jdk,jre}7<7.0.45 multiple-vulnerabilities http://secunia.com/advisories/55315/ openjdk7{,-bin}<1.7.45 multiple-vulnerabilities http://secunia.com/advisories/55315/ icu<51.2nb1 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924 ruby1{8,9,93}-actionmailer<3.2.15 denial-of-service http://secunia.com/advisories/55240/ openldap-server<2.4.39nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449 mysql-server>=5.1<5.1.71 multiple-vulnerabilities http://secunia.com/advisories/55327/ mysql-server>=5.5<5.5.33 multiple-vulnerabilities http://secunia.com/advisories/55327/ mysql-server>=5.6<5.6.13 multiple-vulnerabilities http://secunia.com/advisories/55327/ nodejs<0.10.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55234/ roundcube<0.9.5 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6172 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55460/ mantis<1.2.16 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4460 firefox<25 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox25 firefox24<24.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17<17.0.10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird<17.0.10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.10 seamonkey<2.22 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.22 xulrunner17<17.0.10 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-93.html xulrunner<25 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-93.html poppler-utils<0.24.3 format-string http://secunia.com/advisories/55258/ php{53,54,55}-tiki6<6.13 multiple-vulnerabilities http://secunia.com/advisories/55403/ varnish<3.0.5 denial-of-service http://secunia.com/advisories/55452/ ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/55504/ wireshark<1.10.3 multiple-vulnerabilities http://secunia.com/advisories/55492/ xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55200/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55200/ xenkernel33-[0-9]* denial-of-service http://secunia.com/advisories/55200/ python26-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh>=6.2<6.4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548 samba<3.6.20 security-bypass http://www.samba.org/samba/security/CVE-2013-4475 samba>=4<4.1.1 security-bypass http://www.samba.org/samba/security/CVE-2013-4475 samba>=4<4.1.1 sensitive-information-exposure http://www.samba.org/samba/security/CVE-2013-4476 xenkernel41-[0-9]* denial-of-service http://secunia.com/advisories/55398/ xenkernel42<4.2.4 denial-of-service http://secunia.com/advisories/55398/ blender<2.71 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5105 freeradius<2.2.0 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 adobe-flash-plugin<11.2.202.327 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-26.html libjpeg-turbo<1.3.1 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 lighttpd<1.4.34 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559 salt<0.17.1 multiple-vulnerabilities http://secunia.com/advisories/55625/ mit-krb5<1.10.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418 mit-krb5<1.10.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800 mediawiki<1.21.3 multiple-vulnerabilities http://secunia.com/advisories/55743/ nss<3.15.3 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741 nss<3.14.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605 nss<3.15.3 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606 drupal<6.29 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003 drupal>=7.0<7.24 multiple-vulnerabilities https://drupal.org/SA-CORE-2013-003 python26<2.6.9 multiple-vulnerabilities http://www.python.org/getit/releases/2.6.9/ nginx>=0.8.41<1.4.4 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 nginx>=1.5<1.5.7 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 ruby193-base<1.9.3p484 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ ruby200-base<2.0.0p353 arbitrary-code-execution https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164/ dovecot>=2<2.2.7 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6171 unrealircd<3.2.10.2 multiple-vulnerabilities http://secunia.com/advisories/55839/ moodle<2.5.3 multiple-vulnerabilities http://secunia.com/advisories/55835/ thunderbird<24.1.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.1.1 jetty<7.6.14 remote-security-bypass http://secunia.com/advisories/55861/ subversion{,-base}<1.8.5 remote-security-bypass http://secunia.com/advisories/55855/ php{53,54,55}-owncloud<5.0.13 remote-security-bypass http://secunia.com/advisories/55792/ xenkernel42<4.2.4 privilege-escalation http://secunia.com/advisories/55650/ ffmpeg2<2.1 multiple-vulnerabilities http://secunia.com/advisories/55802/ openttd<1.3.3 denial-of-service http://secunia.com/advisories/55589/ ganglia-webfrontend-[0-9]* cross-site-scripting http://secunia.com/advisories/55854/ links{,-gui}<2.8 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6050 gimp<2.8.10nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978 pixman<0.32.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425 ruby{193,200}-i18n<0.6.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492 libmicrohttpd<0.9.32 multiple-vulnerabilities http://secunia.com/advisories/55903/ ffmpeg1<1.2.12 multiple-vulnerabilities http://secunia.com/advisories/55946/ ffmpeg010<20140629.0.10.14 multiple-vulnerabilities http://secunia.com/advisories/55946/ ffmpeg2<2.2 multiple-vulnerabilities http://secunia.com/advisories/55946/ openjpeg<1.5.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg<1.5.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg<1.5.2 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg<1.5.2 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg<1.5.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg<1.5.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887 xenkernel42<4.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 xenkernel41<4.1.6.1nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 typo3<4.5.32 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=4.7<4.7.17 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=6.0<6.0.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ typo3>=6.1<6.1.7 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-004/ gimp<2.8.10nb2 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913 libwebp<0.2.1 remote-system-access http://secunia.com/advisories/55951/ xenkernel42<4.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6400 firefox17<17.0.10 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird17-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird17-[0-9]* multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 thunderbird<24.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 seamonkey<2.23 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.23 xulrunner17-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner17-[0-9]* arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner24<24.2 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner<26 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2013-104.html modular-xorg-server<1.12.4nb7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424 adobe-flash-plugin<11.2.202.332 remote-system-access http://www.adobe.com/support/security/bulletins/apsb13-28.html samba>=3.4.0<3.6.22 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408 samba>=4<4.1.3 buffer-overflow http://www.samba.org/samba/security/CVE-2013-4408 net-snmp<5.7.2nb5 denial-of-service http://secunia.com/advisories/55804/ ruby{193,200}-rails<3.2.16 multiple-vulnerabilities http://secunia.com/advisories/55864/ php>=5.3<5.3.28 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.4<5.4.23 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.5<5.5.7 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 asterisk>=1.8<1.8.24.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=10.0<10.12.4 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=11.0<11.6.1 denial-of-service http://downloads.digium.com/pub/security/AST-2013-006.html asterisk>=1.8<1.8.24.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=10.0<10.12.4 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=11.0<11.6.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2013-007.html asterisk>=10<11 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo-[0-9]* cross-site-scripting http://secunia.com/advisories/56099/ wireshark<1.10.4 denial-of-service http://secunia.com/advisories/56097/ qt4-libs<4.8.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549 gnumeric<1.12.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6836 firefox<26 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox26 firefox24<24.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.2 gnupg<1.4.16 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576 py{33,32,27,26}-denyhosts<2.6nb4 denial-of-service http://seclists.org/oss-sec/2013/q4/535 libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56245/ ruby{193,200}-will-paginate<3.0.5 cross-site-scripting http://secunia.com/advisories/56180/ ruby{193,200}-nokogiri<1.5.11 denial-of-service http://secunia.com/advisories/56179/ ruby{19,193,200}-puppet<3.4.1 insecure-temp-file http://secunia.com/advisories/56253/ icinga-base<1.8.5 multiple-vulnerabilities https://www.icinga.org/2013/12/17/icinga-security-releases-1-10-2-1-9-4-1-8-5/ memcached<1.4.17 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239 poppler<0.24.5 denial-of-service http://secunia.com/advisories/56268/ openssl<1.0.1f denial-of-service http://secunia.com/advisories/56286/ graphviz<2.34.0nb4 buffer-overflow http://secunia.com/advisories/55666/ mapserver<6.4.1 arbitrary-sql-injection http://secunia.com/advisories/56155/ nagios-base<3.5.0nb2 denial-of-service http://secunia.com/advisories/55976/ p5-Proc-Daemon<0.14nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7135 libXfont>=1.1<1.4.6nb1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 kwallet<4.12 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252 freerdp-[0-9]* unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0791 ntp<4.2.7p26 traffic-amplification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 flite<2.1 local-symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56186/ ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56352/ py{33,32,27,26}-jinja2<2.7.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1402 bind<9.6.3.1.ESV.10pl2 denial-of-service https://kb.isc.org/article/AA-01078 bind>=9.7<9.8.6pl2 denial-of-service https://kb.isc.org/article/AA-01078 bind>=9.9<9.9.4pl2 denial-of-service https://kb.isc.org/article/AA-01078 suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6449.html suse{,32}_openssl<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6450.html nss<3.15.4 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740 libxslt<1.1.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520 sun-{jdk,jre}7<7.0.51 multiple-vulnerabilities http://secunia.com/advisories/56485/ openjdk7{,-bin}<1.7.51 multiple-vulnerabilities http://secunia.com/advisories/56485/ libvirt-[0-9]* denial-of-service http://secunia.com/advisories/56321/ suse{,32}_x11<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2013-6462.html ejabberd<2.1.12 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6169 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56414/ drupal<6.30 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001 drupal>=7.0<7.26 multiple-vulnerabilities https://drupal.org/SA-CORE-2014-001 ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/56525/ moodle<2.5.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0009 moodle<2.5.4 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0010 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6451 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6452 mediawiki<1.21.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2013-6453 mediawiki<1.21.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6454 mediawiki<1.21.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-6472 mysql-server>=5.1<5.1.73 multiple-vulnerabilities http://secunia.com/advisories/56491/ mysql-server>=5.5<5.5.35 multiple-vulnerabilities http://secunia.com/advisories/56491/ mysql-server>=5.6<5.6.15 multiple-vulnerabilities http://secunia.com/advisories/56491/ jenkins-[0-9]* script-insertion http://secunia.com/advisories/56152/ hplip<3.14.1 multiple-vulnerabilities http://secunia.com/advisories/53644/ mupdf<1.3nb2 buffer-overflow http://secunia.com/advisories/56538/ xenkernel42<4.2.4 memory-corruption http://lists.xen.org/archives/html/xen-announce/2014-01/msg00001.html xenkernel41<4.1.6.1nb6 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html xenkernel42<4.2.4 denial-of-service http://lists.xen.org/archives/html/xen-announce/2014-01/msg00002.html contao211<2.11.14 php-object-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao31-[0-9]* php-object-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao32<3.2.5 php-object-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 libyaml<0.1.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 p5-YAML-LibYAML<0.41nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 firefox17-[0-9]* multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox24<24.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.3 firefox<27 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox27 thunderbird<24.3 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.3 seamonkey<2.24 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.24 xulrunner24<24.3 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2014-01.html xulrunner<27 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2014-01.html libpurple<2.10.8 multiple-vulnerabilities http://secunia.com/advisories/56693/ VLC<2.1.2 remote-system-access http://secunia.com/advisories/56676/ adobe-flash-plugin<11.2.202.335 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-02.html adobe-flash-plugin<11.2.202.336 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-04.html curl>=7.10.6<7.35.0 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 mpg123>1.14<1.18.0 remote-system-access http://secunia.com/advisories/56729/ apache-tomcat>=6<6.0.39 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 mysql-client<5.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.5<5.5.37 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.6<5.6.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mediawiki<1.21.5 multiple-vulnerabilities http://secunia.com/advisories/56695/ ruby{19,193,200}-puppet<3.1.2 denial-of-service http://secunia.com/advisories/56670/ py{33,32,27,26}-denyhosts<2.6nb5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890 python27<2.7.6nb1 remote-system-access http://secunia.com/advisories/56624/ python31-[0-9]* remote-system-access http://secunia.com/advisories/56624/ python32-[0-9]* remote-system-access http://secunia.com/advisories/56624/ python33<3.3.3nb1 remote-system-access http://secunia.com/advisories/56624/ python31-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde-[0-9]* remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1691 apache-tomcat>=7<7.0.51 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 ap{2,22,24}-subversion<1.8.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032 python32-[0-9]* denial-of-service http://secunia.com/advisories/56627/ python33<3.3.4 denial-of-service http://secunia.com/advisories/56627/ py{33,32,27,26}-logilab-common-[0-9]* insecure-temp-file http://secunia.com/advisories/56720/ xenkernel41-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html xenkernel42<4.2.4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-84.html xenkernel42<4.2.4 multiple-vulnerabilities http://xenbits.xenproject.org/xsa/advisory-85.html mantis<1.2.16 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-001.html contao211<2.11.14 multiple-vulnerabilities http://secunia.com/advisories/56755/ contao32>=3<3.2.5 multiple-vulnerabilities http://secunia.com/advisories/56755/ contao210-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao29-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao30-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao31-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.8.8.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.8.8.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2030 ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56838/ ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56847/ gnutls<3.2.11 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 php55-gd<5.5.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7226 ffmpeg2<2.2.1 arbitrary-code-execution http://secunia.com/advisories/56971/ icinga-base<1.9.5 buffer-overflow https://www.icinga.org/2014/02/11/bugfix-releases-1-10-3-1-9-5-1-8-6/ maradns<2.0.09 denial-of-service http://secunia.com/advisories/57033/ png<1.6.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954 flite<1.4 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 socat<1.7.2.3 buffer-overflow http://www.dest-unreach.org/socat/contrib/socat-secadv5.txt file<5.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 file<5.17 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/56987/ ffmpeg2<2.2.1 multiple-vulnerabilities http://secunia.com/advisories/57066/ freeradius<2 denial-of-service http://secunia.com/advisories/56956/ freeradius>=2<2.2.0nb8 denial-of-service http://secunia.com/advisories/56956/ ruby{193,200}-actionpack<3.2.17 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081 ruby{193,200}-actionpack<3.2.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082 adobe-flash-plugin<11.2.202.341 remote-system-access http://www.adobe.com/support/security/bulletins/apsb14-07.html phpmyadmin<4.0.10nb1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php phpmyadmin>=4.1<4.1.7 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php postgresql84-server<8.4.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql90-server<9.0.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql91-server<9.1.12 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql92-server<9.2.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ postgresql93-server<9.3.3 multiple-vulnerabilities http://www.postgresql.org/about/news/1506/ libvirt>=1.0.1<1.2.1 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6456 apache-tomcat>=6<6.0.39 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=6<6.0.39 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=6<6.0.39 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 apache-tomcat>=6.0.33<6.0.39 session-fixation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033 apache-tomcat>=7<7.0.40 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071 apache-tomcat>=7<7.0.47 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=7<7.0.50 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=7<7.0.50 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 gnutls<3.2.12 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 php<5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.4<5.4.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.5<5.5.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 libssh<0.63 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017 typo3-[0-9]* cross-site-scripting http://secunia.com/advisories/57094/ sudo<1.7.10p8 local-security-bypass http://www.sudo.ws/sudo/alerts/env_add.html stunnel<5 multiple-vulnerabilities http://secunia.com/advisories/57118/ net-snmp<5.7.2.1 denial-of-service http://secunia.com/advisories/57124/ icedtea-web<1.4.2 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6493 png<1.6.10rc01 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0333 p5-Capture-Tiny<0.24 insecure-temp-file http://secunia.com/advisories/56823/ ffmpeg2<2.2.1 denial-of-service http://secunia.com/advisories/57282/ ffmpeg2<2.1.4 multiple-vulnerabilities http://secunia.com/advisories/57298/ ffmpeg<20140305.1.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg<20140305.1.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg<20140305.1.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg<20140305.1.2.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 ffmpeg2<2.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg2<2.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg2<2.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg2<2.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 wireshark<1.10.6 multiple-vulnerabilities http://secunia.com/advisories/57265/ freetype2>=2.4.12<2.5.4 arbitrary-code-execution http://secunia.com/advisories/57291/ asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-001.html asterisk>=1.8<1.8.26.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=11.0<11.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-002.html asterisk>=12.0<12.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-003.html asterisk>=12.0<12.1.0 denial-of-service http://downloads.digium.com/pub/security/AST-2014-004.html php{53,54,55}-orangehrm<3.1.2 cross-site-scripting http://secunia.com/advisories/57206/ mediawiki<1.22.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2242 mediawiki<1.22.3 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2243 mediawiki<1.22.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2244 squid<3.4.4 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2014_1.txt adobe-flash-plugin<11.2.202.346 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-08.html mutt>=1.5<1.5.23 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 lighttpd<1.4.35 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323 lighttpd<1.4.35 path-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324 php{53,54,55}-owncloud<6.0.2 multiple-vulnerabilities http://secunia.com/advisories/57283/ php55-gd<5.5.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7327 php>=5.5<5.5.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php>=5.4<5.4.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php<5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 samba-3.5.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.4<3.6.23 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 imapsync<=1.564 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4279 imapsync<1.584 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2014 gnutls<2.7.6 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138 oath-toolkit<2.4.1 unauthorized-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7322 suse{,32}_openssl<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-4353.html suse{,32}_x11<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2013-6425.html suse{,32}_libpng<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6954.html suse{,32}_qt4<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-4549.html suse{,32}_libpng>=13.1<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-0333.html php53-gd<5.3.28nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php54-gd<5.4.28nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php55-gd<5.5.12nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 moodle<2.5.5 multiple-vulnerabilities http://secunia.com/advisories/57331/ mutt-kz<1.5.22.1rc1nb1 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 firefox<28 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox28 firefox24<24.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.4 thunderbird<24.4 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.4 seamonkey<2.25 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.25 apache>=2.4<2.4.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.4<2.4.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 apache>=2.2<2.2.27 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.2<2.2.27 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 xulrunner24<24.4 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2014-15.html xulrunner<28 arbitrary-code-execution https://www.mozilla.org/security/announce/2013/mfsa2014-15.html jansson<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6401 ruby{193,200,21}-rack-ssl<1.3.3nb2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2538 nss<3.16 multiple-vulnerabilities http://secunia.com/advisories/57465/ openssl>=1.0.1<1.0.1fnb1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssh<6.6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 cacti<0.8.8c cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti<0.8.8c cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327 cacti<0.8.8c arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 icinga-base<1.9.4 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7106 icinga-base<1.9.4 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7108 php>=5.4<5.4.26nb2 denial-of-service http://secunia.com/advisories/57564/ php>=5.5<5.5.10nb2 denial-of-service http://secunia.com/advisories/57564/ claws-mail-vcalendar<3.10.0 remote-spoofing http://secunia.com/advisories/57336/ claws-mail-rssyl<3.10.0 remote-spoofing http://secunia.com/advisories/57336/ libyaml<0.1.5nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 p5-YAML-LibYAML<0.41nb1 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 curl<7.36.0 multiple-vulnerabilities http://secunia.com/advisories/57434/ couchdb<1.5.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2668 ffmpeg010<20130927.0.10.9 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7009 ffmpeg010<20130927.0.10.9 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7010 ffmpeg010<20130927.0.10.9 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7014 ffmpeg010<20130927.0.10.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7015 ffmpeg010<20130927.0.10.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7018 ffmpeg010<20130927.0.10.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7023 ffmpeg010<20140310.0.10.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098 ffmpeg010<20140310.0.10.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099 ffmpeg010<20140310.0.10.12 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 {ap22,ap24}-modsecurity<2.7.6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705 a2ps<4.14nb6 multiple-vulnerabilities http://secunia.com/advisories/57663/ sylpheed<3.3.1 buffer-overflow http://secunia.com/advisories/57584/ suse{,32}_openssl<13.1nb3 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0076.html PAM-[0-9]* security-bypass http://secunia.com/advisories/57317/ icinga-base<1.9.6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 prosody<0.9.4 denial-of-service http://blog.prosody.im/prosody-0-9-4-released/ lua-expat<1.3.0 denial-of-service http://matthewwild.co.uk/projects/luaexpat/index.html#history openssl>=1.0.1<1.0.1g sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 suse{,32}_openssl>=12.3<13.1nb4 sensitive-information-disclosure http://support.novell.com/security/cve/CVE-2014-0160.html cacti<0.8.8c sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti<0.8.8c arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 adobe-flash-plugin<11.2.202.350 multiple-vulnerabilities http://www.adobe.com/support/security/bulletins/apsb14-09.html jbigkit<2.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369 wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/ php{53,54,55}-ja-wordpress<3.8.2 multiple-vulnerabilities http://secunia.com/advisories/57769/ wireshark<1.10.4 arbitrary-code-execution http://www.wireshark.org/security/wnpa-sec-2014-05.html py{33,27,26}-Pillow<2.3.1 insecure-temp-file https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{27,26}-imaging<1.1.7nb8 insecure-temp-file https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{33,27,26}-Pillow<2.3.1 insecure-temp-file https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 py{27,26}-imaging<1.1.7nb8 insecure-temp-file https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 suse{,32}_libcurl<13.1nb3 privilege-escalation http://support.novell.com/security/cve/CVE-2014-0138.html suse{,32}_libcurl<13.1nb3 ssl-certificate-spoofing http://support.novell.com/security/cve/CVE-2014-0139.html dillo<3.0.4 arbitrary-code-execution http://secunia.com/advisories/57797/ openjpeg15<1.5.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg15<1.5.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4289 openjpeg15<1.5.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4290 openjpeg15<1.5.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg15<1.5.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg15<1.5.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg15<1.5.2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg15<1.5.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6087 cups<1.5.4nb11 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856 openafs<1.6.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openafs>=1.7<1.7.31 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openssh<6.6.1nb3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653 file<5.15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 nagios-base<3.5.1nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 qemu>=1.4.0<1.7.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377 libmms<0.6.4 buffer-overflow http://secunia.com/advisories/57875/ sun-{jdk,jre}7<7.0.55 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA openjdk7{,-bin}<1.7.55 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA mysql-server>5.5<5.5.37 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL mysql-server>5.6<5.6.17 arbitrary-code-execution https://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL qemu<2.0 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894 qemu<2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544 json-c<0.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370 json-c<0.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371 rsync<3.1.0nb1 remote-denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855 suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6370.html suse{,32}_libjson<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2013-6371.html wireshark<1.10.7 denial-of-service http://secunia.com/advisories/58217/ bugzilla>=4.5<4.5.3 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.4<4.4.3 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.2<4.2.8 spoofing-attack http://secunia.com/advisories/58059/ bugzilla>=4.0<4.0.12 spoofing-attack http://secunia.com/advisories/58059/ drupal>=6<6.31 sensitive-information-disclosure http://secunia.com/advisories/58132 drupal>=7<7.27 sensitive-information-disclosure http://secunia.com/advisories/58132 qemu<2.0.0nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4151 qemu<2.0.0nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4535 qemu<2.0.0nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4536 qemu<2.0.0nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6399 qemu<2.0.0nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0182 gnustep-base<1.24.0nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2980 poco<1.4.6p4 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0350 mediawiki<1.22.6 script-insertion-vulnerability http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-April/000149.html adobe-flash-plugin<11.2.202.356 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-13.html firefox<29 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox29 firefox24<24.5 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.5 thunderbird<24.5 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.5 seamonkey<2.26 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26 xulrunner24<24.5 arbitrary-code-execution https://www.mozilla.org/security/announce/2014/mfsa2014-34.html xulrunner<29 arbitrary-code-execution https://www.mozilla.org/security/announce/2014/mfsa2014-34.html synergy<1.4.14 sensitive-information-disclosure http://synergy-foss.org/blog/synergy-1-4-14/ py{33,32,27,26}-lxml<3.3.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146 knot<1.4.5 signature-spoofing https://www.knot-dns.cz/ suse{,32}_openssl<13.1nb6 denial-of-service http://support.novell.com/security/cve/CVE-2010-5298.html suse{,32}_mozilla-nss<13.1nb2 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-1492.html openssl>=1<1.0.0m denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 openssl>=1.0.1<1.0.1h denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 python32-[0-9]* insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python33<3.3.5nb2 insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python34<3.4.0nb1 insecure-file-permissions https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python32-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7354.html suse{,32}_libpng<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-7353.html python33<3.3.4rc1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7338 python26-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python27<2.7.6nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python32-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python33<3.3.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python34<3.4rc1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 cacti<0.8.8c cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti<0.8.8c sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti-spine-[0-9]* sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti-spine-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 cacti-spine-[0-9]* sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti-spine-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 sks<1.1.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3207 openssl>=1<1.0.0m denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 openssl>=1.0.1<1.0.1h denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 libxml2<2.9.1nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191 suse{,32}_libxml2<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html openjdk7{,-bin}<1.7.40 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}7<7.0.40 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}6<6.0.60 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 openjdk7{,-bin}<1.7.40 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}7<7.0.40 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}6<6.0.60 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15<5.0.51 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15>=5.0.55<5.0.56 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jre,jdk}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openssl>=1.0.0<1.0.0l man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 openssl>=1.0.1<1.0.1f man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 p5-LWP-Protocol-https>=6.04<6.04nb1 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 p5-LWP-Protocol-https>=6.06<6.06nb1 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 jpeg>=6b<6c sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 libjpeg-turbo<1.3.1 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 openjdk7{,-bin}>=1.7.51<1.7.52 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}7>=7.0.51<7.0.52 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}8>=8.0.0<8.0.1 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 fish>=1.16.0<2.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2905 fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2906 fish<2.1.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2914 fish<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-3856 tiff<4.0.3nb4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 libvirt>=0.7.5<1.2.5 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179 rxvt-unicode<9.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3121 mediawiki<1.19.14 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.20<1.21 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.21<1.21.8 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.22<1.22.5 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 ruby{193,200,21}-actionpack>=3.2<3.2.18 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130 bind>=9.10<9.10.0pl1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 libvirt<1.1.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7336 png<1.5.14beta08 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353 png<1.5.14rc03 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354 py{34,33,32,27,26}-jinja2<2.7.2nb1 temporary-files-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0012 emacs23<23.3nb27 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23-nox11<23.3nb3 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24<24.3nb14 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24-nox11<24.3nb1 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23<23.3nb27 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23-nox11<23.3nb3 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24<24.3nb14 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24-nox11<24.3nb1 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23<23.3nb27 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs23-nox11<23.3nb3 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24<24.3nb14 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24-nox11<24.3nb1 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 adobe-flash-plugin<11.2.202.359 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-14.html suse{,32}_openssl<13.1nb7 denial-of-service http://support.novell.com/security/cve/CVE-2014-0198.html qt4-libs<4.8.6nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 qt5-qtbase<5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 libXfont<1.4.7nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209 libXfont<1.4.7nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210 libXfont<1.4.7nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211 ldns<1.6.16nb4 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 php53-fpm-[0-9]* local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php54-fpm<5.4.28 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php55-fpm<5.5.12 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 nagios-base<3.5.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.9.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 dovecot<1.2.17nb15 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 dovecot>=2<2.2.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 py{34,33,32,27,26}-django>=1.5<1.6.5 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django<1.4.13 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django>=1.5<1.6.5 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 py{34,33,32,27,26}-django<1.4.13 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 php{53,54,55}-owncloud<6.0.3 unknown-impact http://secunia.com/advisories/58586/ moodle<2.5.6 multiple-vulnerabilities http://docs.moodle.org/dev/Moodle_2.5.6_release_notes suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0209.html suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0210.html suse{,32}_x11<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0211.html typo3<4.5.34 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=4.7<4.7.19 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=6.0<6.0.14 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ typo3>=6.1<6.1.9 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/ chicken<4.8.0.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4385 chicken<4.8.0.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3776 apache-tomcat>=6.0<6.0.41 multiple-vulnerabilities http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.41 apache-tomcat>=7.0<7.0.53 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.53 apache-tomcat>=6.0<6.0.39 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.39 apache-tomcat>=7.0<7.0.53 denial-of-service http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_7.0.53 apache-tomcat>=7.0<7.0.54 information-disclosure http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.54 gnutls<3.2.15 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 webmin<1.690 cross-site-scripting http://freecode.com/projects/webmin/releases/363920 suse{,32}_openssl<13.1nb8 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-0195.html suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-0221.html suse{,32}_openssl<13.1nb8 man-in-the-middle-attack http://support.novell.com/security/cve/CVE-2014-0224.html suse{,32}_openssl<13.1nb8 denial-of-service http://support.novell.com/security/cve/CVE-2014-3470.html openssl<0.9.8za man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1<1.0.0m man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1.0.1<1.0.1h man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl<0.9.8za denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1<1.0.0m denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1.0.1<1.0.1h denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl<0.9.8za arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1<1.0.0m arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1.0.1<1.0.1h arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl<0.9.8za denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1<1.0.0m denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1.0.1<1.0.1h denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl<0.9.8za sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssl>=1<1.0.0m sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1927 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1928 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929 python27<2.7.7nb1 denial-of-service http://seclists.org/oss-sec/2013/q4/558 php>=5.4<5.4.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.4<5.4.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 php>=5.5<5.5.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.5<5.5.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 mediawiki<1.22.7 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966 libtasn1<3.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 libtasn1<3.6 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 libtasn1<3.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 openpam<20140912 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3879 chkrootkit<0.50 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476 bottle<0.12.6 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3137 mupdf<1.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2013 sendmail<8.14.9 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 dpkg<1.16.15 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864 dpkg<1.16.15 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865 firefox<30 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox30 firefox24<24.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6 thunderbird<24.6 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.6 xulrunner24<24.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2014/mfsa2014-48.html xulrunner<30 arbitrary-code-execution https://www.mozilla.org/security/announce/2014/mfsa2014-48.html file<5.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 file<5.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 nspr<4.10.6 arbitrary-code-execution https://www.mozilla.org/security/announce/2014/mfsa2014-55.html emacs24{,-nox11}<24.5 temporary-file-race https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423 icinga-base<1.9.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.10.3 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 tor<0.2.4.20 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295 gnupg2<2.0.22 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg<1.4.15 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg2<2.0.22 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 gnupg<1.4.15 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 py{34,33,32,27,26}-django>=1.5<1.6.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{33,32,27,26}-django<1.4.11 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{34,33,32,27,26}-django>=1.5<1.6.3 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 cross-site-request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474 adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-16.html php{53,54,55}-soycms<=1.4.0c cross-site-scripting http://jvn.jp/en/jp/JVN54650130/index.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-005.html asterisk>=11.0<11.10.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html asterisk>=12.0<12.3.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-006.html asterisk>=1.8<1.8.28.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=11.0<11.10.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-007.html asterisk>=12.0<12.3.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-008.html libarchive>=2.9<3.1.2 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1779 bind>=9.10<9.10.0pl2 denial-of-service https://kb.isc.org/article/AA-01166/0/CVE-2014-3859%3A-BIND-named-can-crash-due-to-a-defect-in-EDNS-printing-processing.html ruby18-puppet<3.6.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 ruby18-hiera<1.3.4 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 ruby18-mcollective<2.5.2 arbitrary-code-execution http://puppetlabs.com/security/cve/cve-2014-3248 wireshark>=1.10.0<1.10.8 denial-of-service http://www.wireshark.org/security/wnpa-sec-2014-07.html ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240 ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242 suse{,32}_base<13.1nb10 denial-of-service http://support.novell.com/security/cve/CVE-2014-4043.html xalan-j>=2.7.0<2.7.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107 gnutls>=3.0<3.1.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 gnutls>=3.2<3.2.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 lighttpd<1.4.34 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560 lighttpd>=1.4.24<1.4.34 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508 suse{,32}_mozilla-nspr<13.1nb2 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1545.html mysql-client-5.1.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.1.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html xenkernel41<4.1.6.1nb1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html xenkernel42<4.2.5 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-100.html suse{,32}_libdbus<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-3477.html memcached<1.4.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179 memcached<1.4.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290 memcached<1.4.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291 kdirstat-[0-9]* arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527 kdirstat-[0-9]* arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528 seamonkey<2.26.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26.1 iodine<0.7.0 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4168 samba>=3.6<3.6.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 samba>=3.6<3.6.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 p5-Email-Address<1.905 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477 php>=5.4<5.4.30 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 php>=5.5<5.5.14 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 nagios-plugins<2.0.2 sensitive-information-disclosure http://seclists.org/fulldisclosure/2014/May/74 openafs>=1.6.8<1.6.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044 gnupg2<2.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 gnupg<1.4.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 php-5.2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo<2.6.3 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4649 kdelibs4<4.13.3 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3494 php>=5.4<5.4.30 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.4.30 php>=5.5<5.5.14 multiple-vulnerabilities http://www.php.net/ChangeLog-5.php#5.5.14 php{53,54,55}-owncloud<6.0.4 unknown-impact http://secunia.com/advisories/59543/ python27<2.7.7nb2 directory-traversal http://bugs.python.org/issue21766 python32-[0-9]* directory-traversal http://bugs.python.org/issue21766 python33<3.3.5nb4 directory-traversal http://bugs.python.org/issue21766 python34<3.4.1nb1 directory-traversal http://bugs.python.org/issue21766 lzo<2.0.7 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 pulseaudio<5.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970 cacti<0.8.8c multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002 dbus<1.8.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532 dbus<1.8.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3533 libreoffice4>=4.1.4<4.2.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 libreoffice4-bin>=4.1.4<4.2.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 adobe-flash-plugin<11.2.202.379 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-17.html suse{,32}_base<13.1nb5 directory-traversal http://support.novell.com/security/cve/CVE-2014-0475.html openttd>=0.3.6<1.3.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6411 vlc<2.0.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868 vlc<2.0.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954 dbus>1.6.20<1.8.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 dbus<1.6.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 php>=5.4<5.4.30nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.5<5.5.14nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.4<5.4.30nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 php>=5.5<5.5.14nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 file<5.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 file<5.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 file<5.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 file<5.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 ffmpeg<20140623.1.2.7 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg2<2.2.4 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg010<20140629.0.10.14 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4609 ffmpeg010<20140629.0.10.14 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 file<5.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 php>=5.5<5.5.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php phpmyadmin>=4.1<4.1.14.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php phpmyadmin>=4.2<4.2.4 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php samba>=3.6.6<3.6.24 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 samba>=4.1<4.1.8 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 ruby{193,200,21}-activerecord>=3.2<3.2.19 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482 transmission<2.84 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4909 polarssl<1.2.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4911 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 sun-{jdk,jre}7<7.0.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 openjdk7{,-bin}<1.7.65 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 ruby1{8,9,93}-rubygems<1.8.23 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2125 ruby1{8,9,93}-rubygems<2.0.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby200-base<2.0.0p247nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby193-base<1.9.3p448nb4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 mit-krb5<1.10.7nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 mit-krb5>=1.7<1.10.7nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 mit-krb5>=1.10<1.10.7nb3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343 mit-krb5>=1.5<1.10.7nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 ansible<1.6.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657 ansible<1.6.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4678 drupal>=6<6.32 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003 drupal>=7<7.29 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-003 php>=5.5<5.5.16 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 mysql-server>=5.6<5.6.19 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2484 mysql-server>=5.5<5.5.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494 mysql-server>=5.5<5.5.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207 mysql-server>=5.6<5.6.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4214 mysql-server>=5.6<5.6.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4233 mysql-server>=5.6<5.6.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4228 mysql-server>=5.6<5.6.19 remote-data-manipulation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4240 mysql-server>=5.6<5.6.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.5<5.5.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.6<5.6.19 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.5<5.5.38 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.6<5.6.19 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 mysql-server>=5.5<5.5.38 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php phpmyadmin<=3.5.8.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php phpmyadmin>=4<4.0.4.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php php>=5.5<5.5.14 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php>=5.4<5.4.30 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php<5.3.29 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3532.html suse{,32}_libdbus<13.1nb2 denial-of-service http://support.novell.com/security/cve/CVE-2014-3533.html apache>=2.2<2.2.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523 apache>=2.4.6<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117 apache>=2.2<2.2.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.4<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.2<2.2.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 apache>=2.4<2.4.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 softhsm<1.3.7nb2 sensitive-information-exposure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 xpdf<3.04 multiple-vulnerabilities http://www.foolabs.com/xpdf/CHANGES ansible<1.6.9 input-validation http://www.ocert.org/advisories/ocert-2014-004.html phpmyadmin<4.2.6 multiple-vulnerabilities http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php firefox<31 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox31 firefox24<24.7 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.7 nss<3.16.2 memory-corruption https://www.mozilla.org/security/announce/2014/mfsa2014-63.html cups<1.7.4 symlink-attack http://www.cups.org/str.php?L4450 exim<4.83 input-validation https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html tor<0.2.4.23 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 tor>=0.2.5<0.2.5.7 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 mysql-server>=5.6<5.6.20 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mysql-server>=5.5<5.5.39 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mediawiki<1.22.9 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.22#MediaWiki_1.22.9 suse{,32}_mozilla-nss<13.1nb3 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-1544.html wireshark<1.10.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html#_bug_fixes kdelibs4<4.14 privilege-escalation http://www.kde.org/info/security/advisory-20140730-1.txt samba>=4<4.1.11 buffer-overflow http://www.samba.org/samba/security/CVE-2014-3560 gpgme<1.4.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564 file<5.1.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 nginx>=1.5.6<1.6 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.6<1.6.1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.7<1.7.4 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 php>=5.4<5.4.32 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php>=5.5<5.5.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php{53,54,55}-owncloud<5.0.17 unspecified http://owncloud.org/changelog/ phpmyadmin<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php phpmyadmin>=4.2<4.2.6 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php phpmyadmin>=4.1<4.1.14.2 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php phpmyadmin>=4.0<4.0.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php liblive<20131129 buffer-overflow http://live555.com/liveMedia/public/changelog.txt nss<3.15.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491 nss<3.16 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492 gcc{,34,44,45,46,47}-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc3-c++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc48-cc++-[0-9]* denial-of-service https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61601 gcc{,34,44,45,46,47}-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 gcc3-c++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 gcc48-cc++-[0-9]* memory-corruption https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61582 ruby{18,193,200,21}-puppet<3.3.3 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=3.4<3.4.1 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=2.8.4<3.1.1 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby18-base>=1.8.7<1.8.7.331 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4481 curl>=7.27.0<7.35.1 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522 openssl>=0.9.8<0.9.8zb multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt openssl>=1.0.0<1.0.0n multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt openssl>=1.0.1<1.0.1i multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt suse{,32}_openssl<13.1nb9 multiple-vulnerabilities https://www.openssl.org/news/secadv_20140806.txt cups<1.7.4 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 readline>=6.2<6.3 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524 openssl>=0.9.8<0.9.8y sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.0<1.0.0k sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.1<1.0.1d sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 durupal>=6<6.33 denial-of-service https://www.drupal.org/SA-CORE-2014-004 durupal>=7<7.31 denial-of-service https://www.drupal.org/SA-CORE-2014-004 wordpress>=3.8<3.8.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 wordpress>=3.7<3.7.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.8<3.8.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.7<3.7.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 py{34,33,27,26}-ipython<1.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3429 serf<1.3.7 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504 subversion-base>=1.8<1.8.10 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522 adobe-flash-plugin<11.2.202.400 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-18.html suse{,32}_libtiff<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2013-6369.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4341.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4342.html suse{,32}_krb5<13.1nb1 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-4343.html suse{,32}_krb5<13.1nb1 denial-of-service http://support.novell.com/security/cve/CVE-2014-4344.html poppler<0.13.3 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110 php-5.3.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages subversion-base>=1.8<1.8.10 spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 qemu>=1.6<2.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263 py{34,33,27,26}-Pillow<2.5.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 cacti<0.8.8c arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5261 cacti<0.8.8c sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5262 py{26,27}-moin<1.9.7 script-insertion-vulnerability http://moinmo.in/SecurityFixes mit-krb5>=1.6<1.10.7nb3 buffer-overflow http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2014-001.txt py{27,26}-imaging<1.1.7nb9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 py{33,32,27,26}-django<1.4.14 multiple-vulnerabilities https://docs.djangoproject.com/en/1.4/releases/1.4.14/ py{33,32,27,26}-django>=1.5<1.6.6 multiple-vulnerabilities https://docs.djangoproject.com/en/1.6/releases/1.6.6/ phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php phpmyadmin<4.2.7.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php salt<2014.1.10 data-manipulation http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html squid<3.4.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609 bozohttpd<20140708 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5015 procmail<3.22nb4 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618 firefox<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox31.1 thunderbird<31.1 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird31.1 firefox>31.1<32 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox32 firefox24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.8 thunderbird24<24.8 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.8 ImageMagick<6.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.9 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 ImageMagick<6.8.8 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 php>=5.4<5.4.32 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.5<5.5.16 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php>=5.5<5.5.16 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php54-gd>=5.4<5.4.32 remote-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 php55-gd>=5.5<5.5.16 remote-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 net-snmp>=5.7<5.7.2.1nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.6<=5.6.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.5<=5.5.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.4<=5.4.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 lua51<5.1.5nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 lua52>=5.2<5.2.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 nodejs<0.10.30 denial-of-service http://blog.nodejs.org/2014/07/31/v8-memory-corruption-stack-overflow/ thunderbird24<24.8.1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 thunderbird<31.5.0nb1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 seamonkey<2.32.1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 libreoffice4<4.3.1 multiple-vulnerabilities http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/ dhcpcd<6.4.3 denial-of-service http://advisories.mageia.org/MGASA-2014-0334.html bugzilla<4.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1546 libvncserver<0.9.10 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 file<=5.19 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 cups<1.7.4 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537 cups<1.7.4 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-3537.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5029.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5030.html suse{,32}_libcups-[0-9]* symlink-attack http://support.novell.com/security/cve/CVE-2014-5031.html ruby193-base<1.9.3p547nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby200-base<2.0.0p481nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby21-base<2.1.2nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 libgcrypt<1.5.4 side-channel https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270 pppd<2.4.7 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158 adobe-flash-plugin<11.2.202.406 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-21.html curl<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910A.html curl>7.31.0<7.38.0 data-manipulation http://curl.haxx.se/docs/adv_20140910B.html apache-tomcat>7<7.0.40 script-insertion-vulnerability http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40 suse{,32}_base<13.1nb5 arbitrary-code-execution http://support.novell.com/security/cve/CVE-2014-5119.html suse{,32}_base<13.1nb5 denial-of-service http://support.novell.com/security/cve/CVE-2014-6040.html haproxy<1.5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6269 squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_3.txt squid<3.4.8 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2014_4.txt fengoffice<2.7.0 cross-site-scripting http://sourceforge.net/projects/opengoo/files/fengoffice/fengoffice_2.7.0/ wireshark<1.10 denial-of-service https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-009.html asterisk>=11.0<11.12.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html asterisk>=12.0<12.5.1 denial-of-service http://downloads.digium.com/pub/security/AST-2014-010.html dbus<1.8.8 arbitrary-code-execution https://bugs.freedesktop.org/show_bug.cgi?id=83622 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=82820 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80559 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=81053 dbus<1.8.8 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=80919 nodejs<0.10.31 unspecified http://blog.nodejs.org/2014/08/19/node-v0-10-31-stable/ nginx>=1.7<1.7.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616 nginx<1.6.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3616 phpmyadmin<4.2.8.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php moodle<2.7.2 security-bypass https://moodle.org/mod/forum/discuss.php?d=269590 qemu<2.2 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3615 bash>=4.3<4.3.025 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=4.3<4.3.025nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel41<4.1.6.1nb11 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel41<4.1.6.1nb11 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel42<4.2.5 local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel42<4.2.5 local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel33-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel33-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html xenkernel3-[0-9]* local-privilege-escalation http://xenbits.xenproject.org/xsa/advisory-105.html xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-106.html xenkernel3-[0-9]* local-denial-of-service http://xenbits.xenproject.org/xsa/advisory-104.html nss>=3.16.2<3.16.2.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html nss>=3.16.3<3.16.5 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html nss>=3.17<3.17.1 spoofing https://www.mozilla.org/security/announce/2014/mfsa2014-73.html mediawiki<1.23.4 filtering-bypass https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.4 libvncserver-[0-9]* multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html perl<5.20.0nb2 stack-overflow https://www.lsexperts.de/advisories/lse-2014-06-10.txt wordpress<3.8.3 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 php{53,54,55}-ja-wordpress<3.8.3 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 c-icap<2.6 denial-of-service http://www.gentoo.org/security/en/glsa/glsa-201409-07.xml bash>=2.05<2.05.2.9nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=2.05<2.05.2.9nb1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 libvirt>=0.7.5<1.2.5 denial-of-service http://security.libvirt.org/2014/0003.html libvirt<1.2.9 sensitive-information-disclosure http://security.libvirt.org/2014/0004.html mediawiki<1.23.5 cross-site-scripting https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.5 phpmyadmin<4.2.9.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-11.php elasticsearch<1.4.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6439 xenkernel41<4.1.6.1nb12 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html xenkernel41<4.1.6.1nb13 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html xenkernel42<4.2.5nb1 denial-of-service http://xenbits.xenproject.org/xsa/advisory-108.html bash>=4.3<4.3.027 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186 bash>=4.3<4.3.027 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187 qemu<2.1.2 denial-of-service https://lists.gnu.org/archive/html/qemu-stable/2014-09/msg00231.html apache>=2.4<2.4.10nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3581 exctags<5.8nb1 denial-of-service http://seclists.org/oss-sec/2014/q3/842 php>=5.5<5.5.18 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php55-exif<5.5.18 heap-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php55-xmlrpc<5.5.18 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.4<5.4.34 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php54-exif<5.4.34 heap-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php54-xmlrpc<5.4.34 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.3<5.3.29nb1 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php53-exif<5.3.29nb1 heap-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php53-xmlrpc<5.3.29nb1 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 bugzilla<4.5.6 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.14/ bash>=4.3<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 bash>=3.0<4.3.027 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277 bash>=2.05<2.05.2.13 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 libvirt<1.2.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633 libvirt<1.2.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657 kdelibs4<4.14 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033 jenkins<1.565.3 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 rsyslog<8.4.2 denial-of-service http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ python26-[0-9]* integer-overflow http://bugs.python.org/issue22518 python33<3.3.6 integer-overflow http://bugs.python.org/issue22518 python27<2.7.8nb1 integer-overflow http://bugs.python.org/issue22518 python34<3.4.3 integer-overflow http://bugs.python.org/issue22520 python33<3.3.6 integer-overflow http://bugs.python.org/issue22520 adobe-flash-plugin<11.2.202.411 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-22.html mysql-server>=5.5<5.5.40 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-client>=5.5<5.5.40 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL sun-{jdk,jre}7<7.0.72 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA openjdk7<1.7.72 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA durupal>=7<7.32 sql-injection https://www.drupal.org/SA-CORE-2014-005 openssl>=0.9.8<0.9.8zc multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt openssl>=1.0.0<1.0.0o multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt openssl>=1.0.1<1.0.1j multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt wpa_supplicant<2.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 getmail<4.46.0 spoofing http://pyropus.ca/software/getmail/CHANGELOG libxml2<2.9.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service http://support.novell.com/security/cve/CVE-2014-0191.html python27<2.7.8 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185 suse{,32}_base<13.1nb6 multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html file<5.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710 libpurple<2.10.10 ssl-certificate-spoofing http://pidgin.im/news/security/?id=86 libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=87 libpurple<2.10.10 denial-of-service http://pidgin.im/news/security/?id=88 libpurple<2.10.10 sensitive-information-disclosure http://pidgin.im/news/security/?id=90 phpmyadmin<4.2.10.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-12.php claws-mail<3.10.0 remote-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576 ejabberd<14.07nb4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8760 wget<1.16 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877 ruby193-base<1.9.3p550 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby200-base<2.0.0p594 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby21-base<2.1.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 tnftp<20141031 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517 wireshark<1.10.11 remote-user-shell https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710 wireshark<1.10.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711 wireshark<1.10.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712 wireshark<1.10.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713 wireshark<1.10.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714 thunderbird<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/thunderbird/#thunderbird31.2 firefox>31<31.2 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox-esr/#firefoxesr31.2 libreoffice4>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4-bin>=4.2<4.2.7 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ libreoffice4-bin>=4.3<4.3.3 arbitrary-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2014-3693/ suse{,32}_openssl<13.1nb10 multiple-vulnerabilities https://www.openssl.org/news/secadv_20141015.txt qemu<2.2.0 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689 qemu<2.2.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 konversation>=1.5<1.5.1 denial-of-service http://openwall.com/lists/oss-security/2014/10/26/1 ffmpeg1<1.2.9 multiple-vulnerabilities http://secunia.com/advisories/60739/ ffmpeg2<2.4.2 multiple-vulnerabilities http://secunia.com/advisories/60739/ curl>=7.17.1<7.39.0 sensitive-information-disclosure http://curl.haxx.se/docs/adv_20141105.html ap{22,24}-auth-mellon<0.8.1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566 ap{22,24}-auth-mellon<0.8.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567 libvirt<1.2.11 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823 libvirt<1.2.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131 adobe-flash-plugin<11.2.202.418 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb14-24.html gnutls>=3.3<3.3.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.2<3.2.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.1<3.1.18 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 polarssl>=1.2<1.2.12 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.3<1.3.9 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.2<1.2.12 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 polarssl>=1.3<1.3.9 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 php{53,54,55}-owncloud<5.0.18 unspecified http://owncloud.org/releases/Changelog php{53,54,55}-owncloud>=6.0<6.0.6 unspecified http://owncloud.org/releases/Changelog krfb<4.14.3 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-007.html ImageMagick<6.8.9.9 multiple-vulnerabilities http://secunia.com/advisories/61943/ GraphicsMagick<1.3.21 heap-overflow http://sourceforge.net/p/graphicsmagick/code/ci/4426024497f9ed26cbadc5af5a5de55ac84796ff/ zeromq<4.0.5 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7202 zeromq<4.0.5 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7203 tcpdump>=3.8<4.7.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8769 tcpdump>=3.5.0<4.7.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8768 tcpdump>=3.9.6<4.7.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8767 xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-109.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-110.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-111.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-112.html xenkernel42<4.2.5nb2 denial-of-service http://xenbits.xenproject.org/xsa/advisory-113.html moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275146 moodle>=2.5<2.5.9 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275147 moodle-2.7 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153 moodle-2.7.2 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275153 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275154 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275155 moodle>=2.5<2.5.9 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.6<2.6.6 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.7<2.7.3 sensitive-information-disclosure https://moodle.org/mod/forum/discuss.php?d=275159 moodle>=2.6<2.6.6 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161 moodle>=2.7<2.7.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=275161 moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275162 moodle>=2.5<2.5.9 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.6<2.6.6 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.7<2.7.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=275163 moodle>=2.5<2.5.9 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 moodle>=2.6<2.6.6 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 moodle>=2.7<2.7.3 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=275164 clamav<0.98.5 denial-of-service https://bugzilla.clamav.net/show_bug.cgi?id=11088 drupal>=6<6.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006 drupal>=7<7.34 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2014-006 asterisk>=1.8<1.8.32.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html asterisk>=11<11.14.1 security-bypass http://downloads.digium.com/pub/security/AST-2014-012.html asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-017.html asterisk>=1.8<1.8.32.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html asterisk>=11<11.14.1 privilege-escalation http://downloads.digium.com/pub/security/AST-2014-018.html wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/ php{53,54,55}-ja-wordpress<4.0.1 multiple-vulnerabilities https://wordpress.org/news/2014/11/wordpress-4-0-1/ dbus<1.8.10 denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105 suse{,32}_libdbus-[0-9]* denial-of-service https://bugs.freedesktop.org/show_bug.cgi?id=85105 mit-krb5<1.10.7nb4 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351 ruby193-base<1.9.3p551 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ ruby200-base<2.0.0p598 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ ruby21-base<2.1.5 denial-of-service https://www.ruby-lang.org/en/news/2014/11/13/rexml-dos-cve-2014-8090/ phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php phpmyadmin<4.2.12 local-file-reading http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php phpmyadmin<4.2.12 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php ImageMagick<6.8.9.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716 flac<1.3.1 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2014-008.html qemu<2.2.0 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 adobe-flash-plugin<11.2.202.424 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-26.html phpmyadmin<4.2.12 input-validation http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php pcre<8.36nb1 denial-of-service http://bugs.exim.org/show_bug.cgi?id=1546 gcpio-[0-9]* out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9112 libksba<1.3.2 heap-overflow http://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000359.html clamav<0.98.5 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050 mediawiki<1.23.7 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7 icecast<2.4.1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018 mantis<1.2.18 arbitrary-code-execution http://seclists.org/oss-sec/2014/q4/576 mantis<1.2.18 cross-site-scripting http://seclists.org/oss-sec/2014/q4/617 mantis<1.2.18 multiple-vulnerabilities http://seclists.org/oss-sec/2014/q4/577 mantis<1.2.18 sensitive-information-disclosure http://seclists.org/oss-sec/2014/q4/623 mantis<1.2.18 sql-injection http://seclists.org/oss-sec/2014/q4/795 p5-Plack<1.0031 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5269 python{26,33}-[0-9]* arbitrary-code-execution http://bugs.python.org/issue22885 python27<2.7.9nb1 arbitrary-code-execution http://bugs.python.org/issue22885 python34<3.4.3 arbitrary-code-execution http://bugs.python.org/issue22885 libyaml<0.1.6 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1 p5-YAML-LibYAML<0.54 denial-of-service http://www.openwall.com/lists/oss-security/2014/11/28/1 graphviz<2.38.0nb3 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9157 p5-Mojolicious<5.48 parameter-injection http://advisories.mageia.org/MGASA-2014-0488.html libjpeg-turbo<1.4.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092 jasper<1.900.1nb8 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html nss<3.17.3 security-bypass https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes phpmyadmin<4.2.13.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php phpmyadmin<4.2.13.1 denial-of-service http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php wpa_supplicant<2.3 arbitrary-command-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 mutt<1.5.23nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116 gettext-tools<0.19.4 denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769901 opera<26 multiple-vulnerabilities http://www.opera.com/docs/changelogs/unified/2600/ firefox>=33<34 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox34 seamonkey<2.31 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.31 thunderbird<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.3 firefox31>=31<31.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.3 openvpn<2.3.6 denial-of-service https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b mpfr<3.1.2pl11 buffer-overflow http://www.mpfr.org/mpfr-3.1.2/#p11 getmail>=4.0.0<4.43.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7273 getmail>=4.44.0<4.45.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7274 getmail>=4.0.0<4.44.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7275 qemu<2.2.0 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106 bind>=9.0<9.9.6pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500 bind>=9.10<9.10.1pl1 denial-of-service https://kb.isc.org/article/AA-01216/74/CVE-2014-8500 ap{22,24}-py{34,33,27,26}-wsgi<4.2.4 security-bypass http://modwsgi.readthedocs.org/en/latest/release-notes/version-4.2.4.html xenkernel42<4.2.5nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-114.html adobe-flash-plugin<11.2.202.425 arbitrary-code-execution http://helpx.adobe.com/security/products/flash-player/apsb14-27.html binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17510 binutils<2.25 multiple-vulnerabilities https://sourceware.org/bugzilla/show_bug.cgi?id=17552 php{53,54,55,56}-concrete5<5.7.4.2 cross-site-scripting http://morxploit.com/morxploits/morxconxss.txt ghostscript-gpl<9.06nb3 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2014-009.html asterisk>=11.0<11.14.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html asterisk>=12.0<12.7.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html asterisk>=13.0<13.0.2 denial-of-service http://downloads.asterisk.org/pub/security/AST-2014-019.html modular-xorg-server<1.12.4nb6 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ pdns-recursor<3.6.2 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ unbound<1.4.22nb1 denial-of-service http://www.unbound.net/downloads/CVE-2014-8602.txt libxml2<2.9.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 ffmpeg2<2.5 multiple-vulnerabilities http://ffmpeg.org/security.html typo3>=4.5.0<4.5.37 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=4.7.0<4.7.20 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=6.1.0<6.1.11 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-002/ typo3>=4.5.0<4.5.39 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ typo3>=4.7.0<4.7.21 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ typo3>=6.1.0<6.1.12 multiple-vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-003/ rpm<4.11.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6435 rpm<4.12.0.1nb1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8118 libyaml<0.1.6nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 p5-YAML-LibYAML<0.53 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 python26-[0-9]* security-bypass http://bugs.python.org/issue22417 python27<2.7.9 security-bypass http://bugs.python.org/issue22417 python33-[0-9]* security-bypass http://bugs.python.org/issue22417 python34<3.4.3 security-bypass http://bugs.python.org/issue22417 suse{,32}_gtk2<13.1nb4 arbitrary-code-execution http://lists.opensuse.org/opensuse-updates/2014-12/msg00062.html git-base<2.2.1 client-code-execution-from-hostile-server https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390 c-icap<0.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7401 c-icap<0.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7402 ruby{193,200,215}-mcollective<2.5.3 security-bypass http://puppetlabs.com/security/cve/cve-2014-3251 ettercap-[0-9]* multiple-vulnerabilities https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771 heirloom-mailx<12.5 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844 rrdtool<1.4.9 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2131 ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-3580-advisory.txt ap{22,24}-subversion<1.8.11 denial-of-service http://subversion.apache.org/security/CVE-2014-8108-advisory.txt ruby{193,200,215}-puppet<3.7.1 sensitive-information-disclosure http://puppetlabs.com/security/cve/cve-2014-9355 php>=5.4<5.4.36 denial-of-service http://php.net/ChangeLog-5.php#5.4.36 mit-krb5>=1.5<1.10.7nb3 multiple-vulnerabilities http://web.mit.edu/kerberos/krb5-1.12/ libvirt<1.2.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135 libvirt<1.2.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136 varnish<3.0.4 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0345 varnish<3.0.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484 jasper<1.900.1nb9 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html ghostscript-gpl<9.06nb4 heap-overflow http://www.ocert.org/advisories/ocert-2014-012.html php>=5.5<5.5.20 denial-of-service http://php.net/ChangeLog-5.php#5.5.20 php>=5.6<5.6.4 denial-of-service http://php.net/ChangeLog-5.php#5.6.4 ntp<4.2.8 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879 unzip<6.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139 unzip<6.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140 unzip<6.0nb2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141 unzip<6.0nb2 denial-of-service http://seclists.org/oss-sec/2014/q4/1131 sox<1.14.2 heap-overflow http://www.ocert.org/advisories/ocert-2014-010.html mediawiki<1.24.1 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.8 libssh<0.64 multiple-vulnerabilities http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ exiv2<0.25 heap-overflow http://dev.exiv2.org/issues/960 libsndfile<1.0.25nb2 multiple-vulnerabilities http://secunia.com/advisories/61132 wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-03.html wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-04.html wireshark<1.10.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-05.html ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26682 ImageMagick<6.9.0.2 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26699 libreoffice4>=4.3<4.3.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 libreoffice4-bin>=4.3<4.3.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 apache>=2.4<2.4.10nb3 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109 gnupg2<2.0.26 arbitrary-code-execution http://secunia.com/advisories/61939/ png>=1.5<1.5.21 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.6<1.6.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.5<1.5.21 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 png>=1.6<1.6.16 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 libevent<2.0.22 integer-overflow https://raw.githubusercontent.com/libevent/libevent/release-2.0.22-stable/ChangeLog arc-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-9275 privoxy<3.0.22 multiple-vulnerabilities http://secunia.com/advisories/62123 zoneminder<1.28.0 system-compromise https://github.com/ZoneMinder/ZoneMinder/releases/tag/v1.28.0 curl>=7.31.0<7.39.0nb1 security-bypass http://curl.haxx.se/docs/adv_20150108B.html lftp<4.4.6nb4 ssl-certificate-spoofing https://github.com/lavv17/lftp/issues/116 webmin<1.730 sensitive-information-disclosure http://www.webmin.com/changes.html pwgen<2.07 weak-password-generator https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4440 pwgen<2.07 insufficiently-random-numbers https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4442 mit-krb5<1.10.7nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353 file<5.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.22 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 openssl>=0.9.8<0.9.8zd multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt openssl>=1.0.0<1.0.0p multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt openssl>=1.0.1<1.0.1k multiple-vulnerabilities http://www.openssl.org/news/secadv_20150108.txt mantis<1.2.19 multiple-vulnerabilities https://www.mantisbt.org/bugs/changelog_page.php?version_id=238 adobe-flash-plugin<11.2.202.429 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-01.html chicken<4.9.0.2 multiple-vulnerabilities http://lists.gnu.org/archive/html/chicken-announce/2015-01/msg00001.html firefox>=34<35 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox35 seamonkey<2.32 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.32 thunderbird<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.4 firefox31>=31<31.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.4 py{33,32,27}-django>=1.5<1.7.3 multiple-vulnerabilities https://docs.djangoproject.com/en/1.7/releases/1.7.3/ samba>=4<4.1.16 security-bypass https://www.samba.org/samba/security/CVE-2014-8143 asterisk>=12.0<12.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html asterisk>=13.0<13.1.1 denial-of-service http://downloads.digium.com/pub/security/AST-2015-001.html asterisk>=1.8<1.8.32.2 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=11.0<11.15.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=12.0<12.8.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html asterisk>=13.0<13.1.1 security-bypass http://downloads.digium.com/pub/security/AST-2015-002.html djvulibre-tools-[0-9]* insecure-temp-file https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775193 xdg-utils>=1.1.0rc2<1.1.0rc4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9622 moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278612 moodle>=2.8<2.8.2 cross-site-request-forgery https://moodle.org/mod/forum/discuss.php?d=278613 moodle>=2.8<2.8.2 information-leak https://moodle.org/mod/forum/discuss.php?d=278614 moodle>=2.8<2.8.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=278615 moodle>=2.8<2.8.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=278616 moodle>=2.8<2.8.2 denial-of-service https://moodle.org/mod/forum/discuss.php?d=278617 kde-workspace-[0-9]* sensitive-information-disclosure https://www.kde.org/info/security/advisory-20150122-2.txt websvn-[0-9]* symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6892 py{34,33,27,26}-Pillow<2.7.0 denial-of-service http://pillow.readthedocs.org/releasenotes/2.7.0.html#png-text-chunk-size-limits ffmpeg2<2.5.2 multiple-vulnerabilities http://ffmpeg.org/security.html mysql-server>=5.5<5.5.42 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.5<5.5.42 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-server>=5.6<5.6.23 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.6<5.6.23 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL sympa<6.1.24 remote-file-access https://www.sympa.org/security_advisories#security_breaches_in_newsletter_posting_cve-2015-1306 jasper<1.900.1nb10 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html adobe-flash-plugin<11.2.202.438 security-bypass http://helpx.adobe.com/security/products/flash-player/apsb15-02.html adobe-flash-plugin<11.2.202.440 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-03.html sun-{jdk,jre}7<7.0.76 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA openjdk7<1.7.76 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA rabbitmq<3.4.1 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.1.txt polarssl-[0-9]* arbitrary-code-execution https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 bugzilla<4.4.7 multiple-vulnerabilities http://www.bugzilla.org/security/4.0.15/ libvirt<1.2.12 security-bypass http://security.libvirt.org/2015/0001.html webkit-gtk<2.4.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0001.html privoxy<3.0.23 multiple-vulnerabilities http://secunia.com/advisories/62147/ clamav<0.98.6 multiple-vulnerabilities http://blog.clamav.net/2015/01/clamav-0986-has-been-released.html adobe-flash-plugin<11.2.202.442 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-04.html php{53,54,55}-piwigo<2.5.6 sql-injection http://piwigo.org/forum/viewtopic.php?id=25016 rabbitmq<3.4.3 multiple-vulnerabilities https://www.rabbitmq.com/release-notes/README-3.4.3.txt mit-krb5<1.10.7nb5 multiple-vulnerabilities http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt icu<54.1nb2 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923 icu<54.1nb2 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926 ntp<4.2.8p1 multiple-vulnerabilities http://www.kb.cert.org/vuls/id/852879 squid<3.4.12 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066 squid>=3.5.0<3.5.2 security-bypass http://bugs.squid-cache.org/show_bug.cgi?id=4066 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829 openldap>=2.4.13<2.4.41 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545 openldap<2.4.41 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546 moodle<2.8.3 directory-traversal http://www.secunia.com/advisories/62769/ php>=5.4<5.4.36 http-response-splitting http://secunia.com/advisories/62831 php>=5.5<5.5.22 http-response-splitting http://secunia.com/advisories/62831 php>=5.6<5.6.6 http-response-splitting http://secunia.com/advisories/62831 postgresql90-server<9.0.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql91-server<9.1.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql92-server<9.2.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql93-server<9.3.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql94-server<9.4.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1569/ postgresql90-pgcrypto<9.0.19 buffer-overrun http://secunia.com/advisories/62806 postgresql91-pgcrypto<9.1.15 buffer-overrun http://secunia.com/advisories/62806 postgresql92-pgcrypto<9.2.10 buffer-overrun http://secunia.com/advisories/62806 postgresql93-pgcrypto<9.3.6 buffer-overrun http://secunia.com/advisories/62806 postgresql94-pgcrypto<9.4.1 buffer-overrun http://secunia.com/advisories/62806 ghostscript-gpl<9.06nb4 multiple-vulnerabilities http://www.ocert.org/advisories/ocert-2015-001.html e2fsprogs<1.42.12 heap-overflow http://www.ocert.org/advisories/ocert-2015-002.html vorbis-tools<1.4.0nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640 apache-tomcat>=7.0<7.0.55 security-bypass http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55 apache-tomcat>=6.0<6.0.43 security-bypass http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.43 modular-xorg-server<1.12.4nb8 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0255 cabextract<1.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556 ruby{18,193,200,215}-facter<2.4.1 information-leakage http://puppetlabs.com/security/cve/cve-2015-1426 elasticsearch<1.4.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1427 ruby18-base>=1.8.7<1.8.7.374nb2 denial-of-service http://secunia.com/advisories/62920 antiword<0.37nb2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8123 cups<2.0.2 buffer-overflow https://www.cups.org/str.php?L4551 contao33-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao32<3.2.19 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao33<3.3.7nb1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao34<3.4.4 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 jabberd>=2<999 information-disclosure https://github.com/jabberd2/jabberd2/issues/85 py{25,26,27,33,34}-django<1.6.6 multiple-vulnerabilities http://secunia.com/advisories/60181/ ffmpeg1<1.2.11 multiple-vulnerabilities http://secunia.com/advisories/62968/ ffmpeg2<2.5.2 multiple-vulnerabilities http://secunia.com/advisories/62968/ gnupg2<2.0.27 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/02/13/14 roundcube<1.0.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1433 gcpio<2.13 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1197 sun-j{re,dk}7<7.0.71 multiple-vulnerabilities http://secunia.com/advisories/62516 sudo<1.7.10p9 arbitrary-file-access http://www.sudo.ws/sudo/alerts/tz.html patch>=2.7.1<2.7.3 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/189 zoneminder<1.28.1 security-bypass http://secunia.com/advisories/62918/ php>=5.4<5.4.37nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php>=5.5<5.5.21nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php>=5.6<5.6.5nb1 multiple-vulnerabilities https://bugs.php.net/bug.php?id=68942 php{53,54,55,56}-piwigo<2.7.4 sql-injection http://seclists.org/fulldisclosure/2015/Feb/73 bind>=9.7.0<9.9.6pl2 denial-of-service https://kb.isc.org/article/AA-01235/0 bind>=9.10.1<9.10.1pl2 denial-of-service https://kb.isc.org/article/AA-01235/0 cabextract<1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-2060 suse{,32}_base<13.1 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 typo3>=4.5.0<4.5.39 authentication-bypass http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-001/ lame<3.99.5nb2 arbitrary-code-execution http://secunia.com/advisories/62995/ php>=5.4<5.4.37 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.5<5.5.21 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.6<5.6.5 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.4<5.4.36 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.5<5.5.20 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.6<5.6.4 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 ffmpeg2<2.5.4 unknown http://secunia.com/advisories/62944 ffmpeg1<1.2.12 unknown http://secunia.com/advisories/63009 clamav<0.96.6 denial-of-service http://secunia.com/advisories/62443 sun-{jdk,jre}7>=6.0.85<6.0.86 unspecified https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}7>=7.0.72<7.0.73 unspecified https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA mit-krb5<1.10.7nb5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355 php>=5.4<5.4.36 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.5<5.5.20 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.6<5.6.4 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.4<5.4.37 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.5<5.5.21 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.6<5.6.5 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.4<5.4.37 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 php>=5.5<5.5.21 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 php>=5.6<5.6.5 out-of-bounds-read https://bugs.php.net/bug.php?id=68735 mysql-client>5.6<5.6.21 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-server>5.6<5.6.21 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL suse{,32}_krb5-[0-9]* denial-of-service http://www.secunia.com/advisories/62976 openjdk7-bin-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.6<3.6.25 unexpected-code-execution https://www.samba.org/samba/security/CVE-2015-0240 ruby{18,193,200,215}-redcloth-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6684 xdg-utils<1.1.1 command-injection https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777722 xentools45<4.5.0nb2 unexpected-backend https://xenbits.xen.org/xsa/#XSA-119 xentools42<4.2.5nb3 unexpected-backend https://xenbits.xen.org/xsa/#XSA-119 xentools41-[0-9]* possibly-unexpected-backend https://xenbits.xen.org/xsa/#XSA-119 xentools33-[0-9]* possibly-unexpected-backend https://xenbits.xen.org/xsa/#XSA-119 xentools3-[0-9]* possibly-unexpected-backend https://xenbits.xen.org/xsa/#XSA-119 xentools3-hvm-[0-9]* possibly-unexpected-backend https://xenbits.xen.org/xsa/#XSA-119 xenkernel45<4.5.0nb1 information-leak https://xenbits.xen.org/xsa/advisory-121.html xenkernel42<4.2.5nb4 information-leak https://xenbits.xen.org/xsa/advisory-121.html xenkernel41<4.1.6.1nb14 information-leak https://xenbits.xen.org/xsa/advisory-121.html xenkernel33-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-121.html xenkernel3-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-121.html xenkernel45<4.5.0nb1 information-leak https://xenbits.xen.org/xsa/advisory-122.html xenkernel42<4.2.5nb4 information-leak https://xenbits.xen.org/xsa/advisory-122.html xenkernel41<4.1.6.1nb14 information-leak https://xenbits.xen.org/xsa/advisory-122.html xenkernel33-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-122.html xenkernel3-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-122.html xenkernel45<4.5.0nb2 memory-corruption https://xenbits.xen.org/xsa/advisory-123.html xenkernel42<4.2.5nb5 memory-corruption https://xenbits.xen.org/xsa/advisory-123.html xenkernel41<4.1.6.1nb15 memory-corruption https://xenbits.xen.org/xsa/advisory-123.html xenkernel33-[0-9]* memory-corruption https://xenbits.xen.org/xsa/advisory-123.html xenkernel3-[0-9]* memory-corruption https://xenbits.xen.org/xsa/advisory-123.html ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932 ImageMagick<6.9.0.5 denial-of-service http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933 suse{,32}_base<13.1nb8 denial-of-service http://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html firefox31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 xulrunner31>=31<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.5 thunderbird<31.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.5 firefox>=35.0.1<36 multiple-vulnerabilities https://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox36 dojo<1.10.3 multiple-vulnerabilities http://dojotoolkit.org/blog/dojo-security-advisory-2014-12-08 p5-gtk2-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3173 rt4<4.2.10 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/rt-4210-released.html rt<3.8.17nb4 multiple-vulnerabilities http://blog.bestpractical.com/2015/02/security-vulnerabilities-in-rt.html tcllib<1.15nb1 cross-site-scripting http://core.tcl.tk/tcllib/tktview/09110adc430de8c91d26015f9697cdd099755e63 tcl-snack-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303 glusterfs<3.5.3 denial-of-service https://github.com/gluster/glusterfs/blob/v3.5.3/doc/release-notes/3.5.3.md gnupg<1.4.19 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html libgcrypt<1.6.3 multiple-vulnerabilities http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html jenkins<1.596.1 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27 qt4-libs<4.8.6nb4 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html qt5-qtbase<5.4.0nb1 denial-of-service http://lists.qt-project.org/pipermail/announce/2015-February/000059.html unace-[0-9]* buffer-overflow https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003 gnats<4.2.0 local-privilege-escalation http://permalink.gmane.org/gmane.org.fsf.announce/2284 py{26,27}-rope-[0-9]* remote-code-execution https://github.com/python-rope/rope/issues/105 wireshark<1.10.13 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.13.html openssl>1.0.2<1.0.2a denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 openssl>1.0.2<1.0.2a denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 tcpdump<4.6.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140 tcpdump<4.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261 tcpdump<4.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2153 tcpdump<4.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154 tcpdump<4.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2155 librsvg<2.40.8 denial-of-service https://download.gnome.org/sources/librsvg/2.40/librsvg-2.40.8.news libssh2<1.5.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782 cups-filters<1.0.66 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336 cups-filters<1.0.53 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337 opera<28 unknown-impact http://www.opera.com/docs/changelogs/unified/2800/ suse{,32}_freetype2<13.1nb2 multiple-vulnerabilities http://www.suse.com/support/update/announcement/2015/suse-su-20150463-1.html adobe-flash-plugin<11.2.202.451 multiple-vulnerabilities http://helpx.adobe.com/security/products/flash-player/apsb15-05.html py{26,27,33,34}-django<1.7.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241 percona-toolkit<2.2.13 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1027 libXfont<1.5.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802 libXfont<1.5.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803 libXfont<1.5.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804 phpmyadmin<4.3.11.1 cross-site-scripting http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php openssl>0.9.8<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.1<1.0.1m multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt openssl>1.0.2<1.0.2a multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt suse{,32}_openssl>=12.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt suse{,32}_openssl>=13.1 multiple-vulnerabilities https://www.openssl.org/news/secadv_20150319.txt binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ avr-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ avr-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ binutils-mips-current<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ binutils-mips-current<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ freemint-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ freemint-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ h8300-elf-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ h8300-elf-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ h8300-hms-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ h8300-hms-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ mingw-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ mingw-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ nios2-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ nios2-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ cross-binutils<2.25 out-of-bounds-write http://www.cvedetails.com/cve/CVE-2014-8501/ cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8502/ cross-binutils<2.25 denial-of-service http://www.cvedetails.com/cve/CVE-2014-8503/ xerces-c<3.1.2 multiple-vulnerabilities http://secunia.com/advisories/63516/ firefox<36.0.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ firefox<36.0.4 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ firefox31<31.5.2 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ firefox31<31.5.3 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/ seamonkey<2.33.1 privilege-escalation https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ icu<55.1 integer-overflow http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654 nodejs<0.10.37 privilege-escalation http://blog.nodejs.org/2015/03/14/node-v0-10-37-stable tiff<4.0.4beta multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=10.0 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=12.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html suse{,32}_libtiff>=13.1 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0112.html putty<0.64 privacy-leak http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html ffmpeg2<2.5.1 use-after-free http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933 gnutls<3.1.0 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-0282 gnutls<3.3.13 ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2015-0294 moodle>=2.6<2.6.8 multiple-vulnerabilities http://secunia.com/advisories/62957/ moodle>=2.7<2.7.5 multiple-vulnerabilities http://secunia.com/advisories/62957/ moodle>=3.8<3.8.3 multiple-vulnerabilities http://secunia.com/advisories/62957/ lasso<2.4.1 denial-of-service http://secunia.com/advisories/63310/ cups-filters<1.0.66 remote-code-execution http://secunia.com/advisories/63033/ file<5.21 multiple-vulnerabilities http://secunia.com/advisories/63423/ file<5.22 denial-of-service https://www.debian.org/security/2015/dsa-3196 php>=5.4<5.4.39 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html php>=5.5<5.5.23 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html php>=5.6<5.6.7 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3195.en.html py{26,27,33,34}-django>=1.4<1.4.20 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ py{26,27,33,34}-django>=1.6<1.6.11 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ py{26,27,33,34}-django>=1.7<1.7.7 cross-site-scripting https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ python27<2.7.7 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python33<3.3.6 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python34<3.4.1 arbitrary-memory-access http://openwall.com/lists/oss-security/2014/06/24/7 python33<3.3.4 denial-of-service http://seclists.org/oss-sec/2013/q4/558 python34<3.4.0 denial-of-service http://seclists.org/oss-sec/2013/q4/558 drupal>=6<6.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001 drupal>=7<7.35 spoofing-attacks https://www.drupal.org/SA-CORE-2015-001 suse{,32}_base>=10.0<13.1nb9 invalid-file-descriptor-reuse http://www.openwall.com/lists/oss-security/2015/01/28/20 suse{,32}_base>=10.0<13.1nb9 buffer-overrun http://www.openwall.com/lists/oss-security/2015/02/04/1 libzip<0.11.2nb1 integer-overflow http://www.openwall.com/lists/oss-security/2015/03/18/1 py{26,27,34,35,36}-mercurial<3.2.4 command-injection http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html php>5.5<5.5.22 use-after-free https://bugs.php.net/bug.php?id=68901 php>5.6<5.6.6 use-after-free https://bugs.php.net/bug.php?id=68901 tor>=0.2.4<0.2.4.26 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html tor>=0.2.5<0.2.5.11 denial-of-service https://lists.torproject.org/pipermail/tor-talk/2015-March/037281.html gnupg<1.4.19 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html gnupg2<2.0.27 sensitive-information-disclosure http://lists.gnupg.org/pipermail/gnupg-users/2015-March/053276.html php>=5.4<5.4.39 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.39 php>=5.5<5.5.23 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.23 php>=5.6<5.6.7 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.7 mono>=3<3.12.1 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q1/869 jenkins<1.596.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23 qemu<2.3.0 denial-of-service https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html suse{,32}_qt4-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html e2fsprogs<1.42.12 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572 py{26,27,33,34}-numpy<1.9.2 insecure-temp-file https://github.com/numpy/numpy/commit/0bb46c1448b0d3f5453d5182a17ea7ac5854ee15 libtasn1<4.4 stack-overflow http://lists.gnu.org/archive/html/help-libtasn1/2015-03/msg00002.html nginx>=1.5<1.5.12 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html nginx>=1.3.15<1.4.7 heap-overflow http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9706 py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838 shibboleth-sp<2.5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2684 mailman<2.1.20 input-validation https://mail.python.org/pipermail/mailman-announce/2015-March/000207.html stunnel<5.14 security-bypass http://www.stunnel.org/pipermail/stunnel-announce/2015-March/000096.html subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0202-advisory.txt ap{22,24}-subversion<1.8.13 denial-of-service http://subversion.apache.org/security/CVE-2015-0248-advisory.txt ap{22,24}-subversion<1.8.13 spoofing http://subversion.apache.org/security/CVE-2015-0251-advisory.txt mediawiki<1.24.2 multiple-vulnerabilities https://www.mediawiki.org/wiki/Release_notes/1.24#MediaWiki_1.24.2 xentools45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools42<4.2.5nb4 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools41<4.1.6.1nb7 denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xentools3-hvm-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel33-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html xenkernel3-[0-9]* denial-of-service http://xenbits.xenproject.org/xsa/advisory-126.html apache-cassandra<2.1.4 remote-code-execution http://www.openwall.com/lists/oss-security/2015/04/01/6 firefox<37 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37 firefox<37.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox37.0.1 firefox31<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.6 thunderbird<31.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.6 tor<0.2.5.12 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2928 ntp<4.2.8p2 spoofing-attacks https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 ntp<4.2.8p2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 pigz<2.3.3 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1191 chrony<1.31.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1853 asterisk>=1.8<1.8.32.3 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=11.0<11.17.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=12.0<12.8.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html asterisk>=13.0<13.3.2 man-in-the-middle http://downloads.digium.com/pub/security/AST-2015-003.html dpkg<1.16.16 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840 icecast<2.4.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026 php55-gd<5.5.21 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 php56-gd<5.6.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 gd<2.1.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 arj<3.10.22nb2 symlink-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0556 arj<3.10.22nb2 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0557 arj<3.10.22nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2782 coreutils<8.22nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 less<475 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9488 gtk3+<3.11.4 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949 erlang<17.0 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693 xlockmore{,-lite}<5.45 security-bypass http://calypso.tux.org/pipermail/xlock-announce/2014/000059.html jetty-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254 wesnoth<1.12.2 remote-file-read https://bugs.mageia.org/show_bug.cgi?id=15685 php{53,54,55,56}-orangehrm-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/535245 tor>=0.2.4.0<0.2.4.27 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released tor>=0.2.5.0<0.2.5.12 multiple-vulnerabilities https://blog.torproject.org/blog/tor-02512-and-0267-are-released socat<1.7.3.0 denial-of-service http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt xenkernel45<4.5.0nb4 denial-of-service https://xenbits.xen.org/xsa/advisory-127.html xenkernel33-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-125.html xenkernel41<4.1.6.1nb16 denial-of-service https://xenbits.xen.org/xsa/advisory-125.html xenkernel42<4.2.5nb6 denial-of-service https://xenbits.xen.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-125.html libX11<1.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7439 chrony<1.31.1 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3222 php>=5.4<5.4.40 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.40 php>=5.5<5.5.24 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.24 php>=5.6<5.6.8 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.8 qt4-libs<4.8.7 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html qt5-libs<5.4.2 multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html suse{,32}_qt4-[0-9]* multiple-vulnerabilities http://lists.qt-project.org/pipermail/announce/2015-April/000067.html adobe-flash-plugin<11.2.202.457 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-06.html ruby200-base<2.0.0p645 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ ruby21-base<2.1.6 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ ruby22-base<2.2.2 ssl-cert-spoofing https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ libX11<1.5.1 multiple-vulnerabilities http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/ sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk7<1.7.80 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk8<1.8.45 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA libxml2<2.9.2nb2 denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1211278 #not applicable: mod_copy not enabled and no option to enable it #proftpd-[0-9]* security-bypass http://bugs.proftpd.org/show_bug.cgi?id=4169 sqlite3<3.8.9 multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html suse{,32}_sqlite3-[0-9]* multiple-vulnerabilities http://lcamtuf.blogspot.dk/2015/04/finding-bugs-in-sqlite-easy-way.html icecast<2.4.2 denial-of-service http://lists.xiph.org/pipermail/icecast-dev/2015-April/002460.html ruby18-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby193-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby200-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 ruby215-rest-client<1.7.3 sensitive-information-exposure https://github.com/rest-client/rest-client/issues/349 gst-plugins0.10-bad-[0-9]* arbitrary-code-execution https://www.debian.org/security/2015/dsa-3225 pppd<2.4.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310 gnutls<3.3.14 arbitrary-code-execution http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8077 libksba<1.3.3 multiple-vulnerabilities https://blog.fuzzing-project.org/7-Multiple-vulnerabilities-in-GnuPG,-libksba-and-GpgOL-TFPA-0032015.html openssl>=1.0.2<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 suse{,32}_openssl<1.0.2d multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 mysql-server>=5.5<5.5.43 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL mysql-client>=5.5<5.5.43 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL libxml2<2.9.2nb3 arbitrary-memory-access https://bugzilla.gnome.org/show_bug.cgi?id=746048 firefox<37.0.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ p5-Module-Signature<0.75 multiple-vulnerabilities http://seclists.org/oss-sec/2015/q2/59 xenkernel42<4.2.5nb8 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html xenkernel45<4.5.1 sensitive-information-exposure http://xenbits.xenproject.org/xsa/advisory-132.html curl>=7.37.0<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422A.html curl>=7.10.6<7.42.0 security-bypass http://curl.haxx.se/docs/adv_20150422B.html curl>=7.10.6<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422C.html curl>=7.37.0<7.42.0 arbitrary-memory-access http://curl.haxx.se/docs/adv_20150422D.html wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/ php{53,54,55}-ja-wordpress<4.1.2 multiple-vulnerabilities https://wordpress.org/news/2015/04/wordpress-4-1-2/ salt<2014.7.4 symlink-attack http://docs.saltstack.com/en/latest/topics/releases/2014.7.4.html net-snmp<5.7.3nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-5621 wpa_supplicant>=1.0<2.5 heap-overflow http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt dnsmasq<2.73rc4 arbitrary-memory-access https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1502/ pdns-recursor<3.7.2 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ powerdns<3.4.4 denial-of-service http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ file<5.22nb1 denial-of-service https://github.com/file/file/commit/3046c231e1a2fcdd5033bea0603c23f435a00bd7 t1utils<1.39 buffer-overflow https://github.com/kohler/t1utils/issues/4 magento-[0-9]* multiple-vulnerabilities http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/ libreoffice4<4.4.2.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ libreoffice4-bin<4.4.2 arbitrary-code-execution https://www.libreoffice.org/about-us/security/advisories/cve-2015-1774/ wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/ php{53,54,55}-ja-wordpress<4.2.2 cross-site-scripting https://wordpress.org/news/2015/05/wordpress-4-2-2/ librsync<1.0.0 weak-hash https://github.com/librsync/librsync/issues/5 elasticsearch>1.4<=1.4.4 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released elasticsearch>1.5<=1.5.2 directory-traversal https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released glusterfs<3.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 glusterfs-3.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 ffmpeg<2.6.2 array-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 horde<5.2.5 cross-site-scripting http://lists.horde.org/archives/announce/2015/001088.html imp<6.2.8 cross-site-scripting http://lists.horde.org/archives/announce/2015/001089.html mysql-client<5.7.3 ssl-downgrade http://www.ocert.org/advisories/ocert-2015-003.html libarchive<3.1.2nb1 denial-of-service https://github.com/libarchive/libarchive/issues/502 clamav<0.98.7 multiple-vulnerabilities http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release libtasn1<4.5 heap-overflow https://lists.gnu.org/archive/html/help-libtasn1/2015-04/msg00000.html squid<3.5.4 ssl-cert-spoofing http://www.squid-cache.org/Advisories/SQUID-2015_1.txt curl>=7.1<7.42.1 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150429.html libssh<0.65 double-free https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/ p5-XML-LibXML<2.0119 remote-file-read http://seclists.org/oss-sec/2015/q2/313 mariadb-server<5.5.43 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ pound<2.7 man-in-the-middle-attack https://www.debian.org/security/2015/dsa-3253 apache-tomcat>=6.0<6.0.44 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 apache-tomcat>=7.0<7.0.55 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 apache-tomcat>=8.0<8.0.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230 salt<2015.5.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/05/02/1 wpa_supplicant<2.5 multiple-vulnerabilities http://seclists.org/bugtraq/2015/May/77 icu<55.1 multiple-vulnerabilities https://raw.githubusercontent.com/pedrib/PoC/master/generic/i-c-u-fail.txt postgresql9{0,1,2,3,4}-postgis2<2.1.3 security-bypass http://postgis.net/2014/05/19/postgis-2.0.6_and_2.1.3 libraw<0.16.1 denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html ruby{193,200,215}-redcarpet<3.2.3 cross-site-scripting http://openwall.com/lists/oss-security/2015/04/07/11 dcraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html gimp-ufraw-[0-9]* denial-of-service http://www.ocert.org/advisories/ocert-2015-006.html adobe-flash-plugin<11.2.202.460 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-09.html wireshark<1.10.14 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.10.14.html firefox<38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 firefox31<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.7 firefox36-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ thunderbird<31.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 firefox24-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird24-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh<6.6.1nb6 heap-overflow http://www.openwall.com/lists/oss-security/2015/05/16/3 php{54,55,56}-concrete5<5.7.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2250 testdisk<7.0 multiple-vulnerabilities http://www.cgsecurity.org/wiki/TestDisk_7.0_Release p5-Module-Signature<0.75 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/04/07/1 phpmyadmin<4.3.13.1 man-in-the-middle-attack http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php qemu<2.2.1nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 qemu>=2.3.0<2.3.0nb1 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3456 xentools42<4.2.5nb5 privilege-escalation https://xenbits.xen.org/xsa/advisory-133.html xentools45<4.5.0nb4 privilege-escalation https://xenbits.xen.org/xsa/advisory-133.html apache-tomcat>=6.0<6.0.44 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@@apache.org%3E apache-tomcat>=7.0<7.0.59 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@@apache.org%3E apache-tomcat>=8.0<8.0.18 local-security-bypass http://mail-archives.us.apache.org/mod_mbox/www-announce/201505.mbox/%3C5554AB1C.7050606@@apache.org%3E php>=5.4<5.4.41 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.41 php>=5.5<5.5.25 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.25 php>=5.6<5.6.9 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.9 qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9718 qemu<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2756 fcgi<2.4.0nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6687 ipsec-tools<0.7.3nb3 null-dereference https://www.altsci.com/ipsec/ipsec-tools-sa.html zeromq<4.0.6 protocol-downgrade https://www.debian.org/security/2015/dsa-3255 zeromq>=4.1.0<4.1.1 protocol-downgrade https://www.debian.org/security/2015/dsa-3255 moodle>=2.8<2.8.6 multiple-vulnerabilities http://secunia.com/advisories/64167/ moodle>=2.7<2.7.8 multiple-vulnerabilities http://secunia.com/advisories/64167/ moodle>=2.6<2.6.11 multiple-vulnerabilities http://secunia.com/advisories/64167/ avidemux<2.6.8 multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0233.html libntfs-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268 fuse-ntfs-3g-[0-9]* privilege-escalation https://www.debian.org/security/2015/dsa-3268 postgresql90-server<9.0.20 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql91-server<9.1.16 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql92-server<9.2.11 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql93-server<9.3.7 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ postgresql94-server<9.4.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1587/ pgbouncer<1.5.5 denial-of-service http://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/ cups<2.0.3 privilege-escalation http://www.cups.org/str.php?L4609 php>=5.4<5.4.42nb1 use-after-free https://bugs.php.net/bug.php?id=69737 php>=5.5<5.5.26nb1 use-after-free https://bugs.php.net/bug.php?id=69737 php>=5.6<5.6.10nb1 use-after-free https://bugs.php.net/bug.php?id=69737 elasticsearch<1.6.0 unknown-impact https://www.elastic.co/blog/elasticsearch-1-6-0-released concrete5<5.7.4.1 sql-injection http://karmainsecurity.com/KIS-2015-03 concrete5<5.7.4 cross-site-scripting http://karmainsecurity.com/KIS-2015-02 concrete5<5.7.4 remote-code-execution http://karmainsecurity.com/KIS-2015-01 openssl>1.0.1<1.0.1n multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt openssl>1.0.2<1.0.2b multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv_20150611.txt jdbc-mysql<5.1.35 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575 xentools42<4.2.5nb12 heap-overflow https://xenbits.xen.org/xsa/advisory-135.html xentools45<4.5.3 heap-overflow https://xenbits.xen.org/xsa/advisory-135.html qemu<2.4.0 heap-overflow https://lists.gnu.org/archive/html/qemu-devel/2015-06/msg02847.html qemu<2.4.0 denial-of-service http://www.openwall.com/lists/oss-security/2015/05/23/4 xentools33-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-128.html xentools41-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-128.html xentools42<4.2.5nb12 denial-of-service https://xenbits.xen.org/xsa/advisory-128.html xentools45<4.5.1 denial-of-service https://xenbits.xen.org/xsa/advisory-128.html xentools33-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-129.html xentools41-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-129.html xentools42<4.2.5nb12 denial-of-service https://xenbits.xen.org/xsa/advisory-129.html xentools45<4.5.1 denial-of-service https://xenbits.xen.org/xsa/advisory-129.html xentools33-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-130.html xentools41-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-130.html xentools42<4.2.5nb12 denial-of-service https://xenbits.xen.org/xsa/advisory-130.html xentools45<4.5.1 denial-of-service https://xenbits.xen.org/xsa/advisory-130.html xentools33-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-131.html xentools41-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-131.html xentools42<4.2.5nb12 denial-of-service https://xenbits.xen.org/xsa/advisory-131.html xentools45<4.5.1 denial-of-service https://xenbits.xen.org/xsa/advisory-131.html xentools3-[0-9]* null-dereference https://xenbits.xen.org/xsa/advisory-136.html xentools33-[0-9]* null-dereference https://xenbits.xen.org/xsa/advisory-136.html xentools41-[0-9]* null-dereference https://xenbits.xen.org/xsa/advisory-136.html xentools42<4.2.5nb12 null-dereference https://xenbits.xen.org/xsa/advisory-136.html xenkernel42<4.2.5nb8 null-dereference https://xenbits.xen.org/xsa/advisory-136.html xentools45<4.5.1 null-dereference https://xenbits.xen.org/xsa/advisory-136.html xenkernel45<4.5.1 null-dereference https://xenbits.xen.org/xsa/advisory-136.html ffmpeg2<2.6.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 ffmpeg2<2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3417 sqlite3<3.8.9 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416 p7zip-9.20.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038 suse{,32}_base>=13.1<13.1nb9 privilege-escalation http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00020.html drupal>=6<6.36 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002 drupal>=7<7.38 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-002 cacti<0.8.8d sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665 libmimedir-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3205 wpa_supplicant<2.5 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4141 wpa_supplicant<2.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146 wpa_supplicant<2.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145 xentools42<4.2.5nb12 null-dereference https://xenbits.xen.org/xsa/advisory-134.html xenkernel42<4.2.5nb8 null-dereference https://xenbits.xen.org/xsa/advisory-134.html xentools45<4.5.1 null-dereference https://xenbits.xen.org/xsa/advisory-134.html xenkernel45<4.5.1 null-dereference https://xenbits.xen.org/xsa/advisory-134.html wpa_supplicant<2.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142 wpa_supplicant<2.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143 adobe-flash-plugin<11.2.202.466 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-11.html libxml2<2.9.2 denial-of-service https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df nginx>=1.6<1.6.2 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html nginx>=1.7<1.7.5 man-in-the-middle-attack http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html mantis<1.2.16 multiple-vulnerabilities http://www.mantisbt.org/blog/?p=275 freeradius<2.2.8 invalid-crl-checks http://www.ocert.org/advisories/ocert-2015-008.html adobe-flash-plugin<11.2.202.468 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-14.html curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617A.html curl<7.43.0 sensitive-information-exposure http://curl.haxx.se/docs/adv_20150617B.html wireshark<1.12.6 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.6.html ruby{18,193,200,215}-rubygems<2.4.8 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4020 cryptopp<5.6.3 sensitive-information-exposure http://www.mail-archive.com/cryptopp-users@@googlegroups.com/msg07835.html haproxy<1.5.14 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3281 openssl<1.0.1o signature-forgery https://www.openssl.org/news/secadv_20150709.txt openssl>1.0.2<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt suse{,32}_openssl<1.0.2c signature-forgery https://www.openssl.org/news/secadv_20150709.txt geeklog>=2.1.0<2.1.0nb1 cross-site-scripting https://www.geeklog.net/article.php/file-manager-vulnerability contao34-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libwmf<0.2.8.4nb16 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0848 libwmf<0.2.8.4nb16 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4696 fuse>=2.0<2.9.4 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3202 libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4695 libwmf<0.2.8.4nb16 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4588 firefox<39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox39 firefox31<31.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8 firefox38<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.1 thunderbird<38.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 thunderbird31-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr31.8 nss<3.19.1 ssl-downgrade https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes bind>=9.7.1<9.9.7pl1 denial-of-service https://kb.isc.org/article/AA-01267 bind>=9.10.1<9.10.2pl2 denial-of-service https://kb.isc.org/article/AA-01267 adobe-flash-plugin<11.2.202.481 use-after-free https://helpx.adobe.com/security/products/flash-player/apsb15-16.html cups-filters<1.0.71 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3279 cups-filters<1.0.70 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 ntp<4.2.8p3 multiple-vulnerabilities http://bugs.ntp.org/show_bug.cgi?id=2853 nodejs<0.12.6 memory-corruption http://blog.nodejs.org/2015/07/03/node-v0-12-6-stable/ adobe-flash-plugin<11.2.202.491 remote-hijacking https://helpx.adobe.com/security/products/flash-player/apsa15-04.html py{26,27,33,34}-django>=1.4<1.4.21 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ py{26,27,33,34}-django>=1.7<1.7.9 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ py{26,27,33,34}-django>=1.8<1.8.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ cacti<0.8.8d cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967 ruby{18,193,200,21,22}-redcarpat<3.3.2 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5147 elasticsearch<1.6.1 remote-code-execution https://discuss.elastic.co/t/elasticsearch-remote-code-execution-cve-2015-5377/25736 elasticsearch>=1.0.0<1.6.1 directory-traversal https://discuss.elastic.co/t/elasticsearch-directory-traversal-vulnerability-cve-2015-5531/25737 mysql-server>=5.5<5.5.44 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.5<5.5.44 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-server>=5.6<5.6.25 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.6<5.6.25 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL db5-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixBDB sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA oracle-{jdk,jre}8<8.0.51 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk7-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk8<1.8.51 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA xentools41-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-137.html xentools42<4.2.5nb12 privilege-escalation https://xenbits.xen.org/xsa/advisory-137.html xentools45<4.5.1nb5 privilege-escalation https://xenbits.xen.org/xsa/advisory-137.html tidy>=20000804<20091027nb6 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2015/07/15/3 apache>=2.2<2.2.31 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3183 apache>=2.4<2.4.14 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3185 cacti<0.8.8e sql-injection http://www.openwall.com/lists/oss-security/2015/07/18/4 openssh<6.9.1nb1 brute-force-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600 expat<2.1.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283 bind>=9.7.1<9.9.7pl2 denial-of-service https://kb.isc.org/article/AA-01272 bind>=9.10.1<9.10.2pl3 denial-of-service https://kb.isc.org/article/AA-01272 dhcpcd<6.2.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7912 dhcpcd<6.10.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7913 xmltooling<1.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt opensaml<2.5.5 denial-of-service http://shibboleth.net/community/advisories/secadv_20150721.txt wordpress<4.2.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3440 php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622 php{54,55,56}-ja-wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623 wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5622 wordpress<4.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5623 squid<3.5.6 security-bypass http://www.squid-cache.org/Advisories/SQUID-2015_2.txt ruby{18,193,200,21,22}-redmine<3.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-redmine<3.1.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-rack<1.5.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 ruby{18,193,200,21,22}-rack>=1.6<1.6.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 nbpatch<20151107 arbitrary-code-execution https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-001.txt openafs<1.6.13 remote-code-execution http://www.openafs.org/pages/security/OPENAFS-SA-2015-002.txt openafs<1.6.13 sensitive-information-disclosure http://www.openafs.org/pages/security/OPENAFS-SA-2015-003.txt openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt openafs<1.6.13 authentication-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt openafs<1.6.13 denial-of-service http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt ghostscript-gpl<9.06nb7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 ghostscript-agpl<9.16 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429 php{54,55,56}-ja-wordpress<4.2.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3429 openssh<6.9 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352 wordpress<4.1.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 php{54,55,56}-ja-wordpress<4.1.2 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 suse_openldap<13.1nb1 denial-of-service https://www.suse.com/security/cve/CVE-2015-1546.html firefox<40.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 firefox38<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2 adobe-flash-plugin<11.2.202.508 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-19.html libxml2<2.9.2nb3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819 gnutls<2.9.10 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8155 vlc<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9743 openssh<7.0 privilege-escalation http://seclists.org/fulldisclosure/2015/Aug/54 ap24-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3184-advisory.txt ap{22,24}-subversion<1.8.14 information-disclosure http://subversion.apache.org/security/CVE-2015-3187-advisory.txt gdk-pixbuf2<2.30.8nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 rt4<4.2.12 multiple-vulnerabilities https://bestpractical.com/release-notes/rt/4.2.12 xentools42<4.2.5nb12 privilege-escalation https://xenbits.xen.org/xsa/advisory-139.html xentools45<4.5.1nb5 privilege-escalation https://xenbits.xen.org/xsa/advisory-139.html xentools42<4.2.5nb12 arbitrary-code-execution https://xenbits.xen.org/xsa/advisory-138.html xentools45<4.5.1nb5 arbitrary-code-execution https://xenbits.xen.org/xsa/advisory-138.html xentools42<4.2.5nb12 information-disclosure https://xenbits.xen.org/xsa/advisory-140.html xentools45<4.5.1nb5 information-disclosure https://xenbits.xen.org/xsa/advisory-140.html ansible<1.9.2 ssl-cert-spoofing http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3908 jabberd>=2<999 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2058 clutter<1.16.2 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3213 libidn<1.31 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2059 firefox<38.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-93/ firefox38<38.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2 py{27,33,34}-django>=1.8<1.8.4 denial-of-service https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ vlc<2.2.2 arbitrary-code-execution http://www.ocert.org/advisories/ocert-2015-009.html gnutls<3.3.17 double-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 thunderbird<38.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.2 xfsprogs<3.2.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2150 mantis<1.2.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8987 drupal>=6<6.37 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003 drupal>=7<7.39 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2015-003 wireshark<1.12.7 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html qemu<2.4.0 insecure-temp-files https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037 firefox<40.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 firefox38<38.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2.1 bind>=9.0.0<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01287/0 bind>=9.9.7<9.9.7pl2nb1 denial-of-service https://kb.isc.org/article/AA-01291/0 bind>=9.10.0<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01287/0 bind>=9.10.2<9.10.2pl3nb1 denial-of-service https://kb.isc.org/article/AA-01291/0 qemu<2.3.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3214 screen<4.3.1 stack-overflow https://savannah.gnu.org/bugs/?45713 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6818 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6826 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6819 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6825 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6824 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6823 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6821 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6822 ffmpeg<2.7.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6820 xentools44-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-141.html xentools45<4.5.3 denial-of-service https://xenbits.xen.org/xsa/advisory-141.html openslp<1.2.1nb8 denial-of-service https://security-tracker.debian.org/tracker/CVE-2015-5177 rt4<4.2.12 code-injection http://blog.bestpractical.com/2015/08/rt-4212-released.html libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 openldap-server<2.4.43 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6908 magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1570 magento<1.9.2.1 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2015-6497 powerdns>=3.4.0<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5230 mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7444 mediawiki>=1.23.0<1.23.10 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.24.0<1.24.3 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.25.0<1.25.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6727 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6729 mediawiki>=1.23.0<1.23.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 mediawiki>=1.24.0<1.24.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 mediawiki>=1.25.0<1.25.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6735 gnutls<3.3.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3308 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6730 mediawiki>=1.23.0<1.23.10 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.24.0<1.24.3 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.25.0<1.25.2 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6728 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6734 mediawiki>=1.23.0<1.23.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 mediawiki>=1.24.0<1.24.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 mediawiki>=1.25.0<1.25.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6737 rt4<4.2.12 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6506 jenkins-[0-9]* cross-site-request-forgeries http://seclists.org/bugtraq/2015/Aug/161 qemu<2.4.0 information-disclosure https://xenbits.xen.org/xsa/advisory-140.html qemu<2.4.0 buffer-overflow http://seclists.org/oss-sec/2015/q3/302 qemu<2.4.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154 firefox31-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird31-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner31-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages squid<3.5.9 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2015_3.txt qemu<2.4.0.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-5225 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278 qemu<2.4.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5279 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-6815 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740 go<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5739 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5740 go14<1.4.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2015-5741 bugzilla<5.0.1 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4499 phpmyadmin<4.3.13.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830 icu<55.1nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270 adobe-flash-plugin<11.2.202.521 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575 vorbis-tools<1.4.0nb6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6749 firefox<41 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 firefox38<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.3 h2o<1.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5638 owncloudclient<1.8.2 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-009 freetype2<2.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9745 typo3<6.2.15 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5956 suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1781 remind<3.1.15 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5957 freeimage<3.17.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0852 ipython>=3.0<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7337 php>=5.4<5.4.45 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.4.45 php>=5.5<5.5.29 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.29 php>=5.6<5.6.13 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.13 dojo<1.2 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000153.html icu<53.1 unknown-impact https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5922 icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234 icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5234 icedtea-web<1.5.3 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235 icedtea-web>=1.6<1.6.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5235 php{54,55,56}-matcha-sns<1.3.7 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5644 php{54,55,56}-matcha-sns<1.3.7 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5645 p5-Email-Address<1.912 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7686 freetype2<2.5.3 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 php{54,55,56}-basercms<3.0.8 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5640 php{54,55,56}-basercms<3.0.8 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5641 opensmtpd<5.7.3 multiple-vulnerabilities https://www.opensmtpd.org/announces/release-5.7.3.txt adobe-flash-plugin<11.2.202.535 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-25.html adobe-flash-plugin<11.2.202.540 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsa15-05.html firefox<41.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ postgresql90-server<9.0.23 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql91-server<9.1.19 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql92-server<9.2.14 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql93-server<9.3.10 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql94-server<9.4.5 denial-of-service http://www.postgresql.org/about/news/1615/ postgresql90-pgcrypto<9.0.23 information-leak http://www.postgresql.org/about/news/1615/ postgresql91-pgcrypto<9.1.19 information-leak http://www.postgresql.org/about/news/1615/ postgresql92-pgcrypto<9.2.14 information-leak http://www.postgresql.org/about/news/1615/ postgresql93-pgcrypto<9.3.10 information-leak http://www.postgresql.org/about/news/1615/ postgresql94-pgcrypto<9.4.5 information-leak http://www.postgresql.org/about/news/1615/ postgresql84-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql90-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-017 php{54,55,56}-owncloud<8.1.2 remote-code-execution https://owncloud.org/security/advisory/?id=oc-sa-2015-018 mysql-client>=5.5<5.5.45 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL mysql-server>=5.6<5.6.26 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL openjdk8<1.8.65 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA oracle-{jdk,jre}8<8.0.65 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA openjdk7-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk7,jre7}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ntp<4.2.8p4 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner wordpress<4.3.1 security-bypass https://wordpress.org/news/2015/09/wordpress-4-3-1/ openafs<1.6.15 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt openafs>=1.7<1.7.33 information-leak https://www.openafs.org/pages/security/OPENAFS-SA-2015-007.txt asterisk>=1.8<10 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages policykit<0.113 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4625 policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3218 policykit<0.113 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3255 policykit<0.113 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3256 php>=5.5<5.5.30 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.30 gdk-pixbuf2<2.32.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7674 phpmyadmin>=4.3<4.3.13.2 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4 phpmyadmin>=4.4<4.4.14.1 brute-force-attack https://www.phpmyadmin.net/security/PMASA-2015-4 phpmyadmin>=4.4<4.4.15.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5 phpmyadmin>=4.5<4.5.1 spoofing-attack https://www.phpmyadmin.net/security/PMASA-2015-5 xenkernel41<4.1.6.1nb17 privilege-escalation https://xenbits.xen.org/xsa/advisory-148.html xenkernel42<4.2.5nb9 privilege-escalation https://xenbits.xen.org/xsa/advisory-148.html xenkernel45<4.5.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-148.html owncloudclient<2.0.1 man-in-the-middle https://owncloud.org/security/advisory/?id=oc-sa-2015-016 gdk-pixbuf2<2.32.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7673 gdk-pixbuf2-jasper<2.32.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7673 gdk-pixbuf2-xlib<2.32.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7673 wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4 php{54,55,56}-ja-wordpress<4.2.4 cross-site-scripting https://codex.wordpress.org/Version_4.2.4 wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a php{54,55,56}-ja-wordpress<4.3.1 cross-site-scripting https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a jasper<1.900.1nb12 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 jasper<1.900.1nb12 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 jasper<1.900.1nb6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516 jasper<1.900.1nb6 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517 jasper<1.900.1nb9 double-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137 jasper<1.900.1nb8 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029 xenkernel33-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service https://xenbits.xen.org/xsa/advisory-152.html xenkernel42<4.2.5nb9 denial-of-service https://xenbits.xen.org/xsa/advisory-152.html xenkernel45<4.5.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service https://xenbits.xen.org/xsa/advisory-149.html xenkernel42<4.2.5nb9 denial-of-service https://xenbits.xen.org/xsa/advisory-149.html xenkernel45<4.5.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-149.html xenkernel41<4.1.6.1nb17 denial-of-service https://xenbits.xen.org/xsa/advisory-151.html xenkernel42<4.2.5nb9 denial-of-service https://xenbits.xen.org/xsa/advisory-151.html xenkernel45<4.5.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-151.html mariadb55-server<5.5.46 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/ mariadb55-server<5.5.45 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5545-release-notes/ unzip<6.0nb5 remote-code-execution http://www.cvedetails.com/cve/CVE-2015-7696/ unzip<6.0nb5 denial-of-service http://www.cvedetails.com/cve/CVE-2015-7697/ postgresql90-server<9.0.23 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql91-server<9.1.19 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql92-server<9.2.14 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql93-server<9.3.10 buffer-overflow http://www.postgresql.org/about/news/1615/ postgresql94-server<9.4.5 buffer-overflow http://www.postgresql.org/about/news/1615/ xenkernel41-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-150.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-150.html xenkernel45<4.5.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-150.html xenkernel41-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-153.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-153.html xenkernel45<4.5.3 denial-of-service https://xenbits.xen.org/xsa/advisory-153.html p5-HTML-Scrubber<0.15 cross-site-scripting http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000171.html mit-krb5<1.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695 mit-krb5<1.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696 mit-krb5<1.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697 firefox38<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.4 firefox<42.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox42 nss<3.20.1 multiple-vulnerabilities https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.20.1_release_notes mediawiki>=1.25.0<1.25.3 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html mediawiki>=1.24.0<1.24.4 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html mediawiki>=1.23.0<1.23.11 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html adobe-flash-plugin<11.2.202.548 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-28.html roundcube<1.1.3 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8105 libreoffice>=5.0<5.0.1 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice4>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice4-bin>=4.0<4.4.6 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/ libreoffice>=5.0<5.0.0 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/ libreoffice4>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ libreoffice4-bin>=4.0<4.4.5 denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ libreoffice43-[0-9]* denial-of-service http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/ mbedtls<1.3.14 heap-overflow https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 p5-HTML-Scrubber<0.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5667 elasticsearch<1.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4165 elasticsearch<1.6.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5377 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6855 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7295 squid<3.5.2 unauthorized-access http://bugs.squid-cache.org/show_bug.cgi?id=4066 xscreensaver<5.34 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8025 png>=1.0<1.0.64 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.1<1.2.54 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.3<1.4.17 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.5<1.5.24 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 png>=1.6<1.6.19 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8126 mit-krb5<1.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698 wireshark<1.12.8 denial-of-service https://www.wireshark.org/security/wnpa-sec-2015-30.html openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.1<1.0.1m denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>1.0.0<1.0.0r denial-of-service https://www.openssl.org/news/secadv/20150319.txt openssl>0.9.8<0.9.8zf denial-of-service https://www.openssl.org/news/secadv/20150319.txt pcre<8.36 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 pcre<8.36 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 pcre<8.38 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 pcre<8.37 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 pcre<8.38 uninitialized-memory-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 pcre<8.38 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 pcre<8.38 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 pcre<8.38 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre2<10.20 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre<8.38 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 pcre<8.38 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 pcre<8.38 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 pcre<8.38 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 pcre<8.38 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 pcre<8.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 pcre<8.38 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 pcre<8.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 pcre<8.38 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 ffmpeg2<2.8.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8218 ffmpeg2<2.8.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8216 ffmpeg2<2.8.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8217 ffmpeg2<2.8.2 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8219 ffmpeg2<2.8.3 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363 ffmpeg2<2.8.3 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365 ffmpeg2<2.8.3 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364 magento-[0-9]* cross-site-request-forgeries http://www.vulnerability-lab.com/get_content.php?id=1643 magento-[0-9]* input-validation http://www.vulnerability-lab.com/get_content.php?id=1636 proftpd<1.3.5b heap-overflow http://seclists.org/bugtraq/2015/Nov/109 libxml2<2.9.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 libxml2<2.9.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 libxml2<2.9.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_libxml2-[0-9]* out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 suse{,32}_libxml2-[0-9]* out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 suse{,32}_libxml2-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_base-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 suse{,32}_base-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 suse{,32}_base-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 suse{,32}_base-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 suse{,32}_base-[0-9]* uninitialized-memory-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 suse{,32}_base-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 suse{,32}_base-[0-9]* integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 suse{,32}_base-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 suse{,32}_base-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 suse{,32}_base-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 suse{,32}_base-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 suse{,32}_base-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 suse{,32}_base-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 suse{,32}_base-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 suse{,32}_base-[0-9]* sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 suse{,32}_base-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 suse{,32}_base-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 libsndfile<1.0.25 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 libsndfile<1.0.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 suse{,32}_libsndfile<13.1nb2 unknown https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 suse{,32}_libsndfile<13.1nb2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 libxslt<1.1.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995 openssl>=1.0.2<1.0.2e multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt cyrus-imapd>=2.3<2.5.7 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8077 cyrus-imapd>=2.3<2.3.19 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.4<2.4.18 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.5<2.5.4 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.3<2.5.7 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8078 gcc48{,-libs}-[0-9]* insufficiently-random-numbers https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc49{,-libs}<4.9.4 insufficiently-random-numbers https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc50{,-libs}-[0-9]* insufficiently-random-numbers https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 redis<3.0.6 integer-overflow https://security-tracker.debian.org/tracker/CVE-2015-8080 cups-filters<1.0.70 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 jenkins<1.625.2 multiple-vulnerabilities https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 putty>=0.54<0.66 integer-overflow http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html nautilus-[0-9]* denial-of-service http://seclists.org/bugtraq/2015/Dec/11 gdm<3.18.2 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7496 nss<3.20.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ suse{,32}_mozilla-nss-[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ xenkernel45<4.5.3 denial-of-service https://xenbits.xen.org/xsa/advisory-145.html powerdns>=3.4.4<3.4.7 denial-of-service https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ sudo<1.8.15 symlink-attack http://www.sudo.ws/stable.html#1.8.15 salt<2015.8.3 multiple-vulnerabilities https://docs.saltstack.com/en/develop/topics/releases/2015.8.3.html thunderbird<38.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.3 thunderbird<38.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.4 seamonkey<2.39 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.39 openldap<2.4.44nb2 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3276 py{27,33,34}-django>=1.8<1.8.7 information-leak https://www.djangoproject.com/weblog/2015/nov/24/security-releases/ adobe-flash-plugin<11.2.202.554 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb15-32.html cups-filters<1.2.0 input-validation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327 cups-filters<1.4.0 input-validation https://www.debian.org/security/2015/dsa-3419 png>=1.6<1.6.20 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472 ap{22,24}-subversion<1.9.3 information-disclosure http://subversion.apache.org/security/CVE-2015-5343-advisory.txt cacti<0.8.8g sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8377 cups-filters<1.5.0 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560 go<1.5.2nb1 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 grub2<2.0.3 authentication-bypass http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html xenkernel3-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel41-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel42-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel45<4.5.3 privilege-escalation https://xenbits.xen.org/xsa/advisory-162.html xenkernel45<4.5.3 privilege-escalation https://xenbits.xen.org/xsa/advisory-164.html xenkernel45<4.5.1nb2 information-disclosure https://xenbits.xen.org/xsa/advisory-165.html xenkernel45<4.5.1nb2 privilege-escalation https://xenbits.xen.org/xsa/advisory-166.html firefox<43.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43 firefox38<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.5 bind>=9.9.0<9.9.8pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/ bind>=9.10.0<9.10.3pl2 denial-of-service https://kb.isc.org/article/AA-01319/0/ giflib-util<5.1.2 heap-overflow https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7555 tiff<4.0.8nb1 arbitrary-memory-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7554 suse{,32}_libtiff-[0-9]* arbitrary-memory-access http://www.securityfocus.com/archive/1/537205 tiff<4.0.7 heap-overflow http://www.securityfocus.com/archive/1/537208 suse{,32}_libtiff-[0-9]* heap-overflow http://www.securityfocus.com/archive/1/537208 phpmyadmin>=4.0.0.0<4.0.10.12 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ phpmyadmin>=4.4.0.0<4.4.15.2 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ phpmyadmin>=4.5.0.0<4.5.3.1 information-disclosure https://www.phpmyadmin.net/security/PMASA-2015-6/ bugzilla>=2.6<4.2.16 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=4.3.1<4.4.11 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=4.5.1<5.0.2 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1221518 bugzilla>=2.17.1<4.216 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 bugzilla>=4.3.1<4.4.11 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 bugzilla>=4.5.1<5.0.2 information-leak https://bugzilla.mozilla.org/show_bug.cgi?id=1232785 ffmpeg2<2.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8662 ffmpeg2<2.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8661 ffmpeg2<2.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8663 libxml2<2.9.3 multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430 suse{,32}_libxml2-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2015/dsa-3430 thunderbird<38.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5 py{27,33,34,35}-trytond>=3.2<3.8.1 unauthorized-access https://security-tracker.debian.org/tracker/CVE-2015-0861 adobe-flash-plugin<11.2.202.559 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-01.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html webkit-gtk{,3}<2.10.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2015-0002.html netsurf<3.4 multiple-vulnerabilities https://marc.info/?l=oss-security&m=145028560403474&w=2 dpkg<1.16.17 off-by-one https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860 samba>=4.0.0<4.1.22 memory-corruption https://www.samba.org/samba/security/CVE-2015-7540.html samba>=4.0.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-8467.html samba>=4.0.0<4.3.2 out-of-bounds-write https://www.samba.org/samba/security/CVE-2015-5330.html samba>=3.2.0<4.3.2 privilege-escalation https://www.samba.org/samba/security/CVE-2015-5299.html samba>=3.2.0<4.3.2 man-in-the-middle https://www.samba.org/samba/security/CVE-2015-5296.html samba>=3.0.0<4.3.2 symlink-attack https://www.samba.org/samba/security/CVE-2015-5252.html samba>=4.0.0<4.3.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-3223.html nodejs>=0.12<0.12.9 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ nodejs>=4<4.2.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ nodejs>=5<5.1.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/december-2015-security-releases/ pcre<8.38nb1 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 bugzilla<4.2.16 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla<4.2.16 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 bugzilla>=5.0<5.0.2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 wireshark<1.12.9 multiple-vulnerabilities https://www.wireshark.org/docs/relnotes/wireshark-1.12.9.html git-base<2.6.1 arbitrary-code-execution http://www.openwall.com/lists/oss-security/2015/10/06/1 php{54,55,56}-owncloud>8.2.0<8.2.2 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud>8.2.0<8.2.2 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 subversion>1.9<1.9.3 heap-overflow http://subversion.apache.org/security/CVE-2015-5259-advisory.txt qemu<2.6.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7512 nss<3.20.2 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ suse{,32}_mozilla-nss-[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ gummi<0.6.6 symlink-attack http://www.openwall.com/lists/oss-security/2015/10/08/5 typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-010/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-012/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/ typo3>=6.2<6.2.16 cross-site-scripting http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-015/ py{35,34,33,27}-pygments<2.0.2nb1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8557 foomatic-filters>4 input-validation https://www.debian.org/security/2015/dsa-3419 foomatic-filters>4 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8560 ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1897 ffmpeg2<2.8.5 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1898 gnutls<3.3.15 ssl-downgrade https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 gnutls>=3.4<3.4.1 ssl-downgrade https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 prosody<0.9.9 multiple-vulnerabilities http://blog.prosody.im/prosody-0-9-9-security-release/ p5-PathTools<3.62 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607 php{54,55,56}-owncloud<8.0.9 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004 php{54,55,56}-owncloud>8.1.0<8.1.4 information-leak https://owncloud.org/security/advisory/?id=oc-sa-2016-004 php{54,55,56}-owncloud<7.0.12 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.0.0<8.0.10 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud>8.1.0<8.1.5 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-001 php{54,55,56}-owncloud<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud<8.1.0 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-002 php{54,55,56}-owncloud<7.0.12 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 php{54,55,56}-owncloud>8.0.0<8.0.10 information-disclosure https://owncloud.org/security/advisory/?id=oc-sa-2016-003 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1779 nghttp2<1.6.0 unknown-impact https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8659 py{27,33,34,35}-rsa<3.3 signature-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1494 openssh<7.1.1nb2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777 openssh<7.1.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778 openssh<7.1.1nb3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907 isc-dhclient<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcp<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcpd<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 isc-dhcrelay<4.3.3p1 denial-of-service https://kb.isc.org/article/AA-01334 roundcube<1.1.4 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8770 roundcube<1.1.2 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8793 roundcube<1.1.2 arbitrary-file-reading https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8794 gajim<0.16.5 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688 h2o<1.6.2 http-response-splitting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1133 bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01335 bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01335 bind>=9.9.0<9.9.8pl3 denial-of-service https://kb.isc.org/article/AA-01336 bind>=9.10.0<9.10.3pl3 denial-of-service https://kb.isc.org/article/AA-01336 php>=5.5<5.5.28 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.28 php>=5.6<5.6.12 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.12 php>=5.5<5.5.27 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.27 php>=5.6<5.6.11 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.11 php>=7.0<7.0.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.1 php>=5.5<5.5.31 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.5.31 php>=5.6<5.6.17 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.17 php>=7.0<7.0.2 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.2 oracle-{jdk,jre}8<8.0.71 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA openjdk8<1.8.71 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA mysql-server>=5.5<5.5.47 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.6<5.6.28 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.7<5.7.10 multiple-vulnerabilities https://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1899 cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1900 cgit<0.12 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1901 jasper<1.900.2 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1867 suse{,32}_base<13.1nb11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777 suse{,32}_base-[0-9]* stack-overflow https://sourceware.org/bugzilla/show_bug.cgi?id=17905 prosody<0.9.10 spoofing-attack https://prosody.im/security/advisory_20160127/ xenkernel45<4.5.3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-167.html xenkernel45<4.5.3 denial-of-service https://xenbits.xen.org/xsa/advisory-168.html claws-mail<3.13.1 arbitrary-code-execution https://security-tracker.debian.org/tracker/CVE-2015-8614 php55-fpm<5.5.31 buffer-overflow https://bugs.php.net/bug.php?id=70755 php55-fpm<5.6.17 buffer-overflow https://bugs.php.net/bug.php?id=70755 php70-fpm<7.0.2 buffer-overflow https://bugs.php.net/bug.php?id=70755 ruby{18,193,200,21,22}-activesupport>=3.0<4.0 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport<4.1.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-actionpack<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2 ruby{18,193,200,21,22}-activesupport<3.2.22.1 security-bypass https://marc.info/?l=oss-security&m=145375027528562&w=2 ruby{18,193,200,21,22}-actionpack<3.2.22.1 denial-of-service https://marc.info/?l=oss-security&m=145375035828624&w=2 ruby{18,193,200,21,22}-actionpack<3.2.22.1 directory-traversal https://marc.info/?l=oss-security&m=145375068928706&w=2 privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1982 privoxy<3.0.24 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1983 mariadb-client<5.5.47 man-in-the-middle https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047 magento-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1203 magento<2.0.1 man-in-the-middle https://cxsecurity.com/issue/WLB-2016010129 ntp<4.2.8p6 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit chrony<1.31.2 validation-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1567 openssl>=1.0.1<1.0.1r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt openssl>=1.0.2<1.0.2f multiple-vulnerabilities https://www.openssl.org/news/secadv/20160128.txt suse{,32}_openssl-[0-9]* multiple-vulnerabilities https://www.openssl.org/news/secadv/20151203.txt go<1.5.3 weak-cryptography https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 libebml<1.3.3 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8789 libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8790 libebml<1.3.3 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8791 curl<7.47.0 ntlm-authentication-hijack http://curl.haxx.se/docs/adv_20160127A.html curl<7.47.0 directory-traversal http://curl.haxx.se/docs/adv_20160127B.html firefox<44.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox44 firefox38<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.6 Radicale<1.1 multiple-vulnerabilities http://radicale.org/news/#2015-12-31@@11:54:03 asterisk>=11.0<11.21.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html asterisk>=13.0<13.7.1 man-in-the-middle http://downloads.digium.com/pub/security/AST-2016-001.html asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-002.html asterisk>=11.0<11.21.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html asterisk>=13.0<13.7.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-003.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html webkit-gtk{,3}<2.10.7 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0001.html tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8781 tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8782 tiff<4.0.6nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783 suse{,32}_libtiff-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8783 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1923 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1924 ffmpeg2<2.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213 mit-krb5<1.14.1 multiple-vulnerabilities https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8629 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8630 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8631 salt<2015.8.4 remote-code-execution https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html firefox<44.0.2 security-bypass https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/ firefox38<38.6.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ xymon<4.3.25 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2054 xymon<4.3.25 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2055 xymon<4.3.25 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2056 xymon<4.3.25 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2057 xymon<4.3.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2058 ffmpeg2<2.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2213 ffmpeg2<2.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2328 ffmpeg2<2.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2329 ffmpeg2<2.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2330 adobe-flash-plugin<11.2.202.569 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-04.html nodejs>=0.12<0.12.10 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ nodejs>=4<4.3.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ nodejs>=5<5.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221 wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222 php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221 php{54,55,56}-ja-wordpress<4.4.2 request-forgery https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222 postgresql91-server<9.1.20 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql92-server<9.2.15 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql93-server<9.3.11 buffer-overflow http://www.postgresql.org/about/news/1644/ postgresql94-server<9.4.6 buffer-overflow http://www.postgresql.org/about/news/1644/ nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742 nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746 nginx<1.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0742 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0746 nginx>=1.9<1.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0747 libgcrypt<1.6.5 side-channel https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-7576 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-7578 ruby{18,193,200,21,22}-activerecord32<3.2.22.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-7577 ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-7577 libssh2<1.7.0 weak-cryptography https://www.libssh2.org/adv_20160223.html suse{,32}_base<13.1nb11 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3481 gtk2+<2.24.29nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7447 gtk3+<3.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7447 apache-tomcat>=6.0<6.0.45 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=7.0<7.0.65 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=8.0<8.0.27 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0763 apache-tomcat>=7.0<7.0.66 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346 apache-tomcat>=8.0<8.0.30 session-hijack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5346 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714 apache-tomcat>=6.0<6.0.45 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=7.0<7.0.67 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=8.0<8.0.30 remote-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345 apache-tomcat>=7.0<7.0.68 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 apache-tomcat>=8.0<8.0.31 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351 apache-tomcat>=6.0<6.0.45 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 apache-tomcat>=7.0<7.0.68 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 apache-tomcat>=8.0<8.0.31 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706 xerces-c<3.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-0729 gajim<0.16.5 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8688 thunderbird<38.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6 websvn-[0-9]* cross-site-scripting https://marc.info/?l=full-disclosure&m=145614987429774&w=2 magento<1.9.2.3 weak-authentication https://magento.com/security/patches/supee-7405 phpmyadmin>=4.0.0.0<4.0.10.13 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ phpmyadmin>=4.4.0.0<4.4.15.3 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ phpmyadmin>=4.5.0.0<4.5.4 password-exposure https://www.phpmyadmin.net/security/PMASA-2016-4/ nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8805 nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8804 nettle<3.2 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8803 moodle>=3.0<3.0.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0725 moodle>=3.0<3.0.2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0724 gcpio<2.13 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2037 phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-9/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-2/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-1/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-3/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-6/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-7/ phpmyadmin>=4.5.0.0<4.5.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-8/ phpmyadmin>=4.5.0.0<4.5.4 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-5/ php{55,56,70}-basercms<3.0.9 code-injection http://basercms.net/security/JVN69854312 php{55,56,70}-owncloud>8.2<8.2.2 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2015-062.txt libreoffice<5.0.4 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794 libreoffice<5.0.5 memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice4-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice43-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice4-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 libreoffice5-bin-[0-9]* memory-corruption https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795 squid>=3.5<3.5.15 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_2.txt wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-11.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-09.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-07.html wireshark<1.12.10 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-10.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-06.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-05.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-03.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-02.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-08.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-04.html firefox<43.0 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ graphite2<1.3.5 arbitrary-code-execution http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html ruby{18,193,200,21,22}-actionpack-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-7581 ruby{18,193,200,21,22}-actionpack-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2015-7579 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-7580 drupal-6.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby192-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby193-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby200-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postfix<3.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde<5.2.9 cross-site-scripting http://lists.horde.org/archives/announce/2016/001140.html py{34,33,27,26}-Pillow<3.1.1 multiple-vulnerabilities https://pillow.readthedocs.org/en/3.1.x/releasenotes/3.1.1.html drupal<7.43 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-001 openssl>=1.0.2<1.0.2g multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-10/ phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-11/ phpmyadmin>=4.5.0.0<4.5.5.1 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-12/ phpmyadmin>=4.5.0.0<4.5.5.1 man-in-the-middle https://www.phpmyadmin.net/security/PMASA-2016-13/ roundup<1.5.1 sensitive-information-disclosure https://pypi.python.org/pypi/roundup/1.5.1 libotr<4.1.1 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2851 firefox<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45 firefox38<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.7 xfce4-thunar<1.6.10nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-7447 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1577 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2116 jasper<1.900.1nb11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2089 php>=5.5<5.5.33 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.33 php>=5.6<5.6.19 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.19 php>=7.0<7.0.4 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.4 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01351/0 bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01352/0 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01352/0 bind>=9.9.0<9.9.8pl4 denial-of-service https://kb.isc.org/article/AA-01353/0 bind>=9.10.0<9.10.3pl4 denial-of-service https://kb.isc.org/article/AA-01353/0 isc-dhcpd<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2774 nss<3.21.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1950 adobe-flash-plugin<11.2.202.577 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-08.html samba>=3<3.9999 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-7560 samba>=4<4.3.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-7560 samba>=4<4.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-0771 openssh<7.2.2 command-injection http://www.openssh.com/txt/x11fwd.adv ruby{18,193,200,21,22}-actionpack<3.2.22.2 information-leak https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ ruby{18,193,200,21,22}-actionpack<3.2.22.2 remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ ruby{18,193,200,21,22}-redmine-[0-9]* remote-code-execution https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ apollo-[0-9]* clickjacking http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt apollo-[0-9]* cross-site-scripting http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt thunderbird<38.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7 quagga<1.0.20160309 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2342 graphite2<1.3.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/ git-base<2.7.3nb1 multiple-vulnerabilities http://seclists.org/oss-sec/2016/q1/645 pcre<8.38nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3191 pcre2<10.22 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3191 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html webkit-gtk{,3}<2.10.8 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0002.html apollo-[0-9]* arbitrary-code-execution http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt xenkernel45<4.5.1nb2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-159.html xenkernel45<4.5.1nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-160.html xenkernel45<4.5.1nb2 remote-code-execution https://xenbits.xen.org/xsa/advisory-155.html xenkernel45<4.5.3 denial-of-service https://xenbits.xen.org/xsa/advisory-154.html xenkernel45<4.5.3 denial-of-service https://xenbits.xen.org/xsa/advisory-170.html oracle-{jdk,jre}8<8.0.77 remote-code-execution https://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html openjdk8<1.8.77 remote-code-execution https://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html pixman<0.32.6 integer-overflow https://www.debian.org/security/2016/dsa-3525 dropbear<2016.72 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116 libmatroska<1.4.4 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8792 pidgin-otr<4.0.2 denial-of-service https://www.debian.org/security/2016/dsa-3528 ruby{18,193,200,21,22}-redmine<3.2.0 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3529 inspircd<2.0.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8702 mit-krb5<1.14.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3119 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html webkit-gtk{,3}<2.10.5 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0003.html imlib2<1.4.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3537 imebml<1.3.3 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3538 go>=1.6<1.6nb1 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1 putty<0.67 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-2563 adobe-flash-plugin<11.2.202.616 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-10.html websvn<2.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-2511 erlang<18.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2774 optipng<0.7.6 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191 squid<3.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3947 squid<3.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3948 lhasa<0.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-2347 py{27,34,35,36}-mercurial<3.7.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3630 py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3068 py{27,34,35,36}-mercurial<3.7.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3069 srtp<1.5.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6360 exim<4.86.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-1531 py{27,33,34}-django>=1.9<1.9.3 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2513 go>=1.5<1.5.4 denial-of-service http://www.openwall.com/lists/oss-security/2016/04/05/1 proftpd<1.3.5b unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3125 jenkins<1.642.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-0788 jenkins<1.650 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-0788 jenkins<1.642.2 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2016-0789 jenkins<1.650 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2016-0789 jenkins<1.642.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2016-0790 jenkins<1.650 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2016-0790 jenkins<1.642.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2016-0791 jenkins<1.650 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2016-0791 jenkins<1.642.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-0792 jenkins<1.650 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-0792 perl<5.22.1nb1 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381 bozohttpd<20160415 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8212 cacti<0.8.8g sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8604 nodejs>=0.10.0<0.10.42 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/ postgresql95-server<9.5.2 multiple-vulnerabilities http://www.postgresql.org/about/news/1656/ py{27,33,34,35}-django<1.8.10 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512 py{27,33,34,35}-django>=1.9<1.9.3 spoofing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2512 cacti-[0-9]* remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3659 squid<3.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3947 squid<3.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3948 libvirt-[0-9]* arbitrary-file-access http://security.libvirt.org/2015/0004.html claws-mail<3.13.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8708 samba<4.2.11 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2118 samba>=4.3<4.3.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2118 samba>=4.4<4.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2118 samba<4.2.11 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2110 samba>=4.3<4.3.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2110 samba>=4.4<4.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2110 samba<4.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5370 samba>=4.3<4.3.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5370 samba>=4.4<4.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5370 samba<4.2.11 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2113 samba>=4.3<4.3.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2113 samba>=4.4<4.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2113 samba<4.2.11 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2114 samba>=4.3<4.3.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2114 samba>=4.4<4.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2114 samba<4.2.11 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2115 samba>=4.3<4.3.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2115 samba>=4.4<4.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2115 samba<4.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-2111 samba>=4.3<4.3.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-2111 samba>=4.4<4.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-2111 samba<4.2.11 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2112 samba>=4.3<4.3.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2112 samba>=4.4<4.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2016-2112 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2857 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2858 qemu<2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1714 qemu<2.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5158 qemu<2.6.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1568 cacti-[0-9]* sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659 cacti-[0-9]* sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172 cacti-[0-9]* security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313 tiff<4.0.7 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467 suse{,32}_libtiff-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3467 tiff<4.0.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 suse{,32}_libtiff-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 tiff<4.0.7 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 suse{,32}_libtiff-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 xenkernel45<4.5.3 information-leak https://xenbits.xen.org/xsa/advisory-172.html xenkernel45<4.5.3 address-width-overflow https://xenbits.xen.org/xsa/advisory-173.html libssh<0.73 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739 libssh2<1.7.0 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787 py{35,34,33,27}-Pillow<3.1.1 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3499 optipng<0.7.6 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3981 optipng<0.7.6 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3982 optipng<0.6.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7801 optipng<0.7.6 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802 libxml2<2.9.4 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 suse{,32}_libxml2-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 py{35,34,33,27}-django-cms-[0-9]* validation-bypass http://www.vulnerability-lab.com/get_content.php?id=1821 asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-004.html asterisk>=13.0<13.8.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-005.html libvirt>=1.2.14<1.2.20 denial-of-service http://security.libvirt.org/2015/0004.html openssh<7.2.2nb1 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8325 thunderbird>=39<45.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45 dhcpcd<6.10.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1503 dhcpcd<6.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1504 latex2rtf<2.3.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8106 gdk-pixbuf2<2.33 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7552 vlc<2.2.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941 xdelta3<3.0.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9765 suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html ffmpeg1-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 ffmepg010-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 squid>=3.5<3.5.14 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2016_1.txt squid>=3.5<3.5.17 buffer-overflow http://www.squid-cache.org/Advisories/SQUID-2016_5.txt squid>=3.5<3.5.17 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_6.txt gd<2.1.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074 hexchat<2.10.2 man-in-the-middle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7449 mysql-client>=5.5<5.5.49 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.5<5.5.49 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-client>=5.6<5.6.30 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.6<5.6.30 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL oracle-{jdk,jre}8<8.0.91 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.91 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA cairo<1.14.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3190 giflib-util<5.1.5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3977 varnish<3.0.7 http-header-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852 imlib2<1.4.9 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3555 firefox<46.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46 firefox38<38.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.8 qemu<2.6.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4002 wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-19.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-20.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-21.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html wireshark<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html samba>=4.4<4.4.2 denial-of-service https://www.samba.org/samba/security/CVE-2015-5370.html php>=5.6<5.6.20 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.20 php>=7.0<7.0.6 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.6 ImageMagick<6.9.3.0 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/02/22/4 poppler<0.40.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8868 subversion>1.9<1.9.4 authentication-bypass http://subversion.apache.org/security/CVE-2016-2167-advisory.txt subversion>1.9<1.9.4 denial-of-service http://subversion.apache.org/security/CVE-2016-2168-advisory.txt php>=5.6<5.6.21 denial-of-service https://secure.php.net/ChangeLog-5.php#5.6.21 ntp<4.2.8p7 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-12.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-13.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-14.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-15.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-16.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-17.html wireshark<2.0.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-18.html jq<1.5nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8863 jq<1.5nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4074 ImageMagick<6.9.3.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3714 ImageMagick<6.9.3.10 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-3715 ImageMagick<6.9.3.10 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-3716 ImageMagick<6.9.3.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-3717 ImageMagick<6.9.3.10 request-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-3718 libtasn1<4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4008 openssl>=1.0.2<1.0.2h multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt libarchive<3.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1541 lcms2<2.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-7455 py{27,34,35,36}-mercurial<3.8.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-3105 openafs<1.6.17 remote-security-bypass http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt openafs<1.6.17 remote-information-exposure http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt openafs<1.6.16 denial-of-service https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16 qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3710 qemu<2.6.0 arbitrary-code-execution http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3712 xentools45<4.5.3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-179.html wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4476 wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4477 adobe-flash-plugin<11.2.202.621 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-02.html squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_7.txt squid<3.5.18 cache-poisoning http://www.squid-cache.org/Advisories/SQUID-2016_8.txt squid<3.5.18 multiple-vulnerabilities http://www.squid-cache.org/Advisories/SQUID-2016_9.txt ikiwiki<3.20160506 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4561 botan<1.10.13 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565 botan>=1.11.0<1.11.27 multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3565 botan>=1.8.3<1.10.8 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2014-9742 botan>=1.11.0<1.11.9 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2014-9742 botan>=1.11.0<1.11.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2196 botan>=1.11.0<1.11.29 ssl-downgrade https://nvd.nist.gov/vuln/detail/CVE-2016-2850 botan>=1.7.15<1.10.13 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849 botan>=1.11.0<1.11.29 side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2849 jenkins<1.651.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2016-05-11/ jansson<2.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-4425 libxml2<2.9.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837 libxml2<2.9.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838 libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627 suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html libxml2<2.9.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3705 suse{,32}_libxml2-[0-9]* denial-of-service http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html expat<2.1.1nb1 arbitrary-code-execution https://www.debian.org/security/2016/dsa-3582 bugzilla>=4.4<4.4.12 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 bugzilla>=5.0<5.0.3 cross-site-scripting https://bugzilla.mozilla.org/show_bug.cgi?id=1253263 xerces-c<3.1.4 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099 nss<3.21.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979 php>=5.5<5.5.34 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.34 qemu<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4439 qemu<2.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4441 librsvg<2.40.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7558 librsvg<2.40.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7557 librsvg<2.40.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4348 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330173 moodle>=3.0<3.0.3 referer-leak https://moodle.org/mod/forum/discuss.php?d=330181 moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330182 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330180 moodle>=3.0<3.0.3 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=330178 moodle>=3.0<3.0.3 restriction-bypass https://moodle.org/mod/forum/discuss.php?d=330176 moodle>=3.0<3.0.3 cross-site-request-forgeries https://moodle.org/mod/forum/discuss.php?d=330179 moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330174 moodle>=3.0<3.0.3 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=330175 wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-22.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-23.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-24.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-25.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-26.html wireshark>=2.0<2.0.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-27.html wireshark<1.12.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-28.html php>=5.5<5.5.35 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.35 wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564 php{55,56,70}-ja-wordpress<4.4.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1564 wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834 php{55,56,70}-ja-wordpress<4.2.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8834 xenkernel45<4.5.3nb2 privilege-escalation https://xenbits.xen.org/xsa/advisory-176.html wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567 php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4567 wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566 php{55,56,70}-ja-wordpress<4.5.2 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4566 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1762 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1833 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1834 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1835 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1836 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1837 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1838 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1839 libxml2<2.9.4 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1840 libxml2<2.9.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4483 websvn-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1236 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8558 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4037 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4001 qemu<2.6.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4020 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html webkit-gtk<2.12.3 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0004.html quagga-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4049 libvirt<1.3.3 denial-of-service http://www.openwall.com/lists/oss-security/2016/05/24/5 xentools45<4.5.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-180.html jetty>=9.3.0<9.3.9 information-disclosure http://www.ocert.org/advisories/ocert-2016-001.html pgpdump<0.30 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4021 typo<6.2.20 security-bypass http://seclists.org/bugtraq/2016/May/94 perl<5.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8853 gd<2.1.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2013-7456 libxml2<2.9.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 libxml2<2.9.4 format-string https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 libxml2<2.9.4 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 ImageMagick<7.0.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4562 ImageMagick<7.0.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4563 ImageMagick<7.0.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4564 ImageMagick<7.0.1.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-5118 GraphicsMagick<1.3.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-5118 gdk-pixbuf2<2.33.1 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8875 ansible<1.9.6 insecure-temp-files https://nvd.nist.gov/vuln/detail/CVE-2016-3096 nginx<1.8.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4450 nginx>=1.9<1.9.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4450 xentools45<4.5.3nb3 privilege-escalation https://xenbits.xen.org/xsa/advisory-178.html xenkernel45<4.5.3 privilege-escalation https://xenbits.xen.org/xsa/advisory-179.html xenkernel45<4.5.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-180.html xenkernel45<4.5.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-181.html firefox<47.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47 firefox45<45.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.2 libksba<1.3.4 multiple-vulnerabilities http://www.ubuntu.com/usn/USN-2982-1/ ruby{18,21,22,23}-puppet>4.0<4.4.2 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2785 qemu<2.6.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4453 qemu<2.6.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4454 qemu<2.6.1 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5126 qemu<2.6.1 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5337 qemu<2.6.1 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5238 ImageMagick<7.0.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick<7.0.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick<7.0.1.2 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 ImageMagick6<6.9.4.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick6<6.9.4.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick6<6.9.4.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 atheme<7.2.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4478 atheme<7.2.7 remote-information-modification https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9773 ntp<4.2.8p8 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi freetype2<2.5.4 multiple-vulnerabilities http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1 ansible>=1.9<1.9.6.1 arbitrary-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 ansible>=2.0<2.0.2.0 arbitrary-file-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 vlc<2.2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5108 clamav<0.99.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405 suse{,32}_base-[0-9]* multiple-vulnerabilities http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html libxslt<1.1.29 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683 libxslt<1.1.29 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684 ocaml<4.03.0 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869 thunderbird>=45<45.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.1 thunderbird38<38.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.8 adobe-flash-plugin<11.2.202.621 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-15.html adobe-flash-plugin<11.2.202.621 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsa16-03.html drupal>=7<7.44 privilege-escalation https://www.drupal.org/SA-CORE-2016-002 php>=5.6<5.6.22 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.22 php>=5.5<5.5.36 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.36 php>=5.6<5.6.23 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.23 php>=5.5<5.5.37 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.5.37 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2392 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2538 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2841 h2o<1.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4817 expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6702 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2177 openssl>=1.0.2<1.0.2i side-channel https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2178 qemu<2.6.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2391 expat<2.2.0 insufficiently-random-numbers https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5300 mDNSResponder<625.41.2 denial-of-service https://www.kb.cert.org/vuls/id/143335 openssl>=1.0.1<1.0.1s multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl>=1.0.0<1.0.0r multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl<0.9.8zf multiple-vulnerabilities https://www.openssl.org/news/secadv/20160301.txt openssl>=1.0.1<1.0.1t multiple-vulnerabilities https://www.openssl.org/news/secadv/20160503.txt openssl>=1.0.1<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 openssl<1.0.1t multiple-vulnerabilities http://www.securityfocus.com/archive/1/535303 php{55,56,70}-contao41-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.4.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<4.5.3 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5838 wordpress<4.5.3 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5832 wordpress<4.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-5833 wordpress<4.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-5834 wordpress<4.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-5835 wordpress<4.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5836 wordpress<4.5.3 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5837 wordpress<4.5.3 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5839 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5838 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5832 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-5833 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-5834 php{55,56,70}-ja-wordpress<4.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-5835 php{55,56,70}-ja-wordpress<4.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5836 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5837 php{55,56,70}-ja-wordpress<4.5.3 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5839 xerces-c<3.1.4 denial-of-service http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt apache-tomcat>=7.0<7.0.70 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 apache-tomcat>=8.0<8.0.36 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 libreoffice<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice-bin<5.1.4 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ libreoffice-bin>5.2<5.2.0 remote-code-execution http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/ dnsmasq<2.76 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8899 haproxy<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5360 bzip2<1.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3189 wget<1.18 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2016-4971 expat<2.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4472 suse{,32}_expat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4472 sqlite3<3.13.0 data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt suse{,32}_sqlite3-[0-9]* data-leak https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt nodejs>=0.10<0.10.44 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=0.12<0.12.13 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=4<4.4.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 nodejs>=5<5.10.0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3956 phpmyadmin>=4.6<4.6.3 parameter-injection https://www.phpmyadmin.net/security/PMASA-2016-18/ phpmyadmin>=4.0<4.0.10.16 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.4<4.4.15.7 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.6<4.6.3 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-22/ phpmyadmin>=4.0<4.0.10.16 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.4<4.4.15.7 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.6<4.6.3 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-23/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-20/ phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-24/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-25/ phpmyadmin>=4.0<4.0.10.16 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-26/ phpmyadmin>=4.0<4.0.10.16 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.4<4.4.15.7 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.6<4.6.3 cross-site-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-28/ phpmyadmin>=4.0<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.4<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-27/ phpmyadmin>=4.4<4.4.15.7 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/ phpmyadmin>=4.6<4.6.3 arbitrary-command-execution https://www.phpmyadmin.net/security/PMASA-2016-19/ phpmyadmin>=4.0.10<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.4.15<4.4.15.7 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.6<4.6.3 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ phpmyadmin>=4.4<4.4.15.7 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/ phpmyadmin>=4.6<4.6.3 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-21/ phpmyadmin>=4.4<4.4.15.6 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/ phpmyadmin>=4.6<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-16/ phpmyadmin<4.6.2 code-injection https://www.phpmyadmin.net/security/PMASA-2016-14/ contao35<3.5.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao35<3.5.15 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao41-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao42<4.2.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 libbpg>=0.9.5 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5637 adobe-flash-plugin<11.2.202.632 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-25.html go>=1.6<1.6.3 input-validation https://golang.org/issue/16405 thunderbird>=45<45.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2 bind>=9.0.0<9.9.9pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170 bind>=9.10.0<9.10.4pl2 denial-of-service https://kb.isc.org/article/AA-01390/169/CVE-2016-6170 bind>=9.0.0<9.9.9pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775 bind>=9.10.0<9.10.4pl1 denial-of-service https://kb.isc.org/article/AA-01393/74/CVE-2016-2775 apache-tomcat-5.5.[0-9]* access-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-6.[0-9]* access-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-7.[0-9]* access-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat<8.0.37 access-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 gimp<2.8.18 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994 apache<2.2.31nb4 access-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4<2.4.23nb2 access-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4.18<2.4.23 security-restrictions-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979 libvirt<2.0.0 authentication-bypass http://security.libvirt.org/2016/0001.html apache>=2.4.17<2.4.19 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546 samba>=4.0<4.2.15 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.3<4.3.11 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.4<4.4.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 kinit<5.23 information-disclosure https://www.kde.org/info/security/advisory-20160621-1.txt GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8808 GraphicsMagick<1.3.18 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4589 wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-29.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-30.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-31.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-32.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-33.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-34.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-35.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-36.html wireshark>=2.0<2.0.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-37.html wireshark<1.12.12 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-38.html py{27,33,34,35}-django>=1.9<1.9.8 cross-site-scripting https://www.djangoproject.com/weblog/2016/jul/18/security-releases/ harfbuzz<1.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8947 php>=5.5<5.6 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 php>=5.6<5.6.24 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 php>=7<7.0.9 out-of-bounds-write https://bugs.php.net/bug.php?id=72613 mysql>=5.5<5.5.50 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL mysql>=5.6<5.6.31 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL bsdiff<4.3nb1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9862 php>=5.5<5.5.38 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 php>=5.6<5.6.24 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 php>=7<7.0.9 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5385 oracle-{jdk,jre}8<8.0.101 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openjdk8<1.8.101 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openssh<7.3 valid-account-enumeration http://seclists.org/fulldisclosure/2016/Jul/51 wireshark<2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools3-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools33-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools42-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel43-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel44-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools43-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools44-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mariadb-server<5.5.50 multiple-vulnerabilities https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6293 p5-DBD-mysql<4.031 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9906 gd<2.2.3 multiple-vulnerabilities https://github.com/libgd/libgd/releases/tag/gd-2.2.3 collectd<5.4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6254 mit-krb5<1.14.3 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3120 perl<5.22.3 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238 perl>5.24.0<5.24.1 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238 perl<5.22.3 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 perl>5.24.0<5.24.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 p5-XSLoader-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2180 karchive<5.24 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6232 xentools45<4.5.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-175.html xentools46<4.6.3 denial-of-service https://xenbits.xen.org/xsa/advisory-175.html xenkernel45<4.5.3nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-182.html xenkernel46<4.6.4 privilege-elevation https://xenbits.xen.org/xsa/advisory-182.html redis<3.2.3 insecure-file-permissions https://www.suse.com/security/cve/CVE-2013-7458.html qemu<2.6.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 qemu0-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 xentools45<4.5.3nb4 denial-of-service https://xenbits.xen.org/xsa/advisory-184.html xentools46<4.6.4 denial-of-service https://xenbits.xen.org/xsa/advisory-184.html xenkernel45<4.5.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-183.html xenkernel46<4.6.4 denial-of-service https://xenbits.xen.org/xsa/advisory-183.html curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803A.html curl>=7.1<7.50.1 weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html suse{,32}_libcurl-[0-9]* weak-ssl-authentication https://curl.haxx.se/docs/adv_20160803B.html curl>=7.32.0<7.50.1 use-after-free https://curl.haxx.se/docs/adv_20160803C.html suse{,32}_libcurl-[0-9]* use-after-free https://curl.haxx.se/docs/adv_20160803C.html php{55,56,70,71}-ja-wordpress<4.5 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 wordpress<4.5 remote-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 php70-gd>=7.0<7.0.9 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128 php55-gd>=5.5<5.5.37 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php56-gd>=5.6<5.6.23 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php70-gd>=7.0<7.0.8 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php55-gd>=5.5<5.5.37 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php56-gd>=5.6<5.6.23 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php70-gd>=7.0<7.0.8 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php70-mbstring>=7.0<7.0.8 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php56-mbstring>=5.6<5.6.23 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-mbstring>=5.5<5.5.37 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-intl>=5.5<5.5.36 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php56-intl>=5.6<5.6.22 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php70-intl>=7.0<7.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php{55,56,70,71}-ja-wordpress<4.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 wordpress<4.5 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 php{55,56,70,71}-ja-wordpress<4.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 wordpress<4.5 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 openssh<7.3.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515 openssh<7.3.1 multiple-vulnerabilities http://www.openssh.com/txt/release-7.3 wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-45.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-44.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-48.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-49.html wireshark>=2.0<2.0.5 stack-overflow https://www.wireshark.org/security/wnpa-sec-2016-46.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-47.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-42.html wireshark>=2.0<2.0.5 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-41.html nspr<4.12 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 suse{,32}_mozilla-nspr-[0-9]* buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 firefox<48.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48 firefox45<45.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.3 openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://www.openoffice.org/security/cves/CVE-2016-1513.html stunnel<5.34 unspecified https://www.stunnel.org/sdf_ChangeLog.html stunnel<5.35 unspecified https://www.stunnel.org/sdf_ChangeLog.html fontconfig<2.12.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 suse{,32}_fontconfig-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 postgresql91-server<9.1.23 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql92-server<9.2.18 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql93-server<9.3.14 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql94-server<9.4.9 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql95-server<9.5.4 denial-of-service https://access.redhat.com/security/cve/CVE-2016-5423 postgresql91-client<9.1.23 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql92-client<9.2.18 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql93-client<9.3.14 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql94-client<9.4.9 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 postgresql95-client<9.5.4 privilege-escalation https://access.redhat.com/security/cve/CVE-2016-5424 gd<2.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6161 libgcrypt<1.7.3 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html gnupg<1.4.21 insufficiently-random-numbers https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html p5-DBD-mysql<4.033 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8949 lighttpd<1.4.41 access-bypass http://www.lighttpd.net/2016/7/31/1.4.41/ php{55,56,70,71}-roundcube<1.1.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4069 binutils<2.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3509 ruby{18,193,200}-bundler<1.7.3 restriction-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0334 lighttpd<1.4.36 inject-log-entries https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3200 libarchive<3.2.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211 libarchive<3.2.1 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304 eog>=3<3.20.4 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6855 ruby{18,21,22,23}-jquery-rails<3.0.1 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6662 python27<2.7.12 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python34<3.4.5 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python35<3.5.2 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0772 python27<2.7.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python34<3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python35<3.5.2 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636 python27<2.7.10 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699 python34<3.4.4 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5699 mailman<2.1.23 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6893 mailman<2.1.15 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7123 openoffice3{,-bin}-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3575 subversion-base<1.7.17 spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 subversion-base>=1.4.0<1.7.18 man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522 libvncserver-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6054 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html webkit-gtk<2.12.4 multiple-vulnerabilities http://webkitgtk.org/security/WSA-2016-0005.html qemu<2.6.1 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4952 qemu<2.6.1 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5106 qemu<2.6.1 local-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5105 qemu<2.6.1 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5107 libVNCServer<0.9.10 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055 xenkernel45<4.5.3nb3 privilege-elevation https://xenbits.xen.org/xsa/advisory-185.html xenkernel45>=4.5.3<4.5.3nb3 privilege-elevation https://xenbits.xen.org/xsa/advisory-186.html xenkernel45<4.5.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-187.html xenkernel46<4.6.3nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-185.html xenkernel46>=4.6.3<4.6.3nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-186.html xenkernel46<4.6.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-187.html libidn<1.33 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948 libidn<1.33 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261 libidn<1.33 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262 libidn<1.33 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263 py{27,34,35}-trytond>=3.8<3.8.8 multiple-vulnerabilities http://www.tryton.org/posts/security-release-for-issue5795-and-issue5808.html libcrack<2.7nb2 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 qemu<2.7.0 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6351 asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-006.html asterisk>=13.0<13.11.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html asterisk>=11.0<11.23.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-007.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-50.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-51.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-52.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-53.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-54.html wireshark>=2.0<2.0.6 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-55.html php70-curl<7.0.10 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134 php>=7.0<7.0.10 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133 php70-wddx<7.0.10 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php56-wddx<5.6.25 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php70-wddx<7.0.10 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php56-wddx<5.6.25 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php70-wddx<7.0.10 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php56-wddx<5.6.25 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php70-exif<7.0.10 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php56-exif<5.6.25 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php70-wddx<7.0.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php56-wddx<5.6.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php70-gd<7.0.10 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php56-gd<5.6.25 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php70-gd<7.0.10 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php56-gd<5.6.25 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php>=7.0<7.0.10 php-object-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php<5.6.25 php-object-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php>=7.0<7.0.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 php<5.6.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 adobe-flash-plugin<11.2.202.635 restriction-bypass https://helpx.adobe.com/security/products/flash-player/apsb16-29.html mysql-server>5.5<5.5.52 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html mysql-server>5.6<5.6.33 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html mysql-server>5.7<5.7.15 privilege-escalation https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html mariadb-server<5.5.51 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6662 curl<7.50.3 heap-overflow https://curl.haxx.se/docs/adv_20160914.html cryptopp<5.6.5 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7420 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2179 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2181 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2182 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6302 openssl>=1.0.2<1.0.2i denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6303 php{54,55,56}-owncloud>9.0.0<9.0.4 cross-site-scripting https://owncloud.org/security/advisory/?id=oc-sa-2016-011 php<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411 php56-mysql<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-mysqli<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-wddx<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php56-intl<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php56-wddx<5.6.26 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 php70-mysql<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-mysqli<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-wddx<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php>=7.0<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php70-intl<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php>=7.0<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php70-wddx<7.0.11 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 irssi>=0.8.17<0.8.20 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2016.txt openjpeg<2.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7163 flex<2.6.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6354 zookeeper<3.4.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5017 mupdf<1.9anb2 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6265 mupdf<1.9anb3 denial-of-service https://security-tracker.debian.org/tracker/CVE-2016-6525 tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3990 php{55,56,70,71}-owncloud<9.0.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7419 icu<58.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415 firefox<49.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox49 firefox45<45.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.4 powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5426 powerdns<3.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5427 powerdns<4.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6172 openssl>=1.0.1<1.0.1u multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt openssl>=1.1.0<1.1.0a multiple-vulnerabilities https://www.openssl.org/news/secadv/20160922.txt openssl>=1.1.0<1.1.0b use-after-free https://www.openssl.org/news/secadv/20160926.txt openssl>=1.0.2i<1.0.2j null-pointer-dereference https://www.openssl.org/news/secadv/20160926.txt bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01419/0 bind<9.9.9pl3 denial-of-service https://kb.isc.org/article/AA-01433/74/CVE-2016-2848 bind<9.10.4pl3 denial-of-service https://kb.isc.org/article/AA-01419/0 py{27,34,35}-django<1.8.15 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ py{27,34,35}-django>=1.9<1.9.10 cross-site-request-forgeries https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ file-roller>=3.5.4<3.20.2 local-file-delete https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7162 gd<2.2.3nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php55-gd<5.5.38nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php56-gd<5.6.24nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php70-gd<7.0.9nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 php71-gd<7.1.0beta1nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7568 p5-DBD-mysql<4.037 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 wget<1.18nb3 local-security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7098 qemu<2.7.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907 qemu<2.7.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908 qemu<2.7.0nb1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909 qemu<2.7.0 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7161 inspircd<2.0.23 signature-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7142 irssi<0.8.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044 drupal>=8<8.1.10 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-004 clamav<0.99.2 multiple-vulnerabilities http://blog.clamav.net/2016/05/clamav-0992-has-been-released.html libcares<1.12.0 arbitrary-code-execution https://c-ares.haxx.se/adv_20160929.html mongodb<3.4.0 sensitive-information-disclosure https://jira.mongodb.org/browse/SERVER-25335 gdk-pixbuf2<2.35.3 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352 adodb<5.20.7 sql-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405 openjpeg<2.1.2 null-pointer-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7445 freerdp<1.1.0b2013071101 null-pointer-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4118 freerdp<1.1.0b2013071101 null-pointer-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4119 p5-DBD-mysql<4.037 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 tiff<4.0.7 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619 tiff<4.0.7 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620 tiff<4.0.7 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621 tiff<4.0.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622 tiff<4.0.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623 tiff<4.0.7 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658 gd<2.2.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905 nss<3.23.0 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2016-61/ nspr<4.12 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 nodejs>=6<6.7.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ nodejs>=4<4.6.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ adobe-flash-plugin<11.2.202.637 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-32.html qemu<2.7.0nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7423 xenkernel-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-190.html pidgin<2.11.0 multiple-vulnerabilities https://www.pidgin.im/news/security/ ap22-modsecurity<2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages shotwell-[0-9]* man-in-the-middle https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1000033 oracle-{jdk,jre}-[0-9]* multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA py{27,34,35}-mysql-connector>2.1<2.1.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598 py{27,34,35}-mysql-connector>2.0<2.0.5 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5598 mysql-client>5.5<5.5.53 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.5<5.5.53 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.6<5.6.34 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.6<5.6.34 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.7<5.7.16 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.7<5.7.16 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL openjpeg<2.1.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8332 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9114 openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9117 openjpeg<2.2.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9115 openjpeg<2.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9118 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9113 openjpeg<2.2.0 null-pointer-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9116 openjpeg<2.2.0 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9112 tiff<4.0.8 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8331 moodle-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7919 botan>1.11.29<1.11.32 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8871 tor<0.2.8.9 denial-of-service https://blog.torproject.org/blog/tor-0289-released-important-fixes quagga<1.0.20161017 buffer-overflow https://lists.quagga.net/pipermail/quagga-users/2016-October/014478.html argus-[0-9]* stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8333 argus-[0-9]* stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8335 mupdf<1.10 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7506 mupdf<1.10 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7505 mupdf<1.10 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7504 php>=5.6<5.6.27 multiple-vulnerabilities https://secure.php.net/ChangeLog-5.php#5.6.27 php>=7.0<7.0.12 multiple-vulnerabilities https://secure.php.net/ChangeLog-7.php#7.0.12 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8577 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8667 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578 qemu<2.8.0 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8668 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669 qemu<2.8.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910 adobe-flash-plugin<11.2.202.643 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-37.html mupdf<1.10 buffer-overrun https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9136 moodle-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9186 moodle-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9187 moodle-[0-9]* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9188 py{27,34,35}-Pillow<3.3.2 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189 py{27,34,35}-Pillow<3.3.2 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190 bind<9.9.9pl4 denial-of-service https://kb.isc.org/article/AA-01434 bind<9.10.4pl4 denial-of-service https://kb.isc.org/article/AA-01434 libxslt<1.1.29 out-of-bounds-read https://git.gnome.org/browse/libxslt/commit/?id=eb1030de31165b68487f288308f9d1810fed6880 py{26,27}-moin<1.9.9 multiple-vulnerabilities https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html libX11<1.6.3 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXfixes<5.0.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXi<1.7.7 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXrandr<1.5.1 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXrender<0.9.10 multiple-vulnerabilities https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXtst<1.2.3 integer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXv<1.0.11 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html libXvmc<1.0.10 buffer-overflow https://lists.x.org/archives/xorg-announce/2016-October/002720.html subversion-base>1.9<1.9.5 denial-of-service https://subversion.apache.org/security/CVE-2016-8734-advisory.txt p5-SOAP-Lite<1.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8978 hdf5<1.8.18 multiple-vulnerabilities http://blog.talosintel.com/2016/11/hdf5-vulns.html p7zip<16.02nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9296 tiff<4.0.7 multiple-vulnerabilities http://www.securityfocus.com/bid/94484 drupal>=7<7.5.2 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005 drupal>=8<8.2.3 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2016-005 libxml2<2.9.4nb1 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9318 asterisk>=13.0<13.13.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-008.html asterisk>=14.0<14.2.1 denial-of-service http://downloads.digium.com/pub/security/AST-2016-009.html asterisk>=11.0<11.25.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html asterisk>=13.0<13.13.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html asterisk>=14.0<14.2.1 authentication-bypass http://downloads.digium.com/pub/security/AST-2016-010.html criticalmass<1.0.2nb8 ancient-curl-included http://mail-index.netbsd.org/pkgsrc-changes/2016/12/10/msg149940.html firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50 firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.1 firefox<50.0.2 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox50.0.2 firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5 firefox45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr45.5.1 thunderbird>=45<45.5 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5 thunderbird>=45<45.5.1 use-after-free https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5.1 wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-56.html wireshark>=2.2<2.2.1 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-57.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-58.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-59.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-60.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-61.html wireshark>=2.2<2.2.2 denial-of-service https://www.wireshark.org/security/wnpa-sec-2016-62.html gst-plugins1-good<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 gst-plugins0.10-good-[0-9]* multiple-vulnerabilities https://www.debian.org/security/2016/dsa-3724 p5-DBD-mysql<4.041 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1251 libdwarf-[0-9]* heap-buffer-overflow https://www.prevanders.net/dwarfbug.html#DW201611-006 php56-piwigo-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9751 libgsf<1.14.41 null-dereference https://github.com/GNOME/libgsf/commit/95a8351a75758cf10b3bf6abae0b6b461f90d9e5 apache>2.4.17<2.4.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8740 php{56,70,71}-roundcube<1.1.5 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920 py{27,34,35}-django<1.8.16 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ py{27,34,35}-django>=1.9<1.9.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ py{27,34,35}-django>=1.10<1.10.3 multiple-vulnerabilities https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9106 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9105 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9104 qemu<2.8.0rc0 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9103 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9102 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9101 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7995 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7994 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7466 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7422 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7421 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7170 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7157 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7156 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7155 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7116 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6888 qemu<2.8.0rc0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6836 qemu<2.6.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6835 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6834 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6833 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6490 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4964 gtar-base<1.29 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6321 phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-29/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-30/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-31/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-32/ phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-33/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-34/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-35/ phpmyadmin<4.6.4 symlink-attack https://www.phpmyadmin.net/security/PMASA-2016-36/ phpmyadmin<4.6.4 path-traversal https://www.phpmyadmin.net/security/PMASA-2016-37/ phpmyadmin<4.6.4 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-37/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-39/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-40/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-41/ phpmyadmin<4.6.4 sql-injection https://www.phpmyadmin.net/security/PMASA-2016-42/ phpmyadmin<4.6.4 validation-bypass https://www.phpmyadmin.net/security/PMASA-2016-43/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-45/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-46/ phpmyadmin<4.6.4 authentication-bypass https://www.phpmyadmin.net/security/PMASA-2016-47/ phpmyadmin<4.6.4 information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-48/ phpmyadmin<4.6.4 bypass-protection https://www.phpmyadmin.net/security/PMASA-2016-49/ phpmyadmin<4.6.4 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-50/ phpmyadmin<4.6.4 reflected-file-download https://www.phpmyadmin.net/security/PMASA-2016-51/ phpmyadmin<4.6.4 security-bypass https://www.phpmyadmin.net/security/PMASA-2016-52/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-53/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-54/ phpmyadmin<4.6.4 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-55/ phpmyadmin<4.6.4 remote-code-execution https://www.phpmyadmin.net/security/PMASA-2016-56/ phpmyadmin<4.6.5 sensitive-information-disclosure https://www.phpmyadmin.net/security/PMASA-2016-59/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-60/ phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-63/ phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-64/ phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-65/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-66/ phpmyadmin<4.6.5 code-injection https://www.phpmyadmin.net/security/PMASA-2016-67/ phpmyadmin<4.6.5 denial-of-service https://www.phpmyadmin.net/security/PMASA-2016-68/ phpmyadmin<4.6.5 multiple-vulnerabilities https://www.phpmyadmin.net/security/PMASA-2016-69/ phpmyadmin<4.6.5 remote-security-bypass https://www.phpmyadmin.net/security/PMASA-2016-70/ phpmyadmin<4.6.5 cross-site-scripting https://www.phpmyadmin.net/security/PMASA-2016-71/ seamonkey<2.40nb7 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ jasper<1.900.29nb1 buffer-overflow https://github.com/mdadams/jasper/issues/93 modular-xorg-server<1.16.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3418 libXv<1.0.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5407 libXtst<1.2.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7952 libXtst<1.2.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7951 libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7950 libXrender<0.9.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7949 libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7948 libXrandr<1.5.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7947 libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7946 libXi<1.7.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7945 libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7943 libX11<1.6.4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7942 libXvMC<1.0.10 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7953 libXfixes<5.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7944 ImageMagick<7.0.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6491 p7zip<16.0 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2334 adobe-flash-plugin<24.0.0.186 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb16-39.html pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073 pcre<8.38 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210 pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3217 pcre<8.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5073 pcre2<10.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3210 py{27,34,35}-bottle<0.12.11 crlf-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9964 libupnp<1.6.21 remote-security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6255 libupnp<1.6.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863 tigervnc-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8241 w3m<0.5.3.0.20161218 multiple-vulnerabilities https://github.com/tats/w3m/commit/b3805049f2add9226f6eac1b534626c4e5d9da52 rabbitmq<3.6.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8786 nagios-base<4.2.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9565 nagios-base<4.2.4 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9566 firefox<50.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/ firefox45<45.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/ php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=7.1<7.1.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 php>=5.6<5.6.29 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 php>=7.0<7.0.14 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 php>=7.0<7.0.14 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936 php>=7.1<7.1.0 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936 lynx<2.8.8.2nb5 information-leak http://seclists.org/oss-sec/2016/q4/322 php{56,70,71}-roundcube<1.2.0 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4552 py{27,34,35}-docx<0.8.6 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5851 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671 ffmpeg3<3.1.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6671 ffmpeg1-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg3<3.1.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6881 ffmpeg1-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg2-[0-9]* multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg3<3.1.4 multiple-vulnerabilities http://www.openwall.com/lists/oss-security/2016/10/08/1 ffmpeg3<3.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9561 ffmpeg2-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595 ffmpeg3<3.1.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8595 openjpeg<1.5.2 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9675 libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5131 libxml2<2.9.4nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4658 kdesu<5.7.5 dialog-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7787 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9907 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9923 qemu<2.8.1 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9908 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9911 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9921 qemu<2.8.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9912 p5-XML-Twig-[0-9]* xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9180 p5-Image-Info<1.39 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9181 exim<4.88 information-leak https://exim.org/static/doc/CVE-2016-9963.txt mantis<1.3.5 arbitrary-code-execution https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html ImageMagick<7.0.3.9 arbitrary-code-execution http://www.talosintelligence.com/reports/TALOS-2016-0216/ ImageMagick6<6.9.6.7 arbitrary-code-execution http://www.talosintelligence.com/reports/TALOS-2016-0216/ openssh<7.4 multiple-vulnerabilities http://www.openssh.com/txt/release-7.4 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9776 qemu<2.8.0 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9845 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9913 qemu<2.8.0 information-leak https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9846 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9915 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9916 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9914 rabbitmq<3.6.6 authentication-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9877 contao35<3.5.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao35<3.5.21 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao42<4.3 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao43<4.3.2 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao42-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{56,70,71}-roundcube<1.2.3 remote-code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9920 irssi>=0.8.17<0.8.21 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_01.txt php{56,70,71}-piwigo<2.8.5 multiple-vulnerabilities http://piwigo.org/releases/2.8.5 libvncserver<0.9.11 multiple-vulnerabilities https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11 thunderbird>=45<45.6.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/ py{27,34,35,36}-borgbackup<1.0.9 local-file-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10100 py{27,34,35,36}-borgbackup<1.0.9 local-filename-spoofing https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10099 php{56,70,71}-ja-wordpress<4.6.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169 php{56,70,71}-ja-wordpress<4.6.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168 wordpress<4.6.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169 wordpress<4.6.1 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168 pidgin<2.11.0 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2375 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2373 pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2371 pidgin<2.11.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2369 pidgin<2.11.0 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2367 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2366 pidgin<2.11.0 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2365 pidgin<2.11.0 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4323 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2380 pidgin<2.11.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2378 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2370 pidgin<2.11.0 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2374 pidgin<2.11.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2372 pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2368 pidgin<2.11.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2376 ruby{18,21,22,23}-fiddle-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2339 ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2337 ruby{18,21,22,23}-bundler-[0-9]* code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7954 php>=5.6<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670 memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8704 memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8706 memcached<1.4.33 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8705 freeimage<3.17.0nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5684 tiff<4.0.7 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5652 bind>=9.9.3<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131 bind<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131 bind>=9.9.9pl4<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147 bind>=9.10.4pl4<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147 bind>=9.9.3<9.9.9pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444 bind<9.10.4pl5 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444 screen>=4.5.0<4.5.0nb1 local-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5618 apache>=2.4.1<2.4.25 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161 apache>=2.4.1<2.4.25 padding-oracle-attack https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736 apache>=2.2.0<2.2.32 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743 apache>=2.4.1<2.4.25 cache-poisoning https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743 png<1.0.67 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.2<1.2.57 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.4<1.4.20 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.5<1.5.28 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 png>1.6<1.6.27 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10087 apache-tomcat>=6.0.16<6.0.49 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=7.0.0<7.0.74 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=8.0.0<8.0.40 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=8.5.0<8.5.9 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 apache-tomcat>=9.0.0.M1<9.0.0.M15 information-leak https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745 pidgin<2.11.0 information-leak https://www.pidgin.im/news/security/?id=96 pidgin<2.11.0 buffer-overflow https://www.pidgin.im/news/security/?id=93 py{27,34,35,36}-hpack<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6581 chicken<4.12 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6830 chicken<4.12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6831 mantis<1.2.19 remote-script-inject https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6837 adobe-flash-plugin<24.0.0.194 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-02.html ntp<4.2.8p9 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se py{27,34,35,36}-urllib3<1.18.1 validation-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9015 guile-[0-9]* insecure-file-permissions https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8605 openssl<1.0.2k denial-of-service https://www.openssl.org/news/secadv/20170126.txt bind>=9.9.9pl1<9.9.9pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9778 php>=5.0<5.6.28 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478 php>=7.0<7.0.13 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478 php>=7.0<7.0.12 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7480 php>=7.0<7.0.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5340 php>=7.1<7.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5340 php>=7.0<7.0.15 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7479 ikiwiki<3.20161229 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9645 ikiwiki<3.20161229 commit-metadata-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-9646 ikiwiki<3.20170111 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-0356 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5225 guile20<2.0.13 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8606 jenkins<2.32 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9299 jenkins-lts<2.19.3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9299 zoneminder-[0-9]* authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10140 jasper<1.900.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8882 jasper<1.900.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8883 gstreamer1<1.10.2 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.2 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5209 wordpress<4.7.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.1 wordpress<4.7.2 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.2 ntopng-[0-9]* cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5473 gnutls<3.3.26 memory-corruption https://gnutls.org/security.html#GNUTLS-SA-2017-1 gnutls>=3.4<3.5.8 memory-corruption https://gnutls.org/security.html#GNUTLS-SA-2017-2 GraphicsMagick<1.3.26 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7996 tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9297 mupdf<1.10anb2 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5627 mupdf<1.10anb2 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5628 php{56,70,71}-ja-wordpress<4.7.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.1 php{56,70,71}-ja-wordpress<4.7.2 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.2 unrealircd<3.2.10.7 ssl-certificate-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7144 unrealircd>=4.0<4.0.6 ssl-certificate-spoofing https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7144 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7997 php{56,70,71}-piwigo<2.8.6 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5608 tcpdump<4.9.0 multiple-vulnerabilities https://www.mail-archive.com/debian-bugs-dist@@lists.debian.org/msg1494526.html tiff<4.0.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9273 mysql-server>5.5<5.5.54 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-server>5.6<5.6.35 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-server>5.7<5.7.17 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL libical<2.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2016-5823 libical<3.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2016-5824 libical<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5825 libical<3.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5826 libical<3.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-5827 libical<3.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9584 mysql-cluster<7.2.27 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-cluster<7.3.15 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-cluster<7.4.13 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL ffmpeg3>3.0<3.0.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5200 ffmpeg3>3.1<3.1.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5200 ffmpeg3>3.0<3.0.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5199 ffmpeg3>3.1<3.1.4 heap-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5199 openjdk8<1.8.121 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA oracle-{jdk,jre}<8.0.121 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA ImageMagick<7.0.3.10 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6823 bash<4.4 privilege-elevation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7543 tiff<4.0.7 out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453 tiff<4.0.7 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 tiff<4.0.7 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563 tiff<4.0.7 sensitive-information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321 tiff<4.0.7 heap-buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5319 tiff<4.0.7 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318 tiff<4.0.7 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317 tiff<4.0.7 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316 tiff<4.0.7 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323 moodle>=2.7<2.7.15 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 moodle>=2.8<2.9.7 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 moodle>=3.0<3.0.5 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 moodle>=3.1<3.1.1 plaintext-injection https://moodle.org/mod/forum/discuss.php?d=336698#p1356859 owncloudclient<2.2.3 privilege-elevation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7102 wireshark>=2.2<2.2.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-01.html wireshark>=2.2<2.2.4 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-02.html magento<2.0.6 php-object-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4010 gnuchess<6.2.4 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8972 bash<4.4.006 security-bypass https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401 w3m<0.5.3.0.20161009 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9435 xenkernel42-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-200.html xenkernel45<4.5.5nb2 information-leak https://xenbits.xen.org/xsa/advisory-200.html xenkernel46<4.6.5 information-leak https://xenbits.xen.org/xsa/advisory-200.html xenkernel46<4.6.5 denial-of-service https://xenbits.xen.org/xsa/advisory-203.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-202.html xenkernel45<4.5.5nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-202.html xenkernel46<4.6.5 denial-of-service https://xenbits.xen.org/xsa/advisory-202.html xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-204.html xenkernel45<4.5.5nb2 privilege-elevation https://xenbits.xen.org/xsa/advisory-204.html xenkernel46<4.6.5 privilege-elevation https://xenbits.xen.org/xsa/advisory-204.html xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-192.html xenkernel45<4.5.5nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-192.html xenkernel46<4.6.5 privilege-elevation https://xenbits.xen.org/xsa/advisory-192.html xentools42-[0-9]* arbitrary-file-overwrite https://xenbits.xen.org/xsa/advisory-198.html xentools45<4.5.5nb1 arbitrary-file-overwrite https://xenbits.xen.org/xsa/advisory-198.html xentools46<4.6.5 arbitrary-file-overwrite https://xenbits.xen.org/xsa/advisory-198.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-193.html xenkernel45<4.5.5nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-193.html xenkernel46<4.6.5 denial-of-service https://xenbits.xen.org/xsa/advisory-193.html xenkernel42-[0-9]* arbitrary-code-execution https://xenbits.xen.org/xsa/advisory-195.html xenkernel45<4.5.5nb1 arbitrary-code-execution https://xenbits.xen.org/xsa/advisory-195.html xenkernel46<4.6.5 arbitrary-code-execution https://xenbits.xen.org/xsa/advisory-195.html xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-197.html xenkernel45<4.5.5nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-197.html xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-191.html xenkernel45<4.5.5nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-191.html xenkernel46<4.6.5 privilege-elevation https://xenbits.xen.org/xsa/advisory-191.html xenkernel46<4.6.5 privilege-elevation https://xenbits.xen.org/xsa/advisory-197.html ffmpeg3>3.1<3.1.3 heap-buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6920 ffmpeg3>3.1<3.1.1 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164 ffmpeg2>2.0<2.8.8 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164 w3m<0.5.3.0.20161009 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9436 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5545 libdwarf<20160614 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7410 gd<2.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317 gd<2.2.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311 gd<2.2.4 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312 typo3>=6.2<6.2.24 access-bypass https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/ typo3>=6.2<6.2.19 cross-site-scripting https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006/ ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2337 squid<3.5.23 information-leak http://www.squid-cache.org/Advisories/SQUID-2016_10.txt squid<3.5.23 information-leak http://www.squid-cache.org/Advisories/SQUID-2016_11.txt libbpg-[0-9]* out-of-bounds-write https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8710 php>=5.0<5.6.30 multiple-vulnerabilities http://php.net/ChangeLog-5.php#5.6.30 php>=7.0<7.0.15 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.0.15 php>=7.1<7.1.1 multiple-vulnerabilities http://php.net/ChangeLog-7.php#7.1.1 tcpreplay<4.1.2 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160 php{56,70,71}-http<3.0.1 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5873 moodle<2.9.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699 moodle>=3.0<3.0.5 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699 moodle>3.1<3.1.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336699 moodle>=2.7<2.7.16 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=2.8<2.9.8 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=3.0<3.0.6 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=3.1<3.1.2 information-disclosure https://moodle.org/mod/forum/discuss.php?d=339631 moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343275 moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343276 moodle>=2.7<2.7.17 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=2.8<2.9.9 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=3.0<3.0.7 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=3.1<3.1.3 information-disclosure https://moodle.org/mod/forum/discuss.php?d=343277 moodle>=2.7<2.7.18 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=3.0<3.0.8 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=3.1<3.1.4 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=3.2<3.2.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=345912 moodle>=2.7<2.7.18 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.0<3.0.8 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.1<3.1.4 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.2<3.2.1 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=345915 moodle>=3.1<3.1.1 information-disclosure https://moodle.org/mod/forum/discuss.php?d=336697 quagga<1.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5495 firefox<51.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/ firefox45<45.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ thunderbird<45.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/ gd<2.2.4 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912 unzip<6.0nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913 unzip<6.0nb8 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844 botan<1.10.15 integer-overflow https://github.com/randombit/botan/commit/8fce1edc0214b1149cbf4723322714f2e22032eb libarchive<3.3.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601 hexchat<2.14.0 stack-overflow https://github.com/hexchat/hexchat/issues/1934 socat<1.7.3.1 openssl-implementation http://www.dest-unreach.org/socat/contrib/socat-secadv7.html libXpm-3.5.12 denial-of-service https://www.debian.org/security/2017/dsa-3772 libquicktime-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2399 cryptopp<6.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9939 potrace<1.13 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8695 phpmyadmin<4.6.6 server-side-request-forgery https://www.phpmyadmin.net/security/PMASA-2016-44/ ruby200-archive-tar-minitar-[0-9]* directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10173 librsvg<2.40.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6163 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4797 openjpeg<2.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3183 zoneminder-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/540089 lcms2<2.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10165 pear-[0-9]* arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5630 bind>=9.9.3<9.9.9pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3135 bind>=9.10.0<9.10.4pl6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3135 ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10190 ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10191 ffmpeg2<2.8.10 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10192 ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10190 ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10191 ffmpeg3<3.2.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10192 mxml<2.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4570 mxml<2.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4571 psi-[0-9]* weak-authentication https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5593 mcabber<1.0.5 weak-authentication https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5604 squidGuard-[0-9]* cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8936 nsd<4.1.11 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6173 knot<2.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6171 potrace<1.13 multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8699 GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5241 GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7446 GraphicsMagick<1.3.25 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7447 GraphicsMagick<1.3.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7449 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7800 vim<8.0.0322 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5953 gstreamer1<1.10.3 multiple-vulnerabilities https://gstreamer.freedesktop.org/releases/1.10/#1.10.3 mysql-client>=5.5.0<5.6.21 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302 openafs<1.6.19 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9772 libwebp<0.6.0 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9085 zoneminder-[0-9]* multiple-vulnerabilities http://www.securityfocus.com/archive/1/540093 cairo<1.14.10nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9082 SOGo<3.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6188 perl<5.24.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8608 mupdf<1.10anb4 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5896 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158 php>=7.1<7.1.1 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10158 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10159 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10159 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10160 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10160 php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161 php>=7.1<7.1.1 denial-of-service https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10161 viewvc<1.1.26 cross-site-scripting http://www.openwall.com/lists/oss-security/2017/02/08/7 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html webkit-gtk<2.14.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0002.html jpeg<9c multiple-vulnerabilities https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3616 crypto++<5.6.4 timing-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3995 libtomcrypt<1.17nb3 signature-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6129 guile20<2.0.13 insecure-file-permissions https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8605 tre-[0-9]* out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8859 gst-plugins1-ugly<1.10.3nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5847 gstreamer1-plugins-bad-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5848 apache-tomcat-6.[0-9]* denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304 apache-tomcat-7.[0-9]* denial-of-service https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304 libytnef<1.9.1 null-dereference http://www.securityfocus.com/archive/1/540133 py{27,34,35,36}-crypto<2.6.1nb3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7459 slock<1.4 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6866 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7392 mupdf<1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8674 ImageMagick<7.0.3.1 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8677 ImageMagick<7.0.3.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8678 libdwarf<20161124 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8679 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8682 GraphicsMagick<1.3.26 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8683 libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8689 libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8687 libarchive<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8688 jasper<1.900.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8691 jasper<1.900.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8692 jasper<1.900.5 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8690 ImageMagick<7.0.3.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8862 ImageMagick<7.0.3.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8866 jasper<1.900.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8693 jasper<1.900.30 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9560 ImageMagick<7.0.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9773 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html webkit-gtk<2.14.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0001.html GraphicsMagick<1.3.26 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8684 py{27,34,35,36}-openpyxl<2.4.2 xml-external-entity https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5992 mysql-client>=5.7.0<5.7.5 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302 mariadb-client<=5.5.54 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3302 pcre<8.40nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6004 p5-DBD-mysql<4.039 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1249 suse{,32}_base-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5417 dovecot>=2<2.2.27 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8652 ed<1.14.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5357 SOGo<2.2.0 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9905 mantis<1.2.20 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5364 SOGo<2.3.12 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6189 SOGo>=3.0<3.1.1 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6189 SOGo<2.3.12 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6190 SOGo>=3.0<3.1.1 sensitive-information-exposure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6190 mantis<1.3.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7111 wireshark<2.2.5 infinite-loop https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6014 tnef<1.4.13 multiple-vulnerabilities https://www.x41-dsec.de/lab/advisories/x41-2017-004-tnef/ munin-server<2.999.6 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6188 SOGo<3.1.3 code-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6191 ruby{18,21,22,23}-mcollective<2.8.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2788 pcsc-lite<1.8.20 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10109 xenkernel45<4.5.5nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-196.html xenkernel46<4.6.5 denial-of-service https://xenbits.xen.org/xsa/advisory-196.html py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9909 py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9910 flightgear<2016.4.4 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9956 ghostscript-agpl<9.23 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196 ghostscript-gpl<9.06nb10 use-after-free https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196 radare2<1.4.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6197 radare2<1.4.0 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6319 radare2<1.4.0 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6387 radare2<1.4.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6415 libiberty-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4487 libiberty-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4488 libiberty-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4489 libiberty-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4490 libiberty-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4491 libiberty-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4492 libiberty-[0-9]* out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4493 libiberty-[0-9]* arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2226 ruby{18,21,22,23}-zip<1.2.1 directory-traversal https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5946 libdwarf<20160115 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5027 libdwarf<20161124 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9558 vim<8.0.0377 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6349 vim<8.0.0378 integer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6350 tigervnc<1.7.1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5581 tigervnc<1.7.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10207 ImageMagick<7.0.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8900 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8900 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8901 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8902 ImageMagick6<6.9.0.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8903 qemu<2.8.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10028 qemu<2.7.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10029 GraphicsMagick<1.3.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5240 libreoffice5-bin>5.1<5.1.6 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ libreoffice5-bin>5.2<5.2.2 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ libreoffice>5.3<5.3.0 arbitrary-file-disclosure https://www.libreoffice.org/about-us/security/advisories/cve-2017-3157/ jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5498 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5499 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5500 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5501 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5502 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5503 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5504 ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10060 ImageMagick<7.0.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10062 ImageMagick<6.9.7.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10062 ImageMagick<6.9.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10063 ImageMagick<6.9.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10064 ImageMagick<6.9.6.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10068 ImageMagick<7.0.3.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9559 tiff<4.0.7nb3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10092 tiff<4.0.7nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10093 tiff<4.0.7nb6 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10094 tiff<4.0.8nb1 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10095 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5974 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5975 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5976 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5977 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5978 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5979 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5980 zziplib<0.13.66 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5981 mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5665 mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5666 mp3splt-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5851 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9830 hesiod-[0-9]* weak-suid-check https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10151 php70-opcache<7.0.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8994 php56-opcache<5.6.29 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8994 kio<5.32 sensitive-information-disclosure https://www.kde.org/info/security/advisory-20170228-1.txt kdelibs<4.14.30 sensitive-information-disclosure https://www.kde.org/info/security/advisory-20170228-1.txt wordpress<4.7.3 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.3 php{56,70,71}-ja-wordpress<4.7.3 multiple-vulnerabilities https://codex.wordpress.org/Version_4.7.3 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6497 ImageMagick6<6.9.7.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6498 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6499 ImageMagick<7.0.4.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6500 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6500 ImageMagick6<6.9.7.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6501 ImageMagick6<6.9.7.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6502 ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10061 ImageMagick<7.0.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10065 ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10066 ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10067 ImageMagick<6.9.4.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10069 ImageMagick<6.9.4.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10070 ImageMagick<6.9.4.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10071 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6467 wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6468 wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6469 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6470 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6471 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6472 wireshark<2.2.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6473 wireshark<2.2.5 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6474 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5834 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5835 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5836 libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7969 libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7970 libass<0.13.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7972 dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7406 dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7407 dropbear<2016.74 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7408 dropbear<2016.74 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7409 php{56,70,71}-owncloud<9.1.3 username-enumeration https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5865 php{56,70,71}-owncloud<9.1.3 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5866 php{56,70,71}-owncloud<9.1.3 excessive-logging https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5867 freetype<2.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10244 ghoscript<9.20 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5653 ap{22,24}-auth-mellon<0.13.1 cross-site-session-transfer https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6807 ytnef<1.9.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6801 php{56,70,71}-roundcube<1.2.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6820 mantis<1.3.7 javascript-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6797 libupnp<1.6.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8863 tiff<4.0.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5315 firefox45<45.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-06/ webkit24-gtk{,3}-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9643 R<3.3.3 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8714 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10169 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10170 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10171 wavpack<5.1.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10172 bitlbee<3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10189 libpurple<2.12.0 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2640 adobe-flash-player<24.0.0.211 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-07.html binutils<2.26 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9939 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6965 binutils<2.29 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6966 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6969 binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7209 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7210 binutils<2.29 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7223 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7224 binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7225 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7226 binutils<2.29 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7227 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9832 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9833 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9834 ImageMagick{6,}<6.8.9.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9835 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9836 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9838 ImageMagick{6,}<6.8.9.10 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9839 ImageMagick{6,}<6.8.9.10 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9840 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9841 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9842 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9843 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9844 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9845 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9846 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9847 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9848 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9849 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9850 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9851 ImageMagick{6,}<6.8.9.10 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9852 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9853 ImageMagick{6,}<6.8.9.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9854 ImageMagick{6,}<6.6.0.5 off-by-one https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9915 ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8894 ImageMagick{6,}<6.9.3.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895 ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8895 ImageMagick<7.0.5.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8896 ImageMagick{6,}<6.9.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8897 ImageMagick{6,}<6.9.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8898 ImageMagick{6,}<6.9.4.0 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5239 ImageMagick<7.0.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9556 ImageMagick{6,}<6.9.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10046 ImageMagick{6,}<6.9.4.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10047 ImageMagick{6,}<6.9.4.7 directory-traversal https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10048 ImageMagick{6,}<6.9.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10049 ImageMagick{6,}<6.9.4.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10050 ImageMagick{6,}-6.9.5.5 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10051 ImageMagick{6,}<6.9.5.6 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10052 ImageMagick{6,}<6.9.5.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10053 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10054 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10055 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10056 ImageMagick{6,}<6.9.5.8 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10057 ImageMagick{6,}<6.9.6.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10058 ImageMagick{6,}<6.9.4.1 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10059 ImageMagick<7.0.1.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10060 ImageMagick{6,}<6.9.2.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10252 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6311 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6312 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6313 gdk-pixbuf2<2.36.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6314 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6827 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6828 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6829 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6830 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6831 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6832 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6833 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6834 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6835 libaudiofile-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6836 libaudiofile-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6837 libaudiofile-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6838 libaudiofile-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6839 jasper<1.900.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8885 jasper<1.900.9 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10248 jasper<1.900.12 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10249 jasper<1.900.13 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10250 jasper<1.900.20 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10251 jasper<2.0.19 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5505 jasper<2.0.13 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6850 jasper<2.0.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6851 jasper<2.0.10 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6852 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6435 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6436 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6437 libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6438 libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6439 libplist<2.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6440 podofo<0.9.4 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8981 podofo<0.9.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6840 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6841 podofo-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6842 podofo-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6843 podofo<0.9.6 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6844 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6845 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6846 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6847 podofo-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6848 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6849 gd<2.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6906 gd<2.2.4 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10166 gd<2.2.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10167 gd<2.2.4 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10168 mupdf<1.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10246 mupdf<1.10 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10247 mupdf<1.11 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6060 moodle<3.2.2 sql-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2641 moodle>3.2<3.2.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2643 moodle<3.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2644 moodle<3.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2645 potrace<1.15 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7263 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10155 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5525 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5526 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5578 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5579 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5667 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5856 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5987 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6058 qemu<2.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6505 ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7207 ghostscript-gpl<9.06nb11 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7207 mantis<2.1.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7222 sane-backends<1.0.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6318 git-base<1.9.3 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9938 GraphicsMagick<1.3.26 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6335 sysinfo-[0-9]* local-privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6516 php{55,56,70}-concrete5<5.6.3.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6905 php{55,56,70}-concrete5<5.6.3.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6908 libevent<2.1.6 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10195 ImageMagick<7.0.4.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7275 ImageMagick<7.0.5.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5510 ImageMagick<7.0.5.4 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5511 ImageMagick<7.0.4.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507 ImageMagick6<6.9.7.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507 ImageMagick<7.0.5.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5509 ImageMagick6<6.9.8.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5509 ImageMagick<7.0.4.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508 ImageMagick6<6.9.7.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508 ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5506 ImageMagick6<6.9.6.8 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10146 ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10144 ImageMagick6<6.9.8.3 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10145 proftpd<1.3.5d symlink-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7418 tigervnc<1.7.90 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7392 tigervnc<1.7.90 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7393 tigervnc<1.7.90 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7394 tigervnc<1.7.90 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7395 tigervnc<1.7.90 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7396 pitivi<0.95 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0855 py{27,34,35,36}-cryptography<1.5.2 weak-cryptography https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9243 mantis<1.3.8 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973 mantis>=2.1<2.1.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973 mantis>=2.2<2.2.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6973 mantis<1.3.9 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241 mantis>=2.1<2.1.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241 mantis>=2.2<2.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7241 mantis<1.3.9 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309 mantis>=2.1<2.1.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309 mantis>=2.2<2.2.3 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7309 ghostscript-agpl<9.23 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10217 ghostscript-gpl<9.06nb12 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10217 ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10218 ghostscript-agpl<9.21 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219 ghostscript-gpl<9.06nb12 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219 ghostscript-agpl<9.21 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220 ghostscript-gpl<9.06nb12 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220 ghostscript-agpl<9.22 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951 ghostscript-gpl<9.06nb12 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951 ghostscript-agpl<9.23 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10317 ghostscript-gpl-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10317 podofo<0.9.6 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7378 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7379 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7380 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7381 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7382 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7383 yara<3.6.0 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10210 yara<3.6.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10211 yara<3.6.0 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5923 yara<3.6.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5924 collectd<5.7.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7401 jasper<1.900.9 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8884 jasper<1.900.11 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8886 jasper<1.900.10 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8887 jasper<1.900.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9262 jasper<1.900.13 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9387 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9388 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9389 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9390 jasper<2.0.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9391 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9392 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9393 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9394 jasper<1.900.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9395 jasper<1.900.14 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9396 jasper<1.900.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9397 jasper<1.900.17 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9398 jasper<1.900.22 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9399 jasper<1.900.25 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9557 php{56,70,71}-owncloud>=9.0<9.0.6 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9467 php{56,70,71}-owncloud>=9.1<9.1.2 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9467 php{56,70,71}-owncloud>=9.0<9.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9468 php{56,70,71}-owncloud>=9.1<9.1.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9468 php{56,70,71}-owncloud>=9.0<9.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9463 php{56,70,71}-owncloud>=9.1<9.1.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-9463 php{56,70,71}-owncloud>=9.0<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9466 php{56,70,71}-owncloud>=9.1<9.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9466 php{56,70,71}-owncloud>=9.0<9.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2016-9461 php{56,70,71}-owncloud>=9.0<9.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2016-9462 php{56,70,71}-owncloud>=9.0<9.0.4 remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-9460 php{56,70,71}-owncloud>=9.0<9.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9459 php{56,70,71}-owncloud>=9.0<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9465 php{56,70,71}-owncloud>=9.1<9.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-9465 libxslt<1.1.29 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2015-9019 py{27,34,35,36}-django>=1.10<1.10.7 multiple-vulnerabilities https://www.djangoproject.com/weblog/2017/apr/04/security-releases/ xenkernel45<4.5.5nb5 privilege-elevation https://xenbits.xen.org/xsa/advisory-212.html xenkernel46<4.6.5nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-212.html xenkernel48<4.8.0nb1 privilege-elevation https://xenbits.xen.org/xsa/advisory-212.html py{27,34,35,36}-trytond<4.2.2 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2017-0360 apache-tomcat>=7.0<7.0.72 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6816 apache-tomcat>=8.0<8.0.38 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6816 asterisk>=13.0<13.14.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-001.html asterisk>=14.0<14.3.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-001.html curl<7.53.1nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7407 dovecot<2.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages radare2<1.4.0 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6448 radare2<1.3.0 unspecified https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6194 radare2<1.4.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7274 yaml-cpp-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-5950 mupdf<1.11 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2016-10221 mupdf<1.10nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7264 libarchive<3.3.1 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10209 putty<0.68 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-6542 hesiod-[0-9]* privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2016-10152 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-arm-none-eabi-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-freemint-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-h8300-elf-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 mingw-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 nios2-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 avr-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7299 cross-h8300-hms-binutils<2.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7300 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7301 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7302 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7303 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7304 qemu<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9922 qemu<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5931 qemu<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5973 ntp<4.2.8p10 multiple-vulnerabilities http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu bash<4.4.007 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2017-5932 chicken<4.13.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-6949 chicken<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-4556 irssi<1.0.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7191 ark<16.12.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5330 nagios-base-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6209 openslp-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-4912 moodle<3.2.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=349420 moodle<3.2.2 sql-injection https://moodle.org/mod/forum/discuss.php?d=349419 moodle<3.2.2 cross-site-scripting https://moodle.org/mod/forum/discuss.php?d=349421 moodle<3.2.2 authentication-bypass https://moodle.org/mod/forum/discuss.php?d=349422 moodle-[0-9]* cross-site-scripting http://www.daimacn.com/post/12.html potrace-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7263 pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7246 pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7245 pcre<8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7244 pcre<8.40nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7186 pcre2<10.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7186 libgit2<0.25.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10129 libgit2<0.25.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-10130 libgit2<0.25.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10128 libdwarf<20161124 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9275 libdwarf<20161124 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9276 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9266 ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-9265 ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9264 libwmf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9011 tiff<4.0.7nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10272 tiff<4.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10269 tiff<4.0.7nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10271 tiff<4.0.7nb8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10270 tiff<4.0.7nb9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10268 tiff<4.0.7nb10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10266 tiff<4.0.7nb11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10267 mupdf<1.11 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10132 mupdf<1.11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10133 ettercap<0.8.3 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6430 ettercap-NG<0.8.3 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6430 tcpreplay<4.2.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6429 ffmpeg010-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5361 libevent<2.1.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10196 libevent<2.1.6 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10197 slurm>2.4.0pre4<15.08.13 remote-information-modification https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10030 calibre<2.75 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10187 zoneminder<1.30.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7203 mapserver<6.2.4 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5522 viewvc<1.1.26 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5938 capstone<3.0.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6952 ioquake3<1.36.20200125 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6903 wordpress<4.7.2 remote-information-modification https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1001000 php>=7.1<7.1.3 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6441 ming<0.4.8 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7578 apache-tomcat>=6.0<6.0.48 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735 apache-tomcat>=7.0<7.0.73 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735 apache-tomcat>=8.0<8.0.39 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8735 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7585 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7586 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7585 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7586 gst-plugins1-ugly<1.10.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5846 jbig2dec<0.14 integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9601 samba<4.4.12 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2619 wireshark<2.2.4 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5596 wireshark<2.2.4 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5597 ruby21-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages erlang<18.3.4.5 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10253 mysql-server>=5.5.0<5.5.54 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 mysql-server>=5.6.0<5.6.35 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 mysql-server>=5.7.0<5.7.17 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 mariadb-server<5.5.55 unauthorized-access https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-3313 libsamplerate<0.1.9 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7697 mantis<1.3.1nb2 remote-server-admin https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7615 jasper<2.0.12 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9591 apache-tomcat>=7.0<7.0.76 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5648 apache-tomcat>=8.0<8.0.42 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5648 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8127 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8665 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8683 tiff<4.0.7 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5875 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9273 ImageMagick<7.0.4.8 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9829 ImageMagick6<6.9.7.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9829 ImageMagick<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7606 ImageMagick<7.0.5.2 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7619 libdwarf<20160923 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5041 libxml2<2.9.4nb3 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5969 ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8354 ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8355 ImageMagick{6,}<6.8.9.9 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8562 ImageMagick{6,}<6.9.0.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9837 qemu<2.5.1 floating-point-exception https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8504 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8568 qemu<2.5.1 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8613 qemu<2.5.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8666 qemu<2.9.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7377 tiff<4.0.7 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5322 libblkid<2.28.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5011 minicom<2.7.1 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7467 adobe-flash-player<25.0.0.148 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-10.html radare2<1.4.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7716 radare2<1.4.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7854 radare2<1.4.0 use-after-free https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7946 bugzilla<5.0.3 code-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2803 wireshark<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7957 wireshark<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7958 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7700 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7701 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7702 wireshark<2.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7703 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7704 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7705 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7745 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7746 wireshark<2.2.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7747 wireshark<2.2.6 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7748 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7741 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7741 libsndfile<1.0.28 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7742 suse{,32}_libsndfile-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7742 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7592 tiff<4.0.7nb2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7593 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7594 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7595 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7596 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7597 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7598 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7599 tiff<4.0.7nb5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7600 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7601 tiff<4.0.7nb2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7602 botan>=1.11.0<1.11.22 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7824 botan>=1.11.6<1.11.22 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7825 botan>=1.11.0<1.11.22 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7826 botan>=1.11.12<1.11.31 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6878 botan>=1.11.0<1.11.31 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6879 squirrelmail<1.4.23pre14605nb1 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7692 inspircd<2.0.7 buffer-underflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6674 inspircd<2.0.7 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6697 squashfs-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4646 a2ps<4.14nb10 format-string https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8107 rtmpdump-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8270 rtmpdump-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8271 rtmpdump-[0-9]* null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8272 qemu<2.5.0 infinite-loop https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8345 qemu<2.5.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8567 qemu<2.5.1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8619 php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8864 php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4068 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10324 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10325 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10326 libosip2<4.1.0nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7853 binutils<2.29 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7614 freetype2<2.7.1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10328 freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7857 freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7858 freetype2<2.8 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7864 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7859 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7862 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7863 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7865 ffmpeg3<3.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7866 ImageMagick{6,}<6.9.0.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9907 ImageMagick{6,}<6.9.3.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7515 ImageMagick{6,}<6.9.3.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7519 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7522 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7528 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7529 ImageMagick{6,}<6.9.3.4 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7531 ImageMagick{6,}<6.9.3.4 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7533 ImageMagick{6,}<6.9.3.8 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7537 ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7941 ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7941 ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7942 ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7942 ImageMagick6<6.9.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7943 ImageMagick>=7.0<7.0.5.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7943 apache-tomcat>=6.0<6.0.53 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=7.0<7.0.77 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=8.0<8.0.43 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=8.5<8.5.13 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5647 apache-tomcat>=7.0<7.0.76 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648 apache-tomcat>=8.0<8.0.42 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648 apache-tomcat>=8.5<8.5.12 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5648 apache-tomcat>=8.5<8.5.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5650 apache-tomcat>=8.5<8.5.13 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5651 feh<2.18.3 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7875 gnutls<3.5.10 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7869 ghostscript-agpl<9.22 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7948 ghostscript-gpl-[0-9]* out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7948 ghostscript-agpl<9.21 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8602 ghostscript-gpl-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8602 icu<58.2nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7867 icu<58.2nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7868 jbig2dec<0.13nb1 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7885 jbig2dec<0.13nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7975 jbig2dec<0.13nb1 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7976 keepassx<0.4.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8378 libcroco>=0.6.11<0.6.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7960 libcroco>=0.6.11<0.6.13 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7961 nettle<3.3 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6489 opencv<3.3.1 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1516 opencv<3.3.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1517 sudo<1.8.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7032 bind>=9.9.0<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3136 bind>=9.10.0<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3136 bind>=9.9.0<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3137 bind>=9.10.0<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3137 bind>=9.9.0<9.9.9pl8 denial-of-service https://kb.isc.org/article/AA-01467 bind>=9.10.0<9.10.4pl8 denial-of-service https://kb.isc.org/article/AA-01467 php{56,70,71}-gmp-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7963 mediawiki<1.23.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331 mediawiki>=1.26.0<1.26.4 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331 mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6331 mediawiki<1.23.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332 mediawiki>=1.26.0<1.26.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332 mediawiki>=1.27.0<1.27.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6332 mediawiki<1.23.15 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333 mediawiki>=1.26.0<1.26.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333 mediawiki>=1.27.0<1.27.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6333 mediawiki<1.23.15 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334 mediawiki>=1.26.0<1.26.4 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334 mediawiki>=1.27.0<1.27.1 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6334 mediawiki<1.23.15 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335 mediawiki>=1.26.0<1.26.4 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335 mediawiki>=1.27.0<1.27.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6335 mediawiki<1.23.15 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336 mediawiki>=1.26.0<1.26.4 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336 mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6336 mediawiki>=1.27.0<1.27.1 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6337 qemu<2.8.1.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7718 libplist<2.0.0 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7982 ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8957 ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8958 ImageMagick{6,}<6.9.0.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8959 ImageMagick{6,}<6.9.5.3 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5010 ImageMagick{6,}<6.8.8.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7513 ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7514 ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7516 ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7517 ImageMagick{6,}<6.9.3.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7518 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7520 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7521 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7525 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7526 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7527 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7530 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7532 ImageMagick{6,}<6.9.3.4 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7534 ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7535 ImageMagick{6,}<6.9.3.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7536 ImageMagick{6,}<6.9.3.8 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7538 ImageMagick{6,}<6.9.4.10 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7540 moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3729 moodle<3.0.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3731 moodle<3.0.4 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3732 moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3733 moodle<3.0.4 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3734 mbedtls<1.3.19 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2784 mbedtls>=2.2<2.4.2 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2784 podofo<0.9.6 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7994 podofo<0.9.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8053 podofo-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8054 php55-bz2<5.5.38 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399 php56-bz2<5.6.24 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399 php70-bz2<7.0.9 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5399 chicken<4.12.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9954 weechat<1.7.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8073 graphite2<1.3.10 out-of-bounds-write https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/ nss<3.29.5 out-of-bounds-write https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/ sudo<1.8.12 security-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9680 pcre2<10.30 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8399 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8343 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8343 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8344 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8344 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8345 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8345 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8346 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8346 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8347 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8347 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8348 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8348 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8349 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8349 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8350 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8350 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8351 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8351 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8352 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8352 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8353 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8353 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8354 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8354 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8355 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8355 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8356 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8356 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8357 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8357 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8765 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8765 boehm-gc<=7.4.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9427 wget<1.19.1nb1 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2017-6508 magento-[0-9]* multiple-vulnerabilities http://www.defensecode.com/advisories/DC-2017-04-003_Magento_Arbitrary_File_Upload.pdf apache-tomcat-[0-9]* directory-traversal http://www.defensecode.com/advisories/DC-2017-03-001_DefenseCode_ThunderScan_SAST_Apache_Tomcat_Security_Advisory.pdf php{56,70,71}-concrete5-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2017-7725 php{56,70,71}-concrete5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8082 firefox45<45.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/ mysql-server>=5.5<5.5.54 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-server>=5.6<5.6.35 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-server>=5.7<5.7.17 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.5<5.5.54 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.6<5.6.35 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.7<5.7.17 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL openjdk8<1.8.131 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA oracle-jdk8<8.0.131 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA oracle-jre8<8.0.131 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8787 podofo-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8378 podofo-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-7994 podofo<0.9.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8054 podofo-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8053 pcre2<10.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8786 qemu<2.10.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-8112 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8086 qemu<2.9 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2017-8284 qemu<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7718 wordpress<4.7.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-8295 php{56,70,71}-ja-wordpress<4.7.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-8295 openssl>=1.1.0<1.1.0e denial-of-service https://www.openssl.org/news/secadv/20170216.txt openssl>=1.0.2<1.0.2k multiple-vulnerabilities https://www.openssl.org/news/secadv/20170126.txt openssl>=1.1.0<1.1.0d multiple-vulnerabilities https://www.openssl.org/news/secadv/20170126.txt openssl>=1.1.0<1.1.0c multiple-vulnerabilities https://www.openssl.org/news/secadv/20161110.txt rxvt<2.7.10nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7483 rzip-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8364 libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8365 suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8365 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 suse{,32}_libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 libsndfile<1.0.28nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8363 suse{,32}_libsndfile-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8363 libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 libsndfile<1.0.28nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8365 suse{,32}_libsndfile-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8365 libsndfile<1.0.28nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 suse{,32}_libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8361 libsndfile<1.0.28nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 suse{,32}_libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8362 libsndfile<1.0.28nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8363 suse{,32}_libsndfile-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-8363 ettercap-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8366 ettercap-NG-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8366 avahi<0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6519 libarchive<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10349 libarchive<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-10350 Radicale<1.1.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8342 php{56,70,71}-roundcube<1.2.5 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-8114 dpkg<1.18.24 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8283 udfclient<0.8.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8305 libressl>=2.5.1<2.5.4 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2017-8301 freetype2<2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8105 webmin<1.830 arbitrary-script-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2106 lshell-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2016-6903 freetype2<2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8287 lame<3.100 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8419 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-arm-none-eabi-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 avr-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-freemint-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-h8300-elf-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 cross-h8300-hms-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 mingw-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8392 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8393 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8394 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8395 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8396 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8397 nios2-binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8398 ghostscript-agpl<9.23 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-8291 ghostscript-gpl-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-8291 libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8372 libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8373 libmad<0.15.1bnb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8374 firefox52<52.1.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/ apache-tomcat>=7.0<7.0.77 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647 apache-tomcat>=8.0<8.0.43 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647 apache-tomcat>=8.5<8.5.13 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647 apache-tomcat>=7.0<7.0.76 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648 apache-tomcat>=8.0<8.0.42 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648 apache-tomcat>=8.5<8.5.12 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5648 salt<2016.11.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8109 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8845 suse{,32}_base-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8804 libetpan<1.8 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8825 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8830 ImageMagick>=7.0<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8830 lrzip-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8844 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-8846 lrzip-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8847 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8842 lrzip-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8843 libxslt<1.1.29nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-5029 kpathsea<6.2.2nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-10243 xenkernel42-[0-9]* information-disclosure http://www.openwall.com/lists/oss-security/2017/03/05/1 libytnef<1.9.2 multiple-vulnerabilities https://www.debian.org/security/2017/dsa-3846 php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0890 php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891 php{56,70,71}-nextcloud<11.0.3 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2017-0892 php{56,70,71}-nextcloud<11.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0893 php{56,70,71}-nextcloud<11.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0894 php{56,70,71}-nextcloud<11.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0895 lxterminal<0.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10369 git-base<2.12.3 security-restrictions-bypass https://www.debian.org/security/2017/dsa-3848 miniupnpc<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8798 libxml2<2.9.8nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8872 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-215.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-215.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-215.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-214.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-213.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-213.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-213.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-213.html tnef<1.4.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-8911 ghostscript-agpl<9.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8908 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8908 pcmanfm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8934 moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7489 moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7490 moodle<3.2.3 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2017-7491 bitlbee<3.5.1 multiple-vulnerabilities https://www.debian.org/security/2017/dsa-3853 yara<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8929 php>=7<7.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8923 php>=8.0<8.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8923 flightgear<2017.2.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-8921 postgresql92-server<9.2.21 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql93-server<9.3.17 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql94-server<9.4.12 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql95-server<9.5.7 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ postgresql96-server<9.6.3 multiple-vulnerabilities https://www.postgresql.org/about/news/1746/ libreoffice<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327 libreoffice5-bin<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327 libreoffice<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870 libreoffice5-bin<5.2.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870 php{56,70,71}-owncloud>=9.0<9.058 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891 php{56,70,71}-owncloud>=9.1<9.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-0891 php{56,70,71}-wordpress<4.7.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9061 php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9062 php{56,70,71}-wordpress<4.7.5 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9063 php{56,70,71}-wordpress<4.7.5 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9064 php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9065 php{56,70,71}-wordpress<4.7.5 input-validation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9066 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9047 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9048 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9049 libxml2<2.9.4nb4 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9050 openvpn<2.3.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7478 openvpn<2.3.15 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7479 cairo<1.14.10nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7475 p5-Perl-Tidy-[0-9]* symlink-attack https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10374 kdelibs4<4.14.32 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422 kauth<5.34 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8422 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9110 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9111 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9112 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9113 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9114 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9115 openexr<2.2.1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9116 libraw<0.18.2 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6886 libraw<0.18.2 memory-corruption https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6887 samba<4.6.4 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494 samba<3.6.25nb6 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494 go>1.6<1.8.2 weak-cryptography https://golang.org/issue/20040 pgbouncer<1.5.5 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4054 pgbouncer<1.6.1 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6817 php{56,70,71}-roundcube<1.1.2 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5381 php{56,70,71}-roundcube<1.1.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5382 php{56,70,71}-roundcube<1.1.2 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5383 ruby{18,193,200,21,22,23}-redmine<2.6.2 cross-site-scripting https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8477 ghostscript-agpl<9.21 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977 ghostscript-gpl-[0-9]* information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7977 ghostscript-agpl<9.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7978 ghostscript-gpl-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7978 ghostscript-agpl<9.21 arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7979 ghostscript-gpl-[0-9]* arbitrary-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7979 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9840 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9841 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9842 zlib<1.2.9 unspecified https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9843 libtasn1<4.11 stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6891 mantis<1.3.11 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620 mantis>=2.0<2.3.3 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620 mantis>=2.4<2.4.1 cross-site-request-forgery https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7620 qemu<2.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8309 qemu<2.10.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8379 libytnef-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9146 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9151 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9152 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9153 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9154 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9155 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9156 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9157 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9158 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9159 autotrace-[0-9]* stack-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9160 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9161 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9162 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9163 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9164 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9165 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9166 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9167 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9168 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9169 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9170 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9171 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9172 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9173 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9174 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9175 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9176 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9177 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9178 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9179 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9180 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9181 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9182 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9183 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9184 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9185 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9186 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9187 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9188 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9189 autotrace-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9190 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9191 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9192 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9193 autotrace-[0-9]* heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9194 autotrace-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9195 autotrace-[0-9]* negative-size-param https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9196 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9197 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9198 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9199 autotrace-[0-9]* integer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9200 qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9208 qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9209 qpdf<7.0.0 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9210 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8310 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8311 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8312 vlc>=2.2<2.2.5 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8313 kodi<17.2 arbitrary-file-overwrite https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8313 botan>=2.0<2.1.0 verification-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2801 botan<1.10.6 verification-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2801 jbig2dec<0.13nb1 null-dereference https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9216 oniguruma<6.8.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9224 oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9225 oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9226 oniguruma<6.8.2 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9227 oniguruma<6.8.2 out-of-bounds-write https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9228 oniguruma<6.8.2 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9229 tiff<4.0.8nb1 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9147 webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html webkit-gtk<2.16.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0003.html webkit1-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html webkit-gtk<2.16.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0004.html yodl<3.07.01 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10375 ImageMagick6<6.9.8.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9141 ImageMagick>=7.0<7.0.5.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9141 ImageMagick6<6.9.8.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9142 ImageMagick>=7.0<7.0.5.7 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9142 ImageMagick6<6.9.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9143 ImageMagick>=7.0<7.0.5.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9143 ImageMagick6<6.9.8.5 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9144 ImageMagick>=7.0<7.0.5.6 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9144 exiv2<0.27 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9239 picocom<2.0 command-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9059 gajim<0.16.8 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10376 GraphicsMagick<1.3.24 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9098 ImageMagick>=7.0<7.0.5.2 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9098 snort-[0-9]* out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6658 qemu<2.10.0 privilege-escalation https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7493 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9038 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9039 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9040 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9041 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9042 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9043 binutils<2.29 denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9044 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9052 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9053 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9054 libdwarf<20170416 out-of-bounds-read https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9055 dropbear<2017.75 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9078 dropbear<2017.75 information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9079 libytnef<1.9.3 heap-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9058 asterisk>=13.0<13.15.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-002.html asterisk>=14.0<14.4.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-002.html asterisk>=13.0<13.15.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-003.html asterisk>=14.0<14.4.1 buffer-overflow http://downloads.asterisk.org/pub/security/AST-2017-003.html asterisk>=13.0<13.15.1 denial-of-service http://downloads.asterisk.org/pub/security/AST-2017-004.html asterisk>=14.0<14.4.1 denial-of-service http://downloads.asterisk.org/pub/security/AST-2017-004.html sudo>=1.8.6p7<1.8.20 privilege-escalation https://www.sudo.ws/alerts/linux_tty.html p5-File-Path<2.13 insecure-chmod http://search.cpan.org/dist/File-Path/lib/File/Path.pm#SECURITY_CONSIDERATIONS perl<5.26.0nb1 insecure-chmod http://search.cpan.org/dist/File-Path/lib/File/Path.pm#SECURITY_CONSIDERATIONS yara<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9304 irssi<1.0.3 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9468 irssi<1.0.3 out-of-bounds-read https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9469 git-base<2.12.3 remote-privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386 libquicktime-[0-9]* infinite-loop https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9122 libquicktime-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9123 libquicktime-[0-9]* null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9124 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9125 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9126 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9127 libquicktime-[0-9]* heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9128 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9262 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9262 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9261 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9261 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9405 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9409 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9409 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9439 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9439 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9440 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9440 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9407 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499 #ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499 ImageMagick<7.0.6.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500 ImageMagick6<6.9.8.10 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9500 poppler-utils<0.56.0 null-dereference https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511 poppler-utils<0.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7515 #poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9083 poppler<0.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9406 poppler<0.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9408 samba<4.4.10 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-9461 samba>=4.5<4.5.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-9461 expat<2.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9063 expat<2.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9233 php{56,70,71}-contao43-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages chicken<4.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9334 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8782 vlc<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9300 vlc<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9301 freeradius<3.0.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9148 php>=7<7.3.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9119 php>=7.4<7.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9119 wireshark<2.2.7 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-30.html ansible<1.9.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-6240 libytnef<1.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9474 libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9473 libytnef-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9472 libytnef<1.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9471 libytnef<1.9.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9470 py{27,34,35,36}-mercurial<4.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9462 yara<3.6.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9465 yara<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9438 yara<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9465 kodi<17.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8314 php{56,70,71}-piwigo<2.9.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9452 apache-tomcat>=7.0<7.0.78 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664 apache-tomcat>=8.0<8.0.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664 apache-tomcat>=8.5<8.5.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5664 yodl<3.07.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10375 openvpn<2.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7508 openvpn<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7520 openvpn<2.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7521 openvpn<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7522 openldap<2.4.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9287 libsndfile<1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6892 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9782 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9130 poppler<0.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9865 lame<3.100nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9099 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9100 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9101 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9869 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9870 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9871 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9872 unrar<5.5.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-6706 ntopng<3.0 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7459 ntopng<3.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-7416 libmtp<1.1.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9831 libmtp<1.1.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9832 gnutls<3.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7507 libgcrypt<1.7.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9526 gnuplot<5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9670 libstaroffice<0.0.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9432 php{56,70,71}-piwigo<2.9.1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-9464 php{56,70,71}-piwigo<2.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9463 php{56,70,71}-piwigo-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9837 php{56,70,71}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9836 libthrift<0.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3254 samba<4.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9461 libcroco-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8871 libcroco-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8834 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9928 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9929 rabbitmq<3.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-4965 rabbitmq<3.6.9 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2017-4966 rabbitmq<3.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-4967 jetty<9.4.6.20170531 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9735 exim<4.90 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000369 radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9520 radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9761 radare2<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9762 ansible<1.6.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3498 ansible<1.9.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2015-6240 libmwaw<0.3.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9433 h2o<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7835 cryptopp<5.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9434 dnstracer<1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9430 kdepim4<5.5.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9604 apache>=2.2.0<2.2.33 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-3167 apache>=2.4.1<2.4.26 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-3167 apache>=2.2.0<2.2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3169 apache>=2.4.1<2.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3169 apache>=2.2.0<2.2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7668 apache>=2.4.1<2.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7668 apache>=2.2.0<2.2.33 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7679 apache>=2.4.1<2.4.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7679 thunderbird<52.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/ firefox<54.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/ firefox52<52.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/ thunderbird<52.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/ py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220 adobe-flash-player<26.0.0.126 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-17.html rar-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-9983 bind>=9.9.0<9.9.10pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3140 bind>=9.10.0<9.10.5pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3140 php{56,70,71}-tiki6<17.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9305 tiff<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9403 tiff<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9815 tiff<4.0.9nb2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9935 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9936 jbigkit<2.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9937 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10688 libdwarf<20160115 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-8538 libdwarf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9998 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9218 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9219 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9220 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9221 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9222 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9223 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9253 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9254 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9255 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9256 faad2<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9257 php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10678 php{56,70,71}-piwigo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10679 php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10680 php{56,70,71}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-10681 php{56,70,71}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10682 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9988 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9989 tor<0.3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-0375 tor<0.3.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0377 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10791 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10792 p5-DBD-mysql-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10788 p5-DBD-mysql-[0-9]* verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-10789 qemu<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9310 qemu<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9330 php>=5.6<5.6.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4473 php>=7.0<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-4473 wireshark<2.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9616 wireshark<2.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9766 ruby{22,23}-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9096 ruby24<2.4.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9096 ruby{22,23,24}-mail{,25}<2.5.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-9097 binutils<2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9742 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9954 binutils<2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9955 gdb<8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9778 ntopng<3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7458 radare2<1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9949 radare2<1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9763 ocaml>=4.04<4.04.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-9772 horde-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9773 horde-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9774 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9953 teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9982 stalin-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2015-8697 ffmpeg3<3.3.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9990 ffmpeg2<2.8.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9991 ffmpeg3<3.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9991 ffmpeg2<2.8.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9992 ffmpeg3<3.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9992 ffmpeg2<2.8.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-9993 ffmpeg3<3.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-9993 ffmpeg2<2.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9994 ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9994 ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9995 ffmpeg2<2.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9996 ffmpeg3<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9996 p5-XML-LibXML<2.0131 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-10672 mpg123<1.25.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10683 ncurses<6.0nb4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10684 ncurses<6.0nb4 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-10685 ncursesw<6.0nb3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10684 ncursesw<6.0nb3 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-10685 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-10686 libsass-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10687 vlc>=2.2<2.2.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-10699 mcollective<2.10.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2292 libtasn1<4.13 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-10790 GraphicsMagick<1.3.26 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10794 GraphicsMagick<1.3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10799 GraphicsMagick<1.3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10800 webmin<1.850 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9313 rt4<4.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-6127 rt4<4.2.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5361 rt4<4.2.14 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-5943 rt4<4.2.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5944 contao35<3.5.28 file-inclusion https://contao.org/en/news/contao-3_5_28.html php{55,56,70,71}-contao35<3.5.28 file-inclusion https://contao.org/en/news/contao-3_5_28.html php{56,70,71}-contao44<4.4.1 file-inclusion https://contao.org/en/news/contao-3_5_28.html evince<3.22.1nb6 command-injection https://bugzilla.gnome.org/show_bug.cgi?id=784630 jabberd<2.6.1 authentication-bypass https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5664 xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel46<4.6.6 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel48<4.8.2 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-217.html xenkernel42-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel46<4.6.6 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-218.html xenkernel42-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel45-[0-9]* privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel46<4.6.6 privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel48<4.8.2 privilege-elevation https://xenbits.xen.org/xsa/advisory-219.html xenkernel45-[0-9]* information-disclosure https://xenbits.xen.org/xsa/advisory-220.html xenkernel46<4.6.6 information-disclosure https://xenbits.xen.org/xsa/advisory-220.html xenkernel48<4.8.2 information-disclosure https://xenbits.xen.org/xsa/advisory-220.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-221.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-221.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-221.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel46<4.6.6 denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-222.html xenkernel42-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html xenkernel46<4.6.6 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-224.html py{27,34,35,36}-tlslite<0.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3220 radare2<1.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10929 ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928 ImageMagick6<6.9.10.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141 ImageMagick<7.0.6.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995 ImageMagick6<6.9.9.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995 ImageMagick<7.0.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188 ImageMagick6<6.9.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170 modular-xorg-server<1.19.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10971 modular-xorg-server<1.19.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10972 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9524 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9129 #pcre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11164 # disputed https://lists.exim.org/lurker/message/20200803.110207.8e4981db.en.html php>=5.6<5.6.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11147 php>=7.0<7.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11147 php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145 php>=7.0<7.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145 php>=7.0<7.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11145 php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144 php>=7.0<7.0.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144 php>=7.0<7.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11144 php>=5.6<5.6.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-11143 php>=5.6<5.6.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142 php>=7.0<7.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142 php>=7.1<7.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11142 php>=5.6<5.6.28 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10397 php>=7.0<7.0.13 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10397 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11140 GraphicsMagick<1.3.27 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-11139 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11102 mpg123<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11126 ncurses<6.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11113 ncurses<6.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11112 ncursesw<6.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11113 ncursesw<6.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11112 tcpdump<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11108 nasm<2.13.02 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11111 vim<8.0.0704 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11109 phpldapadmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11107 knot<2.5.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-11104 catdoc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11110 sqlite3<3.20.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10989 libcares<1.13.0 out-of-bounds-read https://c-ares.haxx.se/adv_20170620.html irssi<1.0.4 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_07.txt poppler<0.56 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2818 poppler<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2814 gnome-session<2.29.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11171 ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478 ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478 ImageMagick<7.0.6.1 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556 ImageMagick6<6.9.9.0 multiple-vulnerabilities https://github.com/ImageMagick/ImageMagick/issues/556 ImageMagick<7.0.7.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11540 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11537 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11537 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11538 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11538 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11539 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11539 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11536 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11536 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11534 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11534 libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11554 libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11555 libsass<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11556 tcpdump<4.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11541 tcpdump<4.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11542 tcpdump<4.9.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11543 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11553 # in stills2dv, not libjpeg-turbo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9614 libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11550 libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11551 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11332 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11358 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11359 libao-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11548 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11692 xz<5.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-4035 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11691 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000031 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000032 gsoap<2.8.48 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9765 nodejs<8.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11499 libvorbis<1.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11333 vorbis-tools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11331 timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11546 timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11547 timidity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11549 tinyproxy<1.10.0 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11747 tenshi-[0-9]* local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11746 nosefart-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11119 php{56,70,71}-owncloud>=9.0<9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8896 php{56,70,71}-owncloud>=9.1<9.1.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-9338 memcached<1.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9951 jasper<2.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000050 php{56,70,71}-roundcube<1.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-8864 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11474 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11475 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11329 glpi<9.1.5.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-11183 glpi<9.1.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-11184 librsvg<2.40.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11464 adobe-flash-player<26.0.0.131 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-21.html libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11423 libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11590 jenkins<2.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000362 shotwell<0.25.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000024 libopenmpt<0.2.8461 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-11311 xmlsec1<1.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000061 cairo<1.14.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9814 yara<3.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11328 phpmyadmin<4.6.6 denial-of-service https://www.phpmyadmin.net/security/PMASA-2017-3/ gtk-vnc<0.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000044 moodle<3.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2642 moodle<3.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7531 moodle<3.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7532 bind>=9.9.0<9.9.10pl2 information-disclosure https://kb.isc.org/article/AA-01504/74/CVE-2017-3142 bind>=9.10.0<9.10.5pl2 information-disclosure https://kb.isc.org/article/AA-01504/74/CVE-2017-3142 bind>=9.9.0<9.9.10pl2 security-bypass https://kb.isc.org/article/AA-01504/74/CVE-2017-3143 bind>=9.10.0<9.10.5pl2 security-bypass https://kb.isc.org/article/AA-01504/74/CVE-2017-3143 nginx<1.12.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7529 nginx>=1.13<1.13.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7529 teamspeak-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8290 heimdal<7.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-11103 apache>=2.4.26<2.4.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-9789 apache<2.2.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9788 apache>=2.4<2.4.27 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9788 apache-roller<5.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-0249 ruby{22,23,24}-mixlib-archive<0.4.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-1000026 epiphany<3.18.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000025 php{56,70,71}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-1000035 KeePass<1.33 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000066 libcares>=1.8.0<1.13.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-1000381 freeradius>=3.0<3.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10978 freeradius<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10978 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11336 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11341 chicken<4.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11343 php70-intl<7.0.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11362 php71-intl<7.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11362 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11399 ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11399 go<1.7.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8932 go>=1.8<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8932 ruby24>=2.4.1<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11465 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11434 php<5.6.31 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628 php>=7.0<7.0.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628 php>=7.1<7.1.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11628 gcc48<4.8.5nb4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 gcc49<4.9.4nb4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 gcc5<5.4.0nb5 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 gcc6<6.4.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-11671 soundtouch<1.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9258 mpg123<1.25.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9545 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11720 ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11719 rspamd<1.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-11737 ntp<4.2.8p5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5300 links<2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11114 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11613 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11643 ImageMagick6<6.9.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-11644 ImageMagick<7.0.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-11644 arts-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-7543 kdelibs3-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-7543 mantis<1.2.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5059 mantis<1.3.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061 mantis>=2.0<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061 mantis>=2.0<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12062 libmad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11552 cacti<1.1.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12066 cacti<1.1.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12065 potrace-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12067 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11703 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11704 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11705 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11728 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11729 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11730 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11732 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11733 ImageMagick6>=6.9.9.4<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11750 ImageMagick>=7.0.6.4<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11750 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11751 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11751 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11754 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11754 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11752 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11752 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11753 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11755 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11755 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12140 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12140 libytnef<1.9.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12141 libquicktime-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12143 libytnef<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12142 libytnef<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12144 libquicktime-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12145 hplip<3.15.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-0839 jasper<1.900.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5203 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10664 qemu<2.10.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10806 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11334 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11731 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11734 php56-gd<5.6.31 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890 php70-gd<7.0.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890 php71-gd<7.1.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7890 ioquake3<1.36.20200125 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11721 mysql-server<5.0.67 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4098 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11722 ImageMagick<7.0.6.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12418 ImageMagick6<6.9.9.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12418 ghostscript-agpl<9.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11714 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11714 varnish>=4.0.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425 varnish>=4.1.0<4.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425 varnish>=5.1.0<5.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12425 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12428 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12428 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12429 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12429 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12430 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12430 ImageMagick6<6.9.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12427 ImageMagick<7.0.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12427 ImageMagick6<6.9.9.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12431 ImageMagick<7.0.6.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12431 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12432 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12432 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12433 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12433 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12434 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12434 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12435 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12435 binutils<2.30 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12448 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12449 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12450 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12452 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12451 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12454 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12453 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12455 binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-12457 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12458 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12456 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12459 ledger<3.1.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12481 ledger<3.1.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12482 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11724 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11724 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11665 ffmpeg3<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11665 mantis-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12419 libsndfile<1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12562 ImageMagick6<6.9.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12565 ImageMagick<7.0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12565 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12564 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12564 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12566 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12566 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12563 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12563 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12587 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12587 rsyslog<8.28.0 format-string https://nvd.nist.gov/vuln/detail/CVE-2017-12588 openexr<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12596 opencv<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12598 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12597 opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12600 opencv<3.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12599 opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12602 opencv<3.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12601 opencv<3.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12603 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12604 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12605 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-12606 libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6419 clamav<0.99.3nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-6418 clamav<0.99.3nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-6420 samba>=4.0.0<4.5.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-2126 ImageMagick6<6.9.9.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12640 ImageMagick<7.0.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12640 ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12641 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12641 ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12643 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12643 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12642 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12642 ImageMagick6<6.9.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12644 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12644 ghostscript-agpl<9.23 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9835 ghostscript-gpl-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9835 mysql-client>=5.6<5.6.37 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL mysql-server>=5.6<5.6.37 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL mysql-client>=5.7<5.7.19 unauthorized-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3651 mysql-server>=5.7<5.7.19 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL openjdk8<1.8.144 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA oracle-jdk8<8.0.144 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA oracle-jre8<8.0.144 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA ipsec-tools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10396 firefox<68.0 denial-of-service http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt cliqz<1.28.0 denial-of-service http://hyp3rlinx.altervista.org/advisories/FIREFOX-v54.0.1-DENIAL-OF-SERVICE.txt seamonkey<2.48 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/ fontforge<20170730 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11576 freerdp-[0-9]* multiple-vulnerabilities http://blog.talosintelligence.com/2017/07/vulnerbility-spotlight-freerdp-multiple.html ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12654 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12662 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12663 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12664 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12665 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12666 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12667 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12668 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12669 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12670 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12671 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12672 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12673 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12674 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12675 ImageMagick<7.0.7.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12676 binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12967 binutils<2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12799 firefox52<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-19/ pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12958 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12959 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12960 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12961 libsass<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12962 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12963 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12964 unrar<5.5.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-12938 unrar<5.5.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12940 unrar<5.5.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12941 unrar<5.5.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12942 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12955 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12956 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12957 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11683 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12935 GraphicsMagick<1.3.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12936 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12937 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11661 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11662 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11663 libwildmidi<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11664 adobe-flash-player<26.0.0.151 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-23.html librest07<0.7.93 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-2675 librest-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-2675 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12944 py{27,34,35,36}-attic<0.15 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2015-4082 augeas<1.8.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7555 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12927 postgresql94-server<9.4.13 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/ postgresql95-server<9.5.8 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/ postgresql96-server<9.6.4 multiple-vulnerabilities https://www.postgresql.org/about/news/1772/ apache>=2.4<2.4.26 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-7659 php{56,70,71}-owncloud<10.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9339 php{56,70,71}-owncloud<10.0.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-9340 apache-tomcat>=8.5<8.5.16 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7675 apache-tomcat>=7.0<7.0.79 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-7675 apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796 apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796 apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-6796 apache-tomcat>=7.0<7.0.72 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797 apache-tomcat>=8.0<8.0.37 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797 apache-tomcat>=8.5<8.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6797 apache-tomcat>=7.0<7.0.74 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745 apache-tomcat>=8.0<8.0.40 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745 apache-tomcat>=8.5<8.5.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8745 apache-tomcat>=8.5<8.5.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6817 apache-tomcat>=8.5<8.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-6794 apache-tomcat>=7.0<7.0.72 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8744 apache-tomcat>=8.0<8.0.37 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8744 apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018 apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018 apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-5018 apache-tomcat>=8.5<8.5.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762 apache-tomcat>=7.0<7.0.72 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762 apache-tomcat>=8.0<8.0.37 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-0762 opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12863 opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12864 opencv<3.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12862 xenkernel45-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-230.html xenkernel46<4.6.6nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-230.html xenkernel48<4.8.2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-230.html py{27,33,34,35}-numpy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12852 mantis<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12061 mantis<2.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12062 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9410 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9411 lame<3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9412 lame<3.100 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9412 taglib<1.11.1nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12678 subversion-base<1.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-9800 curl>=7.34.0<7.55.0 out-of-bounds-read https://curl.haxx.se/docs/adv_20170809A.html curl>=7.15.0<7.55.0 information-disclosure https://curl.haxx.se/docs/adv_20170809B.html curl>=7.54.1<7.55.0 out-of-bounds-read https://curl.haxx.se/docs/adv_20170809C.html soundtouch<1.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9259 soundtouch<1.9.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9260 mit-krb5<1.14.5nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11368 libgcrypt<1.7.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2017-7526 libsoup<2.58.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2885 py{27,34,35,36}-mercurial<4.3.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-1000115 py{27,34,35,36}-mercurial<4.3.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-1000116 cvs<1.12.13nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-12836 patch<2.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9637 salt<2014.7.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-4017 patch<2.7.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1395 py{27,33,34,35}-kerberos-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2015-3206 tidy<5.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13692 php>=7.0<7.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12934 php>=7.1<7.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12934 php>=5.6<5.6.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933 php>=7.0<7.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933 php>=7.1<7.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12933 php>=7.0<7.0.22 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12932 php>=7.1<7.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-12932 gnutls<3.4.13 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12932 ntp<4.2.8p2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-3405 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0143 python27<2.7.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 python34<3.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 python35<3.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 py{27,33,34,35}-simplejson<3.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4616 apache-tomcat>=7.0<7.0.78 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674 apache-tomcat>=8.0<8.0.44 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674 apache-tomcat>=8.5<8.5.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7674 apache-tomcat>=8.5<8.5.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2017-7675 x265-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13666 ImageMagick6<6.9.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13658 ImageMagick<7.0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13658 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-226.html xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel46<4.6.6nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel48<4.8.2 privilege-escalation https://xenbits.xen.org/xsa/advisory-227.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-228.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-228.html py{27,33,34,35}-JWT<1.5.1 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2017-11424 nagios-base<4.3.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12847 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13648 binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13710 flightgear<2017.3.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-13709 qpdf<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12595 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13147 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13063 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13064 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13065 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13066 ImageMagick6<6.9.9.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12983 ImageMagick<7.0.6.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12983 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13026 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13026 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13058 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13058 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13059 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13059 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13060 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13060 ImageMagick6<6.9.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13061 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13061 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13131 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13132 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13133 ImageMagick<7.0.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13134 ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13139 ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13139 ImageMagick6<6.9.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13140 ImageMagick<7.0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13140 ImageMagick6<6.9.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13141 ImageMagick<7.0.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13141 ImageMagick6<6.9.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13142 ImageMagick<7.0.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13142 ImageMagick6<6.9.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143 ImageMagick<7.0.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143 ImageMagick6<6.9.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13143 ImageMagick6<6.9.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13145 ImageMagick<7.0.5.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13145 ImageMagick6<6.9.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13146 ImageMagick<7.0.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13146 newsbeuter-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12904 libzip<1.3.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-12858 salt<2017.7.1 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-12791 salt<2015.8.1 sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6941 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12809 py27-supervisor<3.3.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-11610 dnsdist<1.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-7557 ha-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1198 ppmd-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1199 wpa_supplicant<2.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-0210 xymon<4.3.18 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1430 unshield<1.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2015-1386 bash<4.3.047 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-0634 mantis<1.2.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-2046 qemu<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8380 openjpeg<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12982 cacti<1.1.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12978 ruby22-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820 ruby23-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820 ruby24-rest-client<1.8.0 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2015-1820 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0142 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0145 qemu<2.0.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2014-0146 asn1c-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12966 kpathsea<6.0.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-5700 kpathsea<6.2.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-5701 kgb-bot-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1554 php{56,70,71}-basercms<3.0.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10842 libfpx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12919 lame<3.100 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13712 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13716 openssl<1.0.2knb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-3735 openssl>=1.1.0<1.1.0g out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-3735 heimdal<7.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-6594 mpg123<1.25.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12797 sqlite3<3.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13685 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13726 tiff<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13727 ncurses<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13728 libraw<0.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13735 jasper<2.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13745 mpg123<1.18.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9497 libgcrypt<1.8.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2017-0379 sleuthkit<4.1.3nb6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-13755 openjpeg<2.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10504 wireshark<2.4.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13764 ffmpeg010<0.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-2805 mbedtls<1.3.21 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14032 mbedtls>=2<2.1.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14032 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14054 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14055 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14055 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14056 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14056 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14057 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14057 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14058 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14058 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14059 ffmpeg2<2.8.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14169 ffmpeg3<3.3.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14169 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14170 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14170 ffmpeg2<2.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14171 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14171 libidn2<2.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14061 ruby22-base<2.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064 ruby23-base<2.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064 ruby24-base<2.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14064 pngcrush<1.7.87 double-free https://nvd.nist.gov/vuln/detail/CVE-2015-7700 qemu<2.11.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-13672 libzip<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14107 ImageMagick6<6.9.9.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12691 ImageMagick<7.0.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12691 emacs24-24.4* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9483 emacs24-nox11-24.4* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9483 asterisk>=13.0<13.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14098 asterisk>=14.0<14.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14098 asterisk>=11.0<11.25.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099 asterisk>=13.0<13.17.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099 asterisk>=14.0<14.6.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14099 asterisk>=11.0<11.25.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100 asterisk>=13.0<13.17.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100 asterisk>=14.0<14.6.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14100 ffmpeg1<1.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-0870 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14132 opencv<3.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14136 evince<3.22.1nb6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000083 gedit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14108 py{27,34,35,36}-scrapy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14158 ledger<3.1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2807 ledger<3.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-2808 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14165 libarchive<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14166 ruby19<1.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-6438 py{27,34,35,36}-django>=1.10<1.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12794 py{27,34,35,36}-django>=1.11<1.11.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12794 mp3gain-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-12911 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12912 gd<2.2.5 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-6362 ocaml<4.04.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-9779 php{56,70,71}-concrete5<5.7.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2015-4724 php{56,70,71}-concrete5<5.7.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4721 ntp<4.2.8p3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5146 qt5-qtwebkit<5.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8079 libwpd<0.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14226 #jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14229 Disputed, see https://github.com/jasper-maint/jasper/issues/20#issuecomment-648920879 libbson-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14227 nasm<2.13.02 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14228 cyrus-imapd<3.0.4 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14230 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14248 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 libraw<0.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14265 file<5.32 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-1000249 GraphicsMagick<1.3.27 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14314 perl<5.26.0nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12837 git-base<2.14.1 command-injection https://github.com/git/git/blob/master/Documentation/RelNotes/2.14.1.txt mariadb-server<5.5.57 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL jenkins<1.586 information-leak https://nvd.nist.gov/vuln/detail/CVE-2014-9634 jenkins<1.586 information-leak https://nvd.nist.gov/vuln/detail/CVE-2014-9635 mantis<1.2.19 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2014-9624 tcpreplay<4.1.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14266 xenkernel42-[0-9]* out-of-bounds-write https://xenbits.xen.org/xsa/advisory-231.html xenkernel45-[0-9]* out-of-bounds-write https://xenbits.xen.org/xsa/advisory-231.html xenkernel46<4.6.6nb1 out-of-bounds-write https://xenbits.xen.org/xsa/advisory-231.html xenkernel48<4.8.3 out-of-bounds-write https://xenbits.xen.org/xsa/advisory-231.html xentools42-[0-9]* double-free https://xenbits.xen.org/xsa/advisory-233.html xentools45-[0-9]* double-free https://xenbits.xen.org/xsa/advisory-233.html xentools46<4.6.6nb1 double-free https://xenbits.xen.org/xsa/advisory-233.html xentools48<4.8.3 double-free https://xenbits.xen.org/xsa/advisory-233.html xenkernel42-[0-9]* null-dereference https://xenbits.xen.org/xsa/advisory-232.html xenkernel45-[0-9]* null-dereference https://xenbits.xen.org/xsa/advisory-232.html xenkernel46<4.6.6nb1 null-dereference https://xenbits.xen.org/xsa/advisory-232.html xenkernel48<4.8.3 null-dereference https://xenbits.xen.org/xsa/advisory-232.html xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-234.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-234.html xenkernel46<4.6.6nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-234.html xenkernel48<4.8.3 privilege-escalation https://xenbits.xen.org/xsa/advisory-234.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-207.html xenkernel45<4.5.5nb4 denial-of-service https://xenbits.xen.org/xsa/advisory-207.html xenkernel46<4.6.5 denial-of-service https://xenbits.xen.org/xsa/advisory-207.html xenkernel48<4.8.1 denial-of-service https://xenbits.xen.org/xsa/advisory-207.html ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14325 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14325 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14326 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14326 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14324 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14341 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14341 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14343 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14343 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14342 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14400 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14400 ImageMagick<7.0.6.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14248 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14249 ImageMagick<7.0.7.2 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14505 ImageMagick6<6.9.9.13 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14505 ImageMagick6<6.9.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14528 ImageMagick<7.0.7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14528 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14531 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14531 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14533 ImageMagick6<6.9.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14533 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14532 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14532 ImageMagick<7.0.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14224 ImageMagick6<6.9.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14224 ImageMagick<7.0.7.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14607 ImageMagick6<6.9.9.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14607 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14625 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14625 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14624 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14624 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14626 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14626 horde>=2.0.0<2.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14650 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14684 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14684 ImageMagick<7.0.7.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14682 ImageMagick6<6.9.9.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14682 binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-aarch64-none-elf-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-arm-none-eabi-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 avr-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 binutils-mips<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-freemint-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-h8300-elf-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 cross-h8300-hms-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 nios2-binutils<2.30 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14333 binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-aarch64-none-elf-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-arm-none-eabi-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 avr-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 binutils-mips<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-freemint-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-h8300-elf-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-h8300-hms-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 nios2-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 cross-pdp11-aout-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 mingw-binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14529 weechat<1.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14727 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14726 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14726 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14724 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14724 wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14722 php{56,70,71}-ja-wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14722 wordpress<4.8.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-14725 php{56,70,71}-ja-wordpress<4.8.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2017-14725 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14718 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14718 wordpress<4.8.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14723 php{56,70,71}-ja-wordpress<4.8.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14723 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14721 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14721 wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14720 php{56,70,71}-ja-wordpress<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14720 wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14719 php{56,70,71}-ja-wordpress<4.8.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-14719 magento-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-9758 mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14685 mupdf<1.11nb5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14686 mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14687 bladeenc-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14648 libexif<0.6.21nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-7544 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14504 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14649 openjpeg<2.3.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-14164 libraw<0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14348 libraw<0.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14608 mp3gain-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14406 mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14407 mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14408 mp3gain-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14409 mp3gain-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14410 mp3gain-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14411 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14412 php{56,70,71}-drupal<7.35 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-2749 php{56,70,71}-drupal<7.35 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-2750 mit-krb5<1.14.6 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-11462 ruby22-base<2.2.8 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898 ruby23-base<2.3.5 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898 ruby24-base<2.4.2 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-0898 ruby22-base<2.2.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784 ruby23-base<2.3.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784 ruby24-base<2.4.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-10784 ruby22-base<2.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033 ruby23-base<2.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033 ruby24-base<2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14033 ruby22-base<2.2.8 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 ruby23-base<2.3.5 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 ruby24-base<2.4.2 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0899 ruby22-base<2.2.8 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 ruby23-base<2.3.5 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 ruby24-base<2.4.2 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0900 ruby22-base<2.2.8 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 ruby23-base<2.3.5 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 ruby24-base<2.4.2 arbitrary-file-overwrite https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0901 ruby22-base<2.2.8 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 ruby23-base<2.3.5 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 ruby24-base<2.4.2 dns-hijacking https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0902 libofx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2816 libofx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2816 tcpdump<4.9.2 multiple-vulnerabilities http://www.tcpdump.org/tcpdump-changes.txt botan>=2.0<2.3.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737 botan<1.10.17 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-14737 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14741 ImageMagick<7.0.7.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739 ImageMagick6<6.9.9.17 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739 ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222 ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14222 ffmpeg2<2.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223 ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14223 ffmpeg3<3.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14225 emacs21<21.4anb39 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs22-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs23-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs24-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs25<25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs21-nox11<21.4anb39 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs22-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs23-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs24-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 emacs25-nox11<25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14482 libbpg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14734 newsbeuter-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14500 moodle<3.3.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12157 moodle<3.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-12156 libarchive<3.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14501 libarchive<3.3.3 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2017-14502 libarchive<3.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14503 poppler<0.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14518 poppler<0.61.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14517 poppler<0.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14520 poppler<0.61.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-14519 tor>=0.3.0<0.3.0.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0380 tor>=0.3.1<0.3.1.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0380 apache<2.2.34nb1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9798 apache>=2.4<2.4.27nb2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-9798 apache-tomcat>=7.0<7.0.81 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12616 gdk-pixbuf2<2.36.10 remote-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2862 qemu<2.11.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14167 dovecot>=2<2.2.17 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3420 mongodb-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14227 nagios-base-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14312 perl<5.26.0nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-12883 py{27,34,35,36}-ipython<3.2.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5607 py{27,34,35,36}-ipython<3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4707 py{27,34,35,36}-ipython>=3.0<3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-4706 nautilus<3.23.90 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-14604 libpgf<6.15.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2015-6673 SOGo<3.1.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5395 kannel-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-14609 ruby{22,23,24}-chef-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8559 libvorbis<1.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14633 libvorbis<1.3.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14632 libvorbis<1.3.6nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14160 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14634 libsndfile<1.0.28nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14245 libsndfile<1.0.28nb3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14246 samba<4.6.8 man-in-the-middle https://www.samba.org/samba/security/CVE-2017-12150.html samba<4.6.8 man-in-the-middle https://www.samba.org/samba/security/CVE-2017-12151.html samba<4.6.8 information-leak https://www.samba.org/samba/security/CVE-2017-12163.html binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14745 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14930 binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14932 binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14933 binutils<2.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-14934 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14938 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14939 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14940 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14617 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14926 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14927 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14928 poppler<0.60.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-14929 php{56,70,71}-tiki6<17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14924 php{56,70,71}-tiki6<17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-14925 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14857 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14858 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14859 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14860 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14861 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14862 exiv2<0.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14863 exiv2<0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14864 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14865 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14866 git-base<2.14.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-14867 percona-toolkit<2.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-2029 libofx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14731 nodejs<8.6.0 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2017-14849 libbpg-[0-9] denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14795 libbpg-[0-9] denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14796 salt<2016.11.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5200 salt<2016.11.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-5192 ffmpeg3<3.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14767 kdepim<4.14.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-8878 tcpdump<4.7.4 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3138 freexl<1.0.4 arbitrary-code-execution https://www.debian.org/security/2017/dsa-3976 protobuf<3.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5237 openvpn<2.4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12166 dnsmasq<2.78 multiple-vulnerabilities https://www.kb.cert.org/vuls/id/973527 pngcrush<1.7.84 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2158 modular-xorg-server<1.19.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13723 salt<2017.7.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-5192 ruby{18,20,21,22,23}-http<0.7.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-1828 py{27,34,35,36}-ipython<4.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2015-5607 wpa_supplicant<2.6nb1 weak-cryptography http://seclists.org/oss-sec/2017/q4/83 coreutils<8.13 local-file-delete https://nvd.nist.gov/vuln/detail/CVE-2015-1865 libbfd-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14729 wesnoth<1.12.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5069 ImageMagick<7.0.7.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14989 ImageMagick6<6.9.9.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-14989 apache-tomcat>=7.0<7.0.82 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617 apache-tomcat>=8.0<8.0.47 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617 apache-tomcat>=8.5<8.5.23 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-12617 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14926 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14994 git-base<2.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-1000117 lame<3.100 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15018 go<1.8.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15041 go>=1.9<1.9.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15041 redis<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15047 libofx<0.9.12 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-2920 curl>=7.7<7.56.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000254 openexif-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14931 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15056 libmp3splt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15185 apache-roller<5.0.3 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-0030 mpfr<3.1.2pl11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2014-9474 asterisk>=11.0<11.25.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603 asterisk>=13.0<13.17.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603 asterisk>=14.0<14.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14603 qemu<2.11.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15038 zookeeper<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-5637 wesnoth<1.12.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5070 salt<2015.5.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-6918 nodejs<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-7384 sudo<1.8.7 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2015-8239 magento<1.9.2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-8707 php{56,70,71}-piwigo<2.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10513 php{56,70,71}-piwigo<2.8.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10514 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15190 wireshark>=2.0.0<2.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191 wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15191 wireshark>=2.4.0<2.4.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-15189 wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15193 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15193 wireshark>=2.2.0<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15192 wireshark>=2.4.0<2.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15192 cacti<1.1.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15194 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15217 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15217 ImageMagick6<6.9.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15218 ImageMagick<7.0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15218 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15225 libjpeg-turbo<1.5.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15232 GraphicsMagick<1.3.27 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15238 libXfont<1.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13720 libXfont2<2.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13720 libXfont<1.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13722 libXfont2<2.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13722 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15020 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15021 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15022 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15023 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15024 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15025 libextractor<1.5 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-15266 libextractor<1.5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15267 dnsmasq<2.78 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14492 dnsmasq<2.78 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14493 ImageMagick<7.0.7.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-15032 SDL2_image<2.0.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887 SDL_image<1.2.12nb16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887 SDL2<2.0.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2888 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14997 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15015 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15015 lame<3.100 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15019 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15016 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15016 ImageMagick6<6.9.9.12 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15017 ImageMagick<7.0.7.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15017 lame<3.100 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15045 lame<3.100 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15046 ImageMagick<7.0.7.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-15033 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15268 ImageMagick6<6.9.9.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15277 ImageMagick<7.0.6.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15277 ImageMagick<7.0.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281 #graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281 # CVE in ImageMagick, no indication it affects GraphicsMagick sqlite3<3.21.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15286 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13704 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14491 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14495 dnsmasq<2.78 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-14494 dnsmasq<2.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14496 wordpress-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2017-14990 git-base<2.14.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15298 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15368 mupdf<1.11nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15369 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15370 sox-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15372 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15371 icu<59.1nb3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-14952 thunderbird<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-20/ firefox52<52.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/ thunderbird<52.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-23/ irssi<1.0.5 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2017_10.txt wget<1.19.1nb2 stack-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13089 wget<1.19.1nb2 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13090 mupdf<1.11nb5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15587 opensmtpd<5.7.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-7687 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15385 qemu<2.11.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-15289 p5-Perl-Tidy<20120714 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-2277 mediawiki>=1.24.0<1.24.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 mediawiki>=1.23.0<1.23.8 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 mediawiki>=1.22.0<1.22.15 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 mediawiki>=1.19.0<1.19.23 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-9487 ruby{22,23,24}-redmine<3.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10515 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15568 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15569 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15570 ruby{22,23,24}-redmine<3.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15573 ruby{22,23,24}-redmine>=3.3.0<3.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15573 ruby{22,23,24}-redmine<3.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571 ruby{22,23,24}-redmine>=3.3.0<3.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571 ruby{22,23,24}-redmine>=3.4.0<3.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15571 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15576 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15576 ruby{22,23,24}-redmine<3.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15574 ruby{22,23,24}-redmine>=3.3.0<3.3.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15574 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15572 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15572 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15577 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15577 ruby{22,23,24}-redmine<3.2.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15575 ruby{22,23,24}-redmine>=3.3.0<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15575 rsync<3.1.2nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16548 graphicsmagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16352 graphicsmagick<1.3.27 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16353 graphicsmagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16545 graphicsmagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16547 graphicsmagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15930 ImageMagick<7.0.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16546 ImageMagick6<6.9.9.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16546 modular-xorg-server<1.19.4 buffer-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13721 tor-browser<7.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16541 ruby{22,23,24}-yajl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/vulnId=CVE-2017-16516 openssl<1.0.2m sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3736 openssl>=1.1.0<1.1.0g sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3736 wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510 php{56,70,71}-ja-wordpress<4.8.3 sql-injection https://nvd.nist.gov/view/vuln/detail/CVE-2017-16510 webkit-gtk<2.16.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000121 webkit-gtk<2.16.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000122 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16359 radare2<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16358 radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16357 radare2<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15931 radare2<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15932 slurm>=2.4.0pre4<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 go<1.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15042 go>=1.9<1.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15042 webmin<1.860 multiple-vulnerabilities https://blogs.securiteam.com/index.php/archives/3430 p5-Catalyst-Plugin-Static-Simple<0.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16248 mongodb<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15535 curl<7.56.1 buffer-overrun https://curl.haxx.se/docs/adv_20171023.html libvirt<3.9.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000256 nodejs<4.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919 nodejs>=6<6.11.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919 nodejs>=8<8.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14919 xenkernel42-[0-9]* memory-corruption https://xenbits.xen.org/xsa/advisory-236.html xenkernel45-[0-9]* memory-corruption https://xenbits.xen.org/xsa/advisory-236.html xenkernel46-[0-9]* memory-corruption https://xenbits.xen.org/xsa/advisory-236.html xenkernel48<4.8.3 memory-corruption https://xenbits.xen.org/xsa/advisory-236.html qemu<2.5.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2015-7549 quagga<1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16227 py{26,27,33,34}-dulwich<0.9.9 arbitrary-code-execution https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0838 xerces-j-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0881 py{27,33,34,35,36}-dulwich<0.18.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16228 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15996 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15938 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15939 rsync>3.1.2<3.1.2nb1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15994 bchunk<1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15953 bchunk<1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15954 bchunk<1.2.2 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15955 apollo<1.7.1 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2014-3579 libextractor<1.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-15922 glusterfs<3.10 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15096 openssh<7.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15906 redis<3.2.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10517 ffmpeg3<3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15186 salt<2017.7.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-14695 salt<2017.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14696 apr<1.6.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12613 apr-util<1.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12618 py{27,33,34,35,36}-werkzeug<0.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-10516 adobe-flash-player<26.0.0.170 remote-code-execution https://helpx.adobe.com/security/products/flash-player/apsb17-32.html sox-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15642 wordpress-[0-9]* weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2012-6707 mysql-server>=5.5<5.5.58 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-server>=5.6<5.6.38 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-server>=5.7<5.7.20 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mariadb-server>=5.5<5.5.58 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-client>=5.5<5.5.58 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 mysql-client>=5.6<5.6.38 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 mysql-client>=5.7<5.7.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 mariadb-client>=5.5<5.5.58 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-10379 py{27,33,34,35,36}-mistune<0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15612 oracle-{jdk,jre}8<8.0.151 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.151 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA libextractor<1.6 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15600 libextractor<1.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15601 libextractor<1.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-15602 xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-235.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-235.html xenkernel48<4.8.2 denial-of-service https://xenbits.xen.org/xsa/advisory-235.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-237.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-238.html xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel46<4.6.6nb1 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel48<4.8.3 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-239.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-240.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-241.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-241.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-241.html xenkernel42-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel45-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel46<4.6.6nb1 memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel48<4.8.3 memory-leak https://xenbits.xen.org/xsa/advisory-242.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-243.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-244.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-244.html xenkernel46<4.6.6nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-244.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-244.html poppler<0.61.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-15565 webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0008.html webkit-gtk<2.18.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0008.html go<1.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000098 go<1.7.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-1000097 qemu<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7504 postgresql94-server<9.4.15 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ postgresql95-server<9.5.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ postgresql96-server<9.6.6 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ postgresql10-server<10.1 multiple-vulnerabilities https://www.postgresql.org/about/news/1801/ php{56,70,71}-roundcube<1.2.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 php>=5.6<5.6.32 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 php>=7.0<7.0.25 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 php>=7.1<7.1.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16651 cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16641 cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16660 cacti-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-16661 libpcap<1.2.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-1935 ffmpeg3<3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-15672 openjpeg<2.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1239 openjpeg15-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-1239 php{56,70,71,72}-drupal<7.41 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2015-7943 py{27,34,35,36}-sanic<0.5.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2017-16762 openssl<1.0.2h denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-8610 ruby{22,23,24}-redmine<3.2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16804 ruby{22,23,24}-redmine>=3.3.0<3.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16804 tcpdump<4.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16808 couchdb<1.7.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-12635 couchdb>2.0<2.1.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-12635 couchdb<1.7.0 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12636 couchdb>2.0<2.1.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12636 collectd-snmp<5.6.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-16820 cacti<1.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4000 scala<2.10.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288 scala>2.11<2.11.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288 scala>2.12<2.12.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15288 konversation<1.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15923 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16826 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16827 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16828 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16829 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16830 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16831 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16832 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8808 mediawiki<1.27.4 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809 mediawiki>1.28<1.28.3 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809 mediawiki>1.29<1.29.2 reflected-file-download https://nvd.nist.gov/vuln/detail/CVE-2017-8809 mediawiki<1.27.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810 mediawiki>1.28<1.28.3 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810 mediawiki>1.29<1.29.2 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-8810 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8811 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8812 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8814 mediawiki<1.27.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815 mediawiki>1.28<1.28.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815 mediawiki>1.29<1.29.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8815 libbpg-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-13135 libbpg-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13136 libbpg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14034 procmail<3.22nb5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16844 opensaml<2.6.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16853 varnish<4.1.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-8807 python27<2.7.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158 python34<3.4.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158 python35<3.5.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000158 optipng-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000229 ldns<1.6.17nb5 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000231 ldns<1.6.17nb6 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000232 trafficserver>5.1<5.1.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-3624 root<6.9.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000203 lynx<2.8.8.2nb9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-1000211 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000126 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000127 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-1000128 qemu<2.11.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16845 subversion>1.8<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-4246 trafficserver>5.3<5.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-3249 ming-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-16883 icinga-base-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-16882 bftpd<4.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-16892 php{56,70,71,72}-concrete5<5.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-5107 php{56,70,71,72}-concrete5<5.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-5108 php{56,70,71,72}-tt-rss-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16896 moodle<3.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15110 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16898 fig2dev<3.2.6anb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16899 webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0009.html webkit-gtk<2.18.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0009.html webkit24-gtk{,3}-[0-9]* multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0007.html webkit-gtk<2.16.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2017-0007.html exim<4.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16944 exim<4.90 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-16943 libsndfile<1.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16942 optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16938 libxml2<2.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-16932 libxml2<2.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-16931 cacti<1.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10700 mit-krb5<1.16.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15088 rpm<4.13.0.2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-7501 ncurses<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16879 slurm>=2.4.0pre4<16.05.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 slurm>=17<17.02.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 slurm>=17.11alpha0<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 wordpress<4.9 cross-domain-flash-injection https://nvd.nist.gov/vuln/detail/CVE-2016-9263 php{56,70,71,72}-ja-wordpress<4.9 cross-domain-flash-injection https://nvd.nist.gov/vuln/detail/CVE-2016-9263 wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510 php{56,70,71,72}-ja-wordpress<4.8.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16510 firefox52<52.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-25/ firefox<57.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/ thunderbird<52.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/ ffmpeg3<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16840 ansible>=2.3<2.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7550 ansible>=2.4<2.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7550 asterisk>=13.0<13.18.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html asterisk>=14.0<14.7.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html asterisk>=15.0<15.1.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-009.html asterisk>=13.0<13.18.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html asterisk>=14.0<14.7.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html asterisk>=15.0<15.1.1 buffer-overflow https://downloads.asterisk.org/pub/security/AST-2017-010.html asterisk>=13.0<13.18.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html asterisk>=14.0<14.7.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html asterisk>=15.0<15.1.1 multiple-vulnerabilities https://downloads.asterisk.org/pub/security/AST-2017-011.html evince<3.25.91 command-injection https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159 vim<8.0.1345 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000382 bzr<2.6.0nb1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14176 emacs20-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs21-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs21-nox11-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs25-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 emacs25-nox11-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2017-1000383 mrxvt-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages rxvt-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages webkit24-gtk{,3}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{34,35,36}-borgbackup>=1.1.0<1.1.3 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2017-15914 wordpress<4.9.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.9.1 php{56,70,71,72}-ja-wordpress<4.9.1 multiple-vulnerabilities https://codex.wordpress.org/Version_4.9.1 tiff<4.0.9nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17095 asterisk>=13.0<13.18.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=14.0<14.7.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=15.0<15.1.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html vim<8.0.1263 insecure-temporary-files https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17087 wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-47.html wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-47.html wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-48.html wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-48.html wireshark>=2.2.0<2.2.11 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-49.html wireshark>=2.4.0<2.4.3 denial-of-service https://www.wireshark.org/security/wnpa-sec-2017-49.html php{56,70,71}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16893 libXcursor<1.1.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16612 libXfont<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16611 libXfont2<2.0.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-16611 adobe-flash-player<27.0.0.130 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-28.html binutils<2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17080 php>=5.6<5.6.32 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642 php>=7.0<7.0.25 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642 php>=7.1<7.1.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-16642 curl>=7.56.0<7.57.0 out-of-bounds-read https://curl.haxx.se/docs/adv_2017-af0a.html curl>=7.21.0<7.57.0 out-of-bounds-read https://curl.haxx.se/docs/adv_2017-ae72.html curl>=7.36.0<7.57.0 buffer-overflow https://curl.haxx.se/docs/adv_2017-12e7.html radare2<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16805 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-246.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-247.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-247.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-247.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-247.html ruby{22,23,24,25,26}-yard<0.9.11 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-17042 graphicsmagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16669 kmplayer-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16952 cacti<1.1.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-16785 samba<4.6.11 information-leak https://www.samba.org/samba/security/CVE-2017-15275.html samba>4<4.6.11 use-after-free https://www.samba.org/samba/security/CVE-2017-14746.html rsync<3.1.2nb2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17433 rsync<3.1.2nb2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17434 openssl<1.0.2n multiple-vulnerabilities https://www.openssl.org/news/secadv/20171207.txt openjpeg<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17479 openjpeg<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17480 libsndfile<1.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16942 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17456 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17457 libextractor<1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17440 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16883 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16898 fossil<2.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17459 nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11695 nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11696 nss<3.49 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2017-11697 nss<3.49 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-11698 ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914 ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914 ImageMagick<7.0.7.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934 ImageMagick6<6.9.9.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934 ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884 ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17884 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17885 ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17887 ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17887 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17886 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17886 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17883 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17883 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17882 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17882 ImageMagick<7.0.7.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17879 ImageMagick6<6.9.9.28 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17879 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17881 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17881 ImageMagick<7.0.7.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17504 ImageMagick6<6.9.9.24 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17504 ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17682 ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17682 ImageMagick<7.0.7.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-17681 ImageMagick6<6.9.9.24 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-17681 ImageMagick<7.0.7.12 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17680 ImageMagick6<6.9.9.24 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17680 ImageMagick6<6.9.9.24 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17499 ImageMagick<7.0.7.12 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17499 ffmpeg3<3.2.6 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9608 ffmpeg3>=3.3<3.3.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9608 ffmpeg2<2.8.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17081 ffmpeg3<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17081 aubio<0.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17555 h2o<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10908 h2o<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10869 h2o<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10872 h2o<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-10868 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17503 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17782 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17783 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17502 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17500 GraphicsMagick<1.3.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17501 GraphicsMagick<1.3.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17498 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17913 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17912 GraphicsMagick<1.3.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17915 icu<60.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17484 seamonkey-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17848 seamonkey-enigmail<1.9.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-17845 seamonkey-enigmail<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17846 seamonkey-enigmail<1.9.9 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17843 seamonkey-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17847 seamonkey-enigmail<1.9.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17847 thunderbird-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17848 seamonkey-enigmail<1.9.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-17845 seamonkey-enigmail<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17846 thunderbird-enigmail<1.9.9 spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17843 thunderbird-enigmail<1.9.9 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2017-17847 thunderbird-enigmail<1.9.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-17847 php{56,70,71,72}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-17774 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17775 php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17823 php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17822 php{56,70,71,72}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17824 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17825 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17826 php{56,70,71,72}-piwigo-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-17827 ruby{22,23,24}-puppet<3.6.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-3250 ruby{22,23,24}-puppet<1.6.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2016-5713 adobe-flash-player<27.0.0.187 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb17-33.html nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17817 nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17819 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17820 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17816 nasm<2.13.02 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17818 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17814 nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17815 nasm<2.13.02 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17810 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17813 nasm<2.13.02 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17811 nasm<2.13.02 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17812 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17508 hdf5<1.10.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-17509 hdf5<1.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17506 hdf5<1.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17507 hdf5<1.10.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17505 phabricator<20171110 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17536 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17784 gimp<2.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17785 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17786 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17787 gimp<2.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17788 gimp<2.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17789 nodejs>=8<8.9.3 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2017-15897 nodejs>=9<9.2.1 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2017-15897 xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-249.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-249.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-249.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-248.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-248.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-248.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-250.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-250.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-251.html xenkernel46<4.6.6nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-251.html xenkernel48<4.8.3 denial-of-service https://xenbits.xen.org/xsa/advisory-251.html binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17121 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17122 binutils<2.30 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17123 binutils<2.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17124 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17125 binutils<2.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17126 asterisk>=13.0<13.18.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html asterisk>=14.0<14.7.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html asterisk>=15.0<15.1.5 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-014.html asterisk>=14.0<14.7.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=15.0<15.1.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=13.0<13.18.3 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-013.html asterisk>=13.0<13.18.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html asterisk>=14.0<14.7.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html asterisk>=15.0<15.1.4 denial-of-service https://downloads.asterisk.org/pub/security/AST-2017-012.html wireshark<2.2.12 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2017-17935 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17085 wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17085 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17084 wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17084 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17083 wireshark>=2.4<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17083 tidy<5.6.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17497 jenkins-[0-9]* cross-site-scripting https://jenkins.io/security/advisory/2017-12-05/ openafs<1.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17432 lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17523 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17381 py{27,34,35,36}-mercurial<4.4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-17458 ruby{22,23,24}-net-ldap<0.16.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-17718 ruby24-base<2.4.3 dns-hijacking https://nvd.nist.gov/vuln/detail/CVE-2017-17790 ruby24-base<2.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405 ruby23-base<2.3.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405 ruby22-base<2.2.9 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17405 ruby23-base<2.3.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-0903 ruby22-base<2.2.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-0903 abiword-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17529 aubio<0.4.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17554 aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17054 tiff<4.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17942 tkabber-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17533 geomview-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17530 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-17669 libXcursor<1.1.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16612 sylpheed-[0-9]* command-injection https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17517 fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17521 global<6.6.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17531 ocaml-batteries-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17519 swi-prolog-lite-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17524 scummvm<2.2.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17528 py{27,34,35,36}-kiwi-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17532 ruby{22,23,24}-nexpose-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17532 vlc<3.0.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-17670 most-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1253 tor>=0.3.1<0.3.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8819 tor>=0.3.1<0.3.1.9 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-8820 tor>=0.3.1<0.3.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-8821 tor>=0.3.1<0.3.1.9 weak-anonymity https://nvd.nist.gov/vuln/detail/CVE-2017-8822 heimdal<7.5.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-17439 php{56,70,71,72}-contao35<3.5.31 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16558 php{56,70,71,72}-contao44<4.4.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-16558 wireshark<2.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17997 webmin<1.870 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-17089 tiff<4.0.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-17973 graphicsmagick<1.3.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17782 graphicsmagick<1.3.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17783 apache-2.2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages exiv2<0.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18005 magento<2.1.2 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2016-10704 ImageMagick<7.0.7.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17880 ImageMagick6<6.9.9.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17880 opencv<3.4.0 buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17760 py{27,33,34,35,36}-mistune<0.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-16876 nodejs>=8<8.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15897 nodejs>=9<9.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15897 mupdf<1.12.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17866 irssi<1.0.6 multiple-vulnerabilities https://irssi.org/security/irssi_sa_2018_01.txt syncthing<0.14.34 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2017-1000420 phpmyadmin<4.7.7 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000499 gifsicle<1.90 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000421 awstats-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000501 ImageMagick<7.0.7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13758 ImageMagick6<6.9.9.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-13758 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13769 ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13769 libraw<0.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16909 libraw<0.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16910 poppler-utils<0.57.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9775 poppler-utils<0.57.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9776 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14975 poppler<0.60.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14976 poppler<0.60.0 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14977 tex-context<2024 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513 tex-lualibs<2.61 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17920 ImageMagick<7.0.7.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18008 opencv<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18009 tiff<4.0.9nb5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18013 libwildmidi<0.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000418 ImageMagick<7.0.7.5 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000445 ImageMagick6<6.9.9.17 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000445 poppler<0.61.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000456 gdk-pixbuf2<2.36.11 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000422 miniupnpd<2.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000494 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-4868 ffmpeg3<3.2.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-1000460 poco<1.8.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-1000472 coreutils<8.29 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2017-18018 erlang<18.3.4.7 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385 erlang>=19<19.3.6.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385 erlang>=20<20.1.7 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-1000385 xenkernel410-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5244 openldap-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17740 ImageMagick<7.0.7.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5247 ImageMagick6<6.9.9.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5247 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5251 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5296 py{27,34,35,36}-numpy<1.8.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2014-1858 py{27,34,35,36}-numpy<1.8.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2014-1859 p5-Clipboard-[0-9]* temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2014-5509 teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-7221 teamspeak-client-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-7222 mono<3.12.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2318 mono<3.12.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2015-2319 mono<3.12.1 ssl-downgrade https://nvd.nist.gov/vuln/detail/CVE-2015-2320 adobe-flash-player<28.0.0.126 data-manipulation https://helpx.adobe.com/security/products/flash-player/apsb17-42.html magento<2.0.10 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-5301 ffmpeg2<2.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-1208 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5308 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5309 ruby{22,23,24,25}-puppet>=3.7<3.8.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-4100 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15124 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17916 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17917 ruby{22,23,24,25}-rails-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17919 ruby{22,23,24,25}-redmine<3.2.9 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026 ruby{22,23,24,25}-redmine>=3.3<3.3.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026 ruby{22,23,24,25}-redmine>=3.4<3.4.4 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18026 adobe-flash-player<28.0.0.137 out-of-bounds-read https://helpx.adobe.com/security/products/flash-player/apsb18-01.html thunderbird-enigmail<1.9.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-17844 seamonkey-enigmail<1.9.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-17844 wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5334 wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5334 wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5335 wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5335 wireshark<2.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5336 wireshark>=2.4<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5336 cups<1.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-8166 qemu<1.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-3471 ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357 ImageMagick6<6.9.9.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357 ImageMagick<7.0.7.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358 ImageMagick6<6.9.9.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358 ImageMagick<7.0.7.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476 ImageMagick6<6.9.9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000476 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18027 ImageMagick<7.0.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18028 ImageMagick6<6.9.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18028 ImageMagick<7.0.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18029 ImageMagick6<6.9.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18029 lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5650 xmltooling<1.6.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0486 GraphicsMagick<1.3.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5685 mupdf<1.13.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5686 tiff<4.0.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-5360 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5692 webkit-gtk<2.18.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0001.html libxml2<2.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-15412 mysql-client>=5.6<5.6.39 denial-of-service http://seclists.org/oss-sec/2018/q1/59 mysql-client>=5.7<5.7.21 denial-of-service http://seclists.org/oss-sec/2018/q1/59 asterisk>=11<12 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server>=5.5<5.5.59 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mysql-server>=5.6<5.6.39 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mysql-server>=5.7<5.7.21 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mariadb-server>=5.5<5.5.59 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL oracle-{jdk,jre}8<8.0.162 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA openjdk8<1.8.162 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA ImageMagick<7.0.7.21 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5246 ImageMagick6<6.9.9.33 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5246 ImageMagick<7.0.7.21 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18022 ImageMagick6<6.9.9.33 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18022 ImageMagick<7.0.7.21 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5248 ImageMagick6<6.9.9.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5248 openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5785 openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5727 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-5747 lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5786 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5783 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5784 opencv<3.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-1000450 mit-krb5<1.16.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-5710 wordpress<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5776 php{56,70,71,72}-ja-wordpress<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5776 py{27,34,35,36}-markdown2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5773 guacamole-server-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-3158 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5772 openocd-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5704 rsync<3.1.2nb3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-5764 gd<2.3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php56-gd<5.6.33 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php70-gd<7.0.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php71-gd<7.1.13 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php72-gd<7.2.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5711 php>=5.6<5.6.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 php>=7.0<7.0.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 php>=7.1<7.1.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 php>=7.2<7.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5712 libdwarf>=20130126<20150806 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2014-9482 firefox52<52.6 side-channel https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ firefox<57.0.4 side-channel https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ firefox52<52.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-03/ firefox52<52.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/ firefox<58.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-02/ mpv<0.27.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6360 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6358 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-6359 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6315 podofo<0.9.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5295 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6352 clamav<0.99.3 multiple-vulnerabilities http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6323 opencv<3.4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5268 opencv<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5269 dovecot>=2.0<2.2.33.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-15132 jenkins<2.84 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-10-11/ jenkins-lst<2.73.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-10-11/ jenkins<2.89 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-11-08/ jenkins-lts<2.73.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-11-08/ libvirt<4.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5748 w3m<0.5.3.0.20180125 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6196 w3m<0.5.3.0.20180125 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-6197 w3m<0.5.3.0.20180125 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-6198 mupdf<1.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6192 libreoffice{,5-bin}<5.4.5 information-disclosure https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871 openssh<7.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-10708 mupdf<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17858 pdns-recursor>=4.1.0<4.1.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000003 knot<1.5.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000002 moodle<3.4.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-1042 moodle<3.4.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1043 moodle<3.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1044 moodle<3.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1045 libtasn1<4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6003 pdns-recursor>=4.0.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-15092 pdns-recursor>=4.0.0<4.0.7 dnssec-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15090 pdns-recursor<4.0.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15093 pdns-recursor>=4.0.0<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15094 powerdns<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15091 unbound<1.6.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-15105 dnsmasq-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-15107 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18030 mailman<2.1.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5950 qemu<2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5683 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12176 modular-xorg-server<1.19.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12177 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12178 modular-xorg-server<1.19.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12179 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12180 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12181 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12182 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12183 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12184 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12185 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12187 modular-xorg-server<1.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12186 mupdf<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6187 jenkins<2.95 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000504 jenkins-lts<2.89.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000504 jenkins<2.95 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000503 jenkins-lts<2.89.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000503 curl>=7.49.0<7.58.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1000005 curl>=6.0<7.58.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000007 jenkins<2.57 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000353 jenkins-lts<2.46.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000353 jenkins<2.57 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000354 jenkins-lts<2.46.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-1000354 jenkins<2.57 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000356 jenkins-lts<2.46.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-1000356 jenkins<2.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000355 jenkins-lts<2.46.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-1000355 irssi<1.0.7 multiple-vulnerabilities https://irssi.org/security/html/irssi_sa_2018_02/ irssi>=1.1.0<1.1.1 multiple-vulnerabilities https://irssi.org/security/html/irssi_sa_2018_02/ zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6381 pound<2.8 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2016-10711 gcpio-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-7516 ptex<2.1.33 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-3835 ffmpeg2<2.8.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6392 ffmpeg3<3.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6392 p7zip<16.02nb2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-17969 mantis-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-6382 xpdf<3.02 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2902 ffmpeg2<2.4.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2015-1208 ImageMagick6<6.9.9.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6405 ImageMagick<7.0.7.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6405 apache-tomcat>=7.0.79<7.0.84 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706 apache-tomcat>=8.0.45<8.0.48 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706 apache-tomcat>=8.5.16<8.5.24 unexpected-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-15706 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5294 p7zip<17.01 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-5996 qemu<2.10.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18043 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6484 zabbix<2.3.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-3005 gifsicle<1.91 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-18120 mantis<2.11.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6526 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6541 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6540 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6542 mupdf<1.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6544 binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6543 patch<2.2.5 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-1416 py{27,34,35,36}-django<1.11.10 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-6188 py{27,34,35,36}-crypto-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6594 openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6616 libopenmpt<0.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6611 jhead-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6612 ffmpeg3<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6621 thttpd<2.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17663 mini_httpd<1.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17663 wordpress-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6389 py{27,34,35,36}-uwsgi<2.0.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6758 adobe-flash-player<28.0.0.161 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-03.html binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6759 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6767 GraphicsMagick<1.3.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6799 audacity<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2541 proftpd<1.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2001-0136 audacity<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2540 libxml2<2.9.5 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2017-5130 go<1.8.7 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6574 go>=1.9.0<1.9.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6574 python27<2.7.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000030 wireshark<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6836 ffmpeg010<0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-5359 ffmpeg010<0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-5360 exim{,3}<4.90.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6789 php<5.5.32 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712 php>=5.6<5.6.18 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712 php>=7.0<7.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-10712 postgresql93-server<9.3.21 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql94-server<9.4.16 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql95-server<9.5.11 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql96-server<9.6.7 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ postgresql10-server<10.2 multiple-vulnerabilities https://www.postgresql.org/about/news/1829/ transmission<2.93 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-5702 zziplib<0.13.68 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6381 binutils<2.31 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6872 zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6869 libfpx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6876 fish<2.1.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2014-3219 ruby{22,23,24,25}-puppet<5.3.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2017-10689 ruby{22,23,24,25}-puppet<5.3.4 information-leak https://nvd.nist.gov/vuln/detail/CVE-2017-10690 squid>=3.0<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000024 git-base<2.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000021 squid>=3.0<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000027 unzip<6.0nb11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000035 librsvg<2.40.20 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000041 mupdf<1.13.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000051 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6912 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17722 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17723 exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17725 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17724 mariadb-server<10.1.30 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15365 mbedtls>=1.3.8<1.3.22 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0487 mbedtls>=2.1<2.1.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0487 mbedtls>=1.3.0<1.3.22 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0488 mbedtls>=2.1<2.1.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0488 ImageMagick<7.0.7.23 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-6930 freetype2<2.9.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-6942 qpdf<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9252 qpdf<7.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18183 qpdf<7.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18186 qpdf<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18184 qpdf<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-18185 patch<2.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-10713 patch<2.7.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-6951 patch<2.7.6nb1 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-6952 mbedtls<2.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18187 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18189 jenkins<2.107 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000067 jenkins-lts<2.89.4 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000067 jenkins<2.107 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000068 jenkins-lts<2.89.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000068 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7173 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7174 xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7175 cups<2.2.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18190 leptonica<1.75.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7186 php{56,70,71}-tiki6<18.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7188 go<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7187 bind>=9.9.0<9.9.11 denial-of-service https://kb.isc.org/article/AA-01542/0/CVE-2017-3145 bind>=9.10.0<9.10.6 denial-of-service https://kb.isc.org/article/AA-01542/0/CVE-2017-3145 tiff<4.0.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-11335 quagga<1.2.3 sensitive-information-disclosure https://www.quagga.net/security/Quagga-2018-0543.txt quagga<1.2.3 double-free https://www.quagga.net/security/Quagga-2018-1114.txt quagga<1.2.3 out-of-bounds-read https://www.quagga.net/security/Quagga-2018-1550.txt quagga>=0.99.9<1.2.3 infinite-loop https://www.quagga.net/security/Quagga-2018-1975.txt webkit-gtk<2.18.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0002.html binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7208 bugzilla<5.0.4 sensitive-information-disclosure https://www.bugzilla.org/security/4.4.12/ leptonica<1.76.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7247 libvncserver<0.9.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7225 php{56,70,71,72}-fpm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9253 libxml2<2.9.7 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2017-7375 libxml2<2.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7376 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7253 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7254 libid3tag-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2004-2779 libmad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7263 wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5315 wpa_supplicant<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5316 elinks-[0-9]* remote-spoofing https://nvd.nist.gov/vuln/detail/CVE-2012-6709 unixodbc<2.3.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7409 php{56,70,71}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7302 php{56,70,71}-tiki6-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7303 php{56,70,71}-tiki6-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7304 asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-004.html asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-005.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-005.html php{56,70,71,72}-drupal<7.57 multiple-vulnerabilities https://www.drupal.org/sa-core-2018-001 php{56,70,71,72}-drupal>8<8.4.5 multiple-vulnerabilities https://www.drupal.org/sa-core-2018-001 xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7452 xpdf<4.05 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7453 xpdf<4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7454 xpdf<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-7455 php{56,70,71,72}-piwigo<2.9.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-6883 libcdio<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18199 libcdio<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18198 leptonica<1.75.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7440 leptonica<1.76.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-7441 leptonica<1.76.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-7442 leptonica<1.75.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-18196 ImageMagick6<6.9.9.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7443 ImageMagick<7.0.7.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7443 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7435 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7436 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7437 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7438 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7439 apache-tomcat>=7.<7.0.85 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305 apache-tomcat>=8.<8.0.50 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305 apache-tomcat>=8.5.0<8.5.28 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1305 mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7339 wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-05.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-05.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-06.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-06.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-07.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-07.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-08.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-09.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-09.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-10.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-10.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-11.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-11.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-12.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-12.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-13.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-13.html wireshark<2.2.13 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-14.html wireshark>=2.4<2.4.5 multiple-vulnerabilities https://www.wireshark.org/security/wnpa-sec-2018-14.html php{56,70,71,72}-concrete5<8.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-18195 libcdio<2.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-18201 ImageMagick<7.0.7.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 ImageMagick6<6.9.9.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 unixodbc<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7485 py{27,34,35,36}-uwsgi<2.0.17 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-7490 xmltooling<1.6.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0489 zsh<5.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18206 trafficserver<7.0.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-5660 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-252.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-252.html zsh<5.4.2nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7548 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-255.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-256.html zsh<5.4.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7549 ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7557 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7557 apache-tomcat>=7.0.0<7.0.85 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304 apache-tomcat>=8.0.0<8.0.50 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304 apache-tomcat>=8.5.0<8.5.28 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1304 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7568 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7569 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7570 xerces-c<3.2.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-12627 qemu<2.12.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7550 ImageMagick<7.0.7.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18209 ImageMagick6<6.9.9.18 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18209 curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000122 libvorbis<1.3.6 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ tremor<1.0.2.20180316 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ seamonkey<2.49.2nb3 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ firefox52<52.7.2nb1 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ firefox45-[0-9]* remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ firefox<59.0.1 remote-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ squirrelmail<1.4.23pre14764 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-8741 zsh<5.0.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-10070 zsh<5.4.2nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1071 zsh<5.4.2nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1083 zsh<5.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18205 zsh<5.0.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-10071 zsh<5.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-10072 zsh<5.3 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2016-10714 ImageMagick<7.0.7.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 ImageMagick6<6.9.9.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7470 ImageMagick<7.0.7.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18211 ImageMagick6<6.9.9.19 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18211 ImageMagick<7.0.7.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18210 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8106 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8107 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8105 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8103 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8104 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8102 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8100 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8101 exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18236 exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18238 exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18235 exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18237 exempi<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18233 exempi<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18234 exempi<2.4.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7731 exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7730 exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7729 exempi<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7728 php{56,70,71,72}-piwigo<2.6.2 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2014-4613 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7724 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7723 php{56,70,71,72}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7722 sqlite3<3.23.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-8740 php>=5.6<5.6.34 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 php>=7.0<7.0.28 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 php>=7.1<7.1.14 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 php>=7.2<7.2.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7584 dovecot<2.2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15130 dovecot<2.2.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-14461 postgresql93-server<9.3.22 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql94-server<9.4.17 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql95-server<9.5.12 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql96-server<9.6.8 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ postgresql10-server<10.3 multiple-vulnerabilities https://www.postgresql.org/about/news/1834/ binutils<2.31 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7642 binutils<2.31 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7643 openjpeg<2.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7648 nodejs>=8<11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7651 xv<3.10anb24 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-18215 tor<0.2.9.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490 tor>=0.3.1<0.3.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490 tor>=0.3.2<0.3.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0490 tor>=0.3.2<0.3.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0491 memcached<1.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000115 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18219 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18220 phpmyadmin<4.7.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7260 mit-krb5>=1.6<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5729 mit-krb5>=1.6<1.16.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-5730 ntp<4.2.8p7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-7170 ntp<4.2.8p11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-7182 ntp<4.2.8p11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7184 ntp<4.2.8p11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7185 zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7725 zziplib<0.13.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7726 zziplib<0.13.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-7727 gcc48<4.8.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-5044 net-snmp<5.7.3 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000116 ruby{22,23,24,25}-rack-protection<2.0.0 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-1000119 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7752 py{27,34,35,36}-bleach>=2.1<2.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-7753 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7866 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-7867 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7868 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7869 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7870 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7871 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7872 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7873 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7874 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7875 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7876 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7877 calibre<3.19.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7889 ntp>=4.2.8p6<4.2.8p11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-7183 php{56,70,71}-tiki6<18.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7290 py{27,34,35,36}-django>=1.8<1.8.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536 py{27,34,35,36}-django>=1.11<1.11.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536 py{27,34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7536 py{27,34,35,36}-django>=1.8<1.8.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 py{27,34,35,36}-django>=1.11<1.11.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 py{34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 graphite2<1.3.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-7999 podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8000 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8001 podofo-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-8002 postgresql10-server<10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1052 tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8129 tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8130 tiff<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5314 jasper<2.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-9600 py{34,35,36}-asyncssh<1.12.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7749 gsharutils-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000097 glpi<9.2.2 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2018-7562 glpi<9.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-7563 qemu<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7858 isc-dhclient<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01565/75/CVE-2018-5732 isc-dhcpd<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01541/0/CVE-2017-3144 isc-dhcpd<4.3.6p1 denial-of-service https://kb.isc.org/article/AA-01567/75/CVE-2018-5733 trafficserver<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7671 magento<1.9.3.8 cross-site-request-forgery https://www.defensecode.com/advisories/DC-2018-03-001-Magento-Backups-Cross-Site-Request-Forgery.pdf magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf magento>=2.1<2.1.12 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf magento>=2.2<2.2.3 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-003-Magento-Stored-XSS-Downloadable-Products.pdf magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-002-Magento-Multiple-Stored-XSS.pdf magento>=2.0<2.0.18 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf magento>=2.1<2.1.12 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf magento>=2.2<2.2.3 cross-site-scripting https://www.defensecode.com/advisories/DC-2018-03-004-Magento-Stored-XSS-Product-Attributes.pdf asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-002.html asterisk>=13.0<13.19.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html asterisk>=14.0<14.7.6 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html asterisk>=15.0<15.2.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-003.html libvpx<1.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13194 php{56,70,71,72}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-7394 php{56,70,71,72}-roundcube<1.3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000071 ruby22-base<2.2.9nb1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby23-base<2.3.6nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby24-base<2.4.3nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby25-base<2.5.0nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000073 ruby22-base<2.2.9nb1 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby23-base<2.3.6nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby24-base<2.4.3nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby25-base<2.5.0nb2 command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000074 ruby22-base<2.2.9nb1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby23-base<2.3.6nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby24-base<2.4.3nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby25-base<2.5.0nb2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1000075 ruby22-base<2.2.9nb1 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby23-base<2.3.6nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby24-base<2.4.3nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby25-base<2.5.0nb2 signature-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000076 ruby22-base<2.2.9nb1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby23-base<2.3.6nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby24-base<2.4.3nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby25-base<2.5.0nb2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-1000077 ruby22-base<2.2.9nb1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby23-base<2.3.6nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby24-base<2.4.3nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby25-base<2.5.0nb2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000078 ruby22-base<2.2.9nb1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 ruby23-base<2.3.6nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 ruby24-base<2.4.3nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 ruby25-base<2.5.0nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000079 py{27,34,35,36}-bitmessage<0.6.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000070 clamav<0.99.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000085 samba>=3.6.0<4.6.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1050 samba>=4.0.0<4.6.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1057 py{27,34,35,36}-paramiko<2.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-7750 firefox52<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/ py{27,34,35,36}-notebook<5.4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8768 libvirt<4.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6764 slurm>=2.4.0pre4<17.02.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7033 slurm>=17.11<17.11.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-7033 webmin-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8712 py{27,34,35,36}-mercurial<4.5.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1000132 curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000121 curl<7.59.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000120 libgit2<0.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8099 libgit2<0.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8098 memcached<1.4.37 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000127 GraphicsMagick<1.3.27 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18231 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18229 GraphicsMagick<1.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18230 ImageMagick<7.0.7.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18250 ImageMagick6<6.9.9.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18251 ImageMagick<7.0.7.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18251 ImageMagick6<6.9.9.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18252 ImageMagick<7.0.7.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18252 ImageMagick<7.0.7.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-18253 ImageMagick6<6.9.9.17 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18254 ImageMagick<7.0.7.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-18254 ImageMagick6<6.9.9.39 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-8804 ImageMagick<7.0.7.27 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-8804 ImageMagick6<6.9.9.39 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8960 ImageMagick<7.0.7.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8960 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8806 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8807 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8961 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8962 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8963 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-8964 ming-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-9009 jenkins<2.107 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6356 jenkins-lts<2.89.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-6356 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9055 firefox<59.0.2 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ firefox52<52.7.3 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ seamonkey<2.49.3 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/ apache<2.4.33 multiple-vulnerabilities https://httpd.apache.org/security/vulnerabilities_24.html#2.4.33 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000100 cups<2.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18248 thunderbird<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ seamonkey<2.49.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/ GraphicsMagick<1.3.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9018 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8976 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8977 netpbm<10.73.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8975 libressl<2.7.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-8970 librelp>=1.1.1<1.2.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000140 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7570 tiff<4.0.9nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8905 nasm<2.13.02 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8881 nasm<2.14 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2018-8882 nasm<2.14 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8883 radare2<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8808 radare2<2.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8809 radare2<2.5.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8810 php{56,70,71,72}-drupal>=7<7.58 remote-code-execution https://www.drupal.org/SA-CORE-2018-002 php{56,70,71,72}-drupal>=8.4<8.4.6 remote-code-execution https://www.drupal.org/SA-CORE-2018-002 php{56,70,71,72}-drupal>=8.5<8.5.1 remote-code-execution https://www.drupal.org/SA-CORE-2018-002 php{53,54,55}-owncloud<6.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2014-1665 php{53,54,55}-owncloud<5.0.15 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-2048 knot<1.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0486 clamav<0.99.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0202 ruby{22,23,24,25}-loofah<2.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-8048 openssl<1.0.2o multiple-vulnerabilities https://www.openssl.org/news/secadv/20180327.txt openssl>=1.1.0<1.1.0h multiple-vulnerabilities https://www.openssl.org/news/secadv/20180327.txt lrzip-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9058 libvirt<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1064 php{56,70,71,72}-nextcloud<11.0.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-0936 opera-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6608 ruby{22,23,24,25}-rails-html-sanitizer<1.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-3741 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9132 ImageMagick<7.0.7.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9133 ImageMagick6<6.9.9.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9133 ImageMagick<7.0.7.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9135 ImageMagick6<6.9.9.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9135 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9138 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-9144 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9145 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9165 botan>=2.2.0<2.5.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-9127 ruby22-base<2.2.10 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby23-base<2.3.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby24-base<2.4.4 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby25-base<2.5.1 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2017-17742 ruby22-base<2.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby23-base<2.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby24-base<2.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby25-base<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8777 ruby22-base<2.2.10 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby23-base<2.3.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby24-base<2.4.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby25-base<2.5.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-6914 ruby22-base<2.2.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby23-base<2.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby24-base<2.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby25-base<2.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8778 ruby22-base<2.2.10 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby23-base<2.3.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby24-base<2.4.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby25-base<2.5.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-8780 ruby22-base<2.2.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 ruby23-base<2.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 ruby24-base<2.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 ruby25-base<2.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8779 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9256 wireshark<2.4.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9257 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9258 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9259 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9260 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9261 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9262 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9263 wireshark<2.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9264 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9265 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9266 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9267 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9268 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9269 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9270 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9271 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9272 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9273 wireshark<2.4.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-9274 gnupg2<2.2.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-9234 ncmpc<0.30 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-9240 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9252 libxml2>=2.9.6<2.9.8nb1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-9251 pam-yubico>=2.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-9275 moodle<3.4.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1081 moodle<3.4.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1082 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9303 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9304 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9305 py{27,34,35,36}-rope-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3539 patch<2.7.6nb1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 ocaml<4.07.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-9838 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9841 php{56,70,71,72}-roundcube<1.2.8 imap-injection https://nvd.nist.gov/vuln/detail/CVE-2018-9846 php56-fpm<5.6.35 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 php70-fpm<7.0.29 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 php71-fpm<7.1.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 php72-fpm<7.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10545 icu<60.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15422 libxml2<2.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18258 php{56,70,71,72}-typo3<7.6.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-6905 php{56,70,71,72}-contao35<3.5.35 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125 php{56,70,71,72}-contao44<4.4.18 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125 php{71,72}-contao45<4.5.8 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10125 squid<3.5.27nb3 denial-of-service http://www.squid-cache.org/Advisories/SQUID-2018_3.txt zabbix<3.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2826 horde<2.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2014-3999 qpdf<8.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9918 mbedtls<2.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9988 mbedtls<2.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9989 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10001 SDL2_image<2.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-3837 SDL2_image<2.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-3838 SDL2_image<2.0.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-3839 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9996 jenkins-lts<2.44 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-2599 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10016 libopenmpt<0.3.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10017 zsh<5.5 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1100 wordpress<4.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2014-6412 py27-trytond<2.4.15 command-injection https://nvd.nist.gov/vuln/detail/CVE-2014-6633 py{27,34,35,36}-diffoscope<77 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2017-0359 fuse-ntfs-3g<2017.3.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-0358 mediawiki<1.28.1 multiple-vulnerabilities https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html mysql-server>=5.5<5.5.60 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-server>=5.6<5.6.40 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-server>=5.7<5.7.22 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.5<5.5.60 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.6<5.6.40 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.7<5.7.22 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL oracle-{jdk,jre}8<8.0.171 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA openjdk8<1.8.171 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10059 cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10060 cacti<1.1.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10061 botan>=1.11.32<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9860 mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-1686 postfix<2.11.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 postfix>3.0<3.0.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 postfix>3.1<3.1.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 postfix>3.2<3.2.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-10140 openssl>=1.1.0<1.1.0i timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0737 jenkins<2.116 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000169 jenkins-lts<2.107.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1000169 jenkins<2.116 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000170 jenkins-lts<2.107.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000170 wordpress<4.9.5 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10100 wordpress<4.9.5 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10101 wordpress<4.9.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10102 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10111 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10112 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10113 gegl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10114 libreoffice<5.4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10119 libreoffice>=6<6.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10119 libreoffice<5.4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10120 libreoffice>=6<6.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10120 cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3846 cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3848 cfitsio<3.43 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3849 ImageMagick<7.0.7.29 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10177 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10186 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10187 perl<5.26.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6797 perl<5.26.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-6798 perl<5.26.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-6913 maradns<2.0.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-2031 maradns<2.0.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-2032 py{27,34,35,36}-gunicorn<19.5.0 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000164 nmap<7.70 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000161 glusterfs<3.12.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-1088 kodi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-8831 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10194 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10194 mysql-cluster<7.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-2877 phpmyadmin<4.8.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-10188 php{56,70,71,72}-drupal>=8.4<8.4.7 cross-site-scripting https://www.drupal.org/SA-CORE-2018-003 php{56,70,71,72}-drupal>=8.5<8.5.2 cross-site-scripting https://www.drupal.org/SA-CORE-2018-003 eclipse-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2017-8315 awstats-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10245 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8945 zabbix<3.4.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-2825 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10254 # reported against tiff, see https://gitlab.com/libtiff/libtiff/-/issues/128 jpeg<9d null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10126 mupdf<1.14.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10289 curl<7.52.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9586 curl<7.52.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2016-9594 openslp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17833 salt<2016.3.6 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2017-7893 nasm<2.14 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10316 packagekit<1.1.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1106 mupdf<1.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-8728 jbig2dec<0.14 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2016-8729 ansible<2.1.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-9587 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2899 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2900 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2901 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2902 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2903 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2904 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2905 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2906 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2907 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2908 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2918 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12081 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12082 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12086 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12099 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12100 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12101 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12102 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12103 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12104 blender<2.79a integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12105 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-12122 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14440 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14441 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14442 SDL2_image<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-14448 SDL2_image<2.0.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2017-14449 SDL2_image<2.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-14450 freerdp-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2834 freerdp-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-2835 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2836 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2837 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2838 freerdp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2839 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2923 freexl<1.0.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2924 openssl>=1.1.0<1.1.0h verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0733 npm<6.0.1 modification-of-assumed-immutable-data https://nvd.nist.gov/vuln/detail/CVE-2018-3728 leptonica<1.75.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-3836 ffmpeg3<3.4.3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7751 ktexteditor>=5.34.0<5.48.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10361 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10372 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10373 glusterfs<3.12.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1112 flac<1.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-6888 qemu<2.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-9602 libvorbis<1.3.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10392 libvorbis<1.3.6nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10393 enlightenment<0.17.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-1845 enlightenment<0.17.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2014-1846 xenkernel42-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel45-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel46-[0-9]* information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel48<4.8.4 information-leak https://xenbits.xen.org/xsa/advisory-258.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-259.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-259.html libraw<0.18.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10528 libraw<0.18.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10529 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10535 binutils<2.31 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10534 wavpack<5.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10536 wavpack<5.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10537 wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10538 wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10539 wavpack<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-10540 php56-iconv<5.6.36 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php70-iconv<7.0.30 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php71-iconv<7.1.17 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php72-iconv<7.2.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-10546 php>=5.6<5.6.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php>=7.0<7.0.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php>=7.1<7.1.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php>=7.2<7.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10547 php56-exif<5.6.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php70-exif<7.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php71-exif<7.1.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php72-exif<7.2.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10549 php56-ldap<5.6.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 php70-ldap<7.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 php71-ldap<7.1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 php72-ldap<7.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10548 phpmyadmin<4.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-18264 libreoffice<5.4.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10583 openvpn<2.4.6 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-9336 ansible<1.2.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-2233 p7zip<17.01 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10115 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10685 libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10733 libgxps-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10767 ncurses<6.1nb3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10754 jasper<2.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9154 abcm2ps<8.13.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10753 abcm2ps<8.13.21 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10771 wget<1.19.5 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2018-0494 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10772 poppler-utils<0.37 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10768 webkit-gtk<2.20.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0003.html webkit-gtk<2.20.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0004.html gd<2.0.35 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2007-2756 gd<2.0.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2007-3473 gd<2.0.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2007-3477 php{56,70,71,72}-drupal>=7<7.58 remote-code-execution https://www.drupal.org/SA-CORE-2018-004 php{56,70,71,72}-drupal>=8.4<8.4.8 remote-code-execution https://www.drupal.org/SA-CORE-2018-004 php{56,70,71,72}-drupal>=8.5<8.5.3 remote-code-execution https://www.drupal.org/SA-CORE-2018-004 firefox52<52.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/ python27<2.7.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python27<2.7.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 python34<3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python34<3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 python35<3.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python35<3.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 python36<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1060 python36<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1061 jenkins-lts<2.32.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-02-01/ jenkins<2.44 multiple-vulnerabilities https://jenkins.io/security/advisory/2017-02-01/ xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel48<4.8.4 privilege-escalation https://xenbits.xen.org/xsa/advisory-260.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-261.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-262.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-262.html ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11017 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11095 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11100 xpdf<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11033 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10998 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10999 lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-10992 postgresql96-contrib<9.6.9 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1115 postgresql10-contrib<10.4 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2018-1115 poppler<0.65.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18267 xdg-open<1.1.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-18266 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10963 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10780 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10958 haproxy<1.8.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10184 prosody<0.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18265 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804 ImageMagick6<6.9.9.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805 ImageMagick6<6.9.9.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805 ImageMagick<7.0.7.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251 ImageMagick6<6.9.9.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11251 ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271 ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18271 ImageMagick<7.0.7.23 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18272 ImageMagick6<6.9.9.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18272 ImageMagick<7.0.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18273 ImageMagick6<6.9.9.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18273 tiff<4.0.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10801 nghttp2>=1.10.0<1.31.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-1000168 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10776 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10777 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10778 adobe-flash-player<29.0.0.113 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-05.html adobe-flash-player<29.0.0.140 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-08.html adobe-flash-player<29.0.0.171 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-16.html podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11254 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11255 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11256 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11243 nodejs>=9<9.10.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ nodejs>=8<8.11.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ nodejs>=6<6.14.0 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/ ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11225 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11226 apache-tomcat>=7.0.0<7.0.89 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014 apache-tomcat>=8.0.0<8.0.53 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014 apache-tomcat>=8.5.0<8.5.32 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2018-8014 hdf5<1.12.2 multiple-vulnerabilities https://github.com/Twi1ight/fuzzing-pocs/tree/master/hdf5 git-base<2.16.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11235 git-base>=2.17<2.17.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11235 jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11212 jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11213 jpeg<9c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11214 zookeeper<3.4.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8012 jenkins-lts<2.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-2607 jenkins<2.44 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-2607 jenkins-lts<2.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2609 jenkins<2.44 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-2609 cppcms<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11367 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11375 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11376 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11377 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11378 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11379 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11380 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11381 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11382 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11383 radare2<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11384 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11354 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11355 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11356 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11357 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11358 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11359 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11360 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11361 wireshark<2.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362 wireshark>=2.4.0<2.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362 wireshark>=2.6.0<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11362 epiphany-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11396 mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000036 mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000037 mupdf<1.12.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000038 mupdf<1.12.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000039 mupdf<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000040 curl>=7.54.1<7.60.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000300 curl>=7.20.0<7.60.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000301 jpegoptim<1.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11416 moodle<3.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1133 moodle<3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1134 moodle<3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-1135 moodle<3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1136 moodle<3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1137 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11468 haproxy>=1.8.0<1.8.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11469 libsass>=3.4.7<3.6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11499 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11496 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11503 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11504 vlc<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11516 sudo<1.8.18p1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-7076 exiv2<0.27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11531 git-base<2.16.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11233 git-base>=2.17<2.17.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11233 taglib<1.11.1nb1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11439 graphviz-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10196 slurm>=2.4.0pre4<17.11.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-10995 ImageMagick<7.0.7.20 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-11655 ImageMagick<7.0.7.20 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-11656 ImageMagick6<6.9.9.50 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11624 ImageMagick<7.0.7.38 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-11624 ImageMagick6<6.9.9.50 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11625 ImageMagick<7.0.7.38 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11625 ruby{22,23,24,25}-sinatra<2.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-11627 ghostscript-gpl-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11645 ghostscript-agpl<9.21rc1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11645 nikto-[0-9]* arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11652 thunderbird<52.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/ sysinfo<10.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-7268 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-263.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-263.html mariadb-server<5.5.60 multiple-vulnerabilities https://mariadb.com/kb/en/library/mariadb-5560-release-notes/ prosody<0.10.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10847 npm<5.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16023 npm<2.14.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16026 libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11693 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11694 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11695 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11696 libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11697 libsass<3.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11698 libopenmpt<0.3.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11710 webkit-gtk>=2.20.0<2.20.2 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11712 webkit-gtk<2.20.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11713 webkit-gtk<2.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646 webkit24-gtk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646 webkit24-gtk3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11646 gnupg<1.4.23 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12020 gnupg2<2.2.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12020 bird<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12066 bird6<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12066 epiphany<3.28.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12016 perl<5.28.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-12015 p5-Archive-Tar<2.30 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-12015 npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3739 npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3737 npm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3721 npm<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16137 jpeg<9cnb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11813 firefox52<52.8.1 heap-buffer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ firefox<60.0.2 heap-buffer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ jenkins>=2.107<2.121 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-05-09/ jenkins<2.107.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-05-09/ sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11737 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11738 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11739 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-11740 file<5.32nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10360 grafana<5.2.0b1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-12099 lepton-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12108 thunderbird-enigmail<2.0.7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12019 seamonkey-enigmail<2.0.7 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12019 libgcrypt<1.8.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0495 nodejs>=10<10.4.1 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ nodejs>=8<8.11.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ nodejs>=6<6.14.3 multiple-vulnerabilities https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/ radare2<2.7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-12320 radare2<2.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12321 radare2<2.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12322 exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12264 exiv2<0.27 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12265 qemu<3.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11806 openssl<1.0.2p denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0732 openssl>1.1.0<1.1.0i denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0732 asterisk>=15.0<15.4.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-007.html asterisk>=13.0<13.21.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html asterisk>=14.0<14.7.7 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html asterisk>=15.0<15.4.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-008.html firefox<56.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/ password-store<1.7.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12356 libressl<2.7.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12434 botan>=2.5.0<2.7.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12435 libtomcrypt<1.18.2 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12437 boringssl-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12440 ImageMagick<7.0.7.16 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18271 ImageMagick6<6.9.9.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18271 ImageMagick<7.0.7.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-18272 ImageMagick<6.9.9.29 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-18272 ImageMagick<7.0.7.16 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18273 ImageMagick6<6.9.9.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2017-18273 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11037 hdf5<1.10.3 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-11203 hdf5<1.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11204 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11205 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11206 hdf5<1.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11207 yara-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12034 yara-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12035 evolution-data-server-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12422 libbpg-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12447 ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458 ffmpeg4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12458 ffmpeg4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12459 ffmpeg4<4.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-12460 discount<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12495 redis<4.0.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11218 redis<4.0.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-11219 redis<4.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12326 passenger<5.3.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-12026 passenger<5.3.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12027 passenger<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12028 passenger<5.3.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-12029 hdf5<1.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-11202 libjpeg-turbo<2.0.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-1152 liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12096 liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12097 liblnk<20180626 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12098 webkit-gtk<2.20.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0005.html firefox52<52.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/ glusterfs<3.12.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-10841 ntp<4.2.8p12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12327 p5-Email-Address<1.912 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12558 ImageMagick<7.0.8.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12599 ImageMagick6<6.9.10.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-12599 ImageMagick<7.0.8.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12600 ImageMagick6<6.9.10.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12600 dovecot<2.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2669 passenger<5.3.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-12615 qemu<3.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12617 phpmyadmin<4.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-12581 phpmyadmin<4.8.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12613 ansible2<2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2017-7466 jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7656 jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7657 jetty<9.4.11.20180605 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2017-7658 jetty<9.4.11.20180605 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12536 jetty<9.4.11.20180605 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2018-12538 exempi<2.4.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-12648 phpldapadmin-[0-9]* remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-12689 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12641 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12697 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12698 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12699 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12700 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12934 php72-exif<7.2.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-12882 php{56,70,71,72}-basercms<3.0.16 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-0569 php{56,70,71,72}-basercms<3.0.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0570 php{56,70,71,72}-basercms<3.0.16 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-0571 php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0572 php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0573 php{56,70,71,72}-basercms<3.0.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0574 php{56,70,71,72}-basercms<3.0.16 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-0575 h2o<2.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0608 u-boot<2018.07 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-1000205 py{34,35,36}-websockets<5.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000518 mbedtls-[0-9]* verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-1000520 ruby{22,23,24,25}-zip<1.2.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000544 wordpress<4.9.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12895 ruby{22,23,24,25}-sprockets<2.2.3nb3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-3760 ruby{22,23,24,25}-sprockets<3.7.2 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-3760 tiff<4.0.10nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12900 py{27,34,35,36}-yaml<4.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-18342 wine-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12932 wine-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12933 apache-cassandra<3.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8016 openslp-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2018-12938 p5-Archive-Zip<1.61 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-10860 xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-264.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-265.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-266.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-267.html xenkernel48<4.8.4 denial-of-service https://xenbits.xen.org/xsa/advisory-267.html podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12982 podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12983 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13005 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13006 htslib-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-14329 htslib<1.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13843 htslib<1.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13844 htslib<1.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13845 powerdns<4.1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1046 mp4v2<4.1.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14326 mp4v2<4.1.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14325 mp4v2<4.1.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-14054 clamav<0.100.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-0360 clamav<0.100.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-0361 curl>=7.52.0<7.54.0 security-bypass https://curl.haxx.se/docs/adv_20170419.html curl>=7.54.1<7.61.0 heap-overflow https://curl.haxx.se/docs/adv_2018-70a2.html libsixel<1.8.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14072 libsixel<1.8.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14073 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13866 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13867 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13868 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13869 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13870 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13871 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13872 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13873 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13874 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-13875 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13876 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14031 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14032 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14033 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14034 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14035 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13300 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13300 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13301 ffmpeg2<2.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13302 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13303 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13304 ffmpeg4<4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-13305 php{56,70,71,72}-nextcloud<12.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3761 php{56,70,71,72}-nextcloud>=13<13.0.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3761 php{56,70,71,72}-nextcloud<12.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3762 php{56,70,71,72}-nextcloud>=13<13.0.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-3762 xapian<1.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-0499 ansible<2.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10874 giflib<5.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11490 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13033 glpi>=9.2<9.3.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-13049 ming-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13066 qemu<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2615 ansible<2.4.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10855 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13112 npm<6.0.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-3750 libsndfile<1.0.28nb3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13139 ImageMagick<7.0.8.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13153 ImageMagick6<6.9.10.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13153 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13250 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13251 libsoup<2.62.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-12910 ntopng<3.4 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2018-12520 py27-mercurial<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13346 py27-mercurial<4.6.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13347 py27-mercurial<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-13348 #libsndfile-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13419 libaudiofile-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13440 qemu<2.9.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-7471 png<1.6.35 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13785 adobe-flash-player<30.0.0.113 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-19.html php{56,70,71,72}-concrete5<8.3.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-13790 rust<1.27.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000622 libgit2<0.27.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10887 libgit2<0.27.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-10888 moodle<3.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10889 moodle<3.5.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10890 moodle<3.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-10891 polkit<0.116 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1116 vlc<3.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11529 couchdb<2.1.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-8007 nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13441 nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13457 nagios<4.4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-13458 mailman<2.1.28 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-13796 radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14015 radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14016 radare2<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14017 exiv2<0.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14046 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14044 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14045 epubcheck<4.0.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2016-9487 xfe<1.40 file-permissions https://nvd.nist.gov/vuln/detail/CVE-2014-2079 libextractor<1.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14346 libextractor<1.7 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14347 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14349 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14349 mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14350 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14350 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14351 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14351 mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14352 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14352 mutt<1.10.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14353 neomutt<20180716 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14353 mutt<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14354 neomutt<20180716 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14354 mutt<1.10.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14355 neomutt<20180716 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14355 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14356 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14356 mutt<1.10.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14357 neomutt<20180716 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14357 mutt<1.10.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14358 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14358 mutt<1.10.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14359 neomutt<20180716 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14359 neomutt<20180716 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14360 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14361 mutt<1.10.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14362 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14362 neomutt<20180716 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14363 mp4v2<4.1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14379 mysql-workbench<8.0.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-2598 oracle-{jdk,jre}8<8.0.173 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA openjdk8<1.8.173 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA mysql-client>=5.5<5.5.61 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-client>=5.6<5.6.41 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-client>=5.7<5.7.23 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.5<5.5.61 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.6<5.6.41 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.7<5.7.23 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL apache<2.4.34 multiple-vulnerabilities https://httpd.apache.org/security/vulnerabilities_24.html#2.4.34 wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14339 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14340 wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14341 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14342 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14343 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14344 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14367 wireshark<2.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14368 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14369 wireshark<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14370 nss<3.30 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9574 ansible<2.3.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-7481 ffmpeg3<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14394 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14394 ffmpeg3<3.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14395 ffmpeg4<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14395 mp4v2<4.1.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14403 libxml2<2.9.8nb2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-14404 openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14423 evolution-data-server<3.21.2 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2016-10727 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14434 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14435 ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14435 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14436 ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14436 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14437 ImageMagick6<6.9.10.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14437 confuse<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14447 mp4v2<4.1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14446 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-14460 npm<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-3736 adobe-flash-player<30.0.0.134 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-24.html mitmproxy<4.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14505 aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14521 aubio<0.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14522 aubio<0.4.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14523 ImageMagick<7.0.8.8 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-14551 ImageMagick6<6.9.10.8 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-14551 jenkins-lts<2.121.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-07-18/ jenkins<2.132 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-07-18/ ffmpeg2<2.8.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 ffmpeg2<2.8.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 ffmpeg4<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 ffmpeg4<4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1999011 ffmpeg4<4.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 ffmpeg4<4.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1999013 ffmpeg3<3.4.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999010 ffmpeg3<3.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1999011 ffmpeg3<3.4.3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1999012 ffmpeg3<3.4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1999013 ffmpeg4<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1999014 ffmpeg4<4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1999015 wesnoth>=1.7.0<1.14.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1999023 u-boot<2017.09 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2017-3225 u-boot<2017.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3226 fuse<2.9.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-10906 poppler<0.67.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-13988 ansible<2.2.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-8647 gdm<3.24.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12164 kafka<0.10.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-12610 qemu<2.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-7539 mit-krb5<1.16.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2017-7562 mailman<2.1.27 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-0618 kafka<1.1.0 data-loss https://nvd.nist.gov/vuln/detail/CVE-2018-1288 qemu<2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15119 powerdns-recursor<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15120 npm<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16114 netpbm<10.61 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2579 netpbm<10.61 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2580 netpbm<10.61 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2581 netpbm<10.61 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2586 netpbm<10.61 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2587 qemu<2.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-2620 modular-xorg-server<1.19.0 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2017-2624 libXdmcp<1.1.3 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-2625 libICE<1.0.10 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2017-2626 qemu<2.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2630 curl<7.53.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-2629 qemu<1.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2633 advancecomp<2.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-1056 qemu<2.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9603 qemu<2.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15118 cups<2.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-15400 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4180 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4181 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4182 cups<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-4183 php56-exif<5.6.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php70-exif<7.0.31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php71-exif<7.1.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php72-exif<7.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14883 php56-exif<5.6.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 php71-exif<7.1.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 php70-exif<7.0.31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 php72-exif<7.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14851 bind>=9.9.12<9.9.13 authorization-bypass https://kb.isc.org/article/AA-01616/74/CVE-2018-5738 bind>=9.10.7<9.10.8 authorization-bypass https://kb.isc.org/article/AA-01616/74/CVE-2018-5738 libraw<0.18.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-5813 libraw<0.18.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5815 libraw<0.18.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-5816 thunderbird<52.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/ mbedtls>=1.2<2.1.14 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0497 mbedtls>=2.2<2.7.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0497 mbedtls>=1.2<2.1.14 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0498 mbedtls>=2.2<2.7.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-0498 libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14679 libmspack<0.7alpha unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-14680 libmspack<0.7alpha out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14681 libmspack<0.7alpha denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14682 firefox<49.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/ firefox<50.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/ firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/ firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-90/ thunderbird45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-93/ firefox<55.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/ firefox52<52.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-18/ firefox52<52.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-05/ thunderbird45<45.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-07/ thunderbird<52.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-09/ firefox<50.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/ firefox45<45.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/ firefox52<52.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/ firefox<59.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/ firefox52<52.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/ firefox<59.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/ firefox<57.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-27/ firefox52<52.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-28/ firefox52<52.0.1 integer-overflow https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/ thunderbird<52.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/ wordpress-[0-9]* remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-14028 postgresql93-server<9.3.24 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql94-server<9.4.19 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql95-server<9.5.14 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql96-server<9.6.10 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ postgresql10-server<10.5 multiple-vulnerabilities https://www.postgresql.org/about/news/1878/ wpa_supplicant<2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14526 couchdb<2.2.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-11769 webkit-gtk<2.20.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0006.html nmap<7.80 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15173 squirrelmail<1.4.23pre14832 multiple-vulnerabilities https://sourceforge.net/p/squirrelmail/bugs/2831/ tcpflow-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14938 cgit<1.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14912 py{27,34,35,36,37}-cryptography>=1.9.0<2.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10903 ansible<2.2.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-8614 ansible<2.2.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2016-8628 curl<7.51.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-8618 curl<7.51.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-8617 curl<7.51.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8622 curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8624 curl<7.51.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-8621 curl<7.51.0 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2016-8615 curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8616 curl<7.51.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8620 curl<7.51.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-8619 curl<7.51.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8623 curl<7.51.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2016-8625 nss<3.28 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-8635 nagios-base<4.2.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-8641 openjpeg<2.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2016-9572 openjpeg<2.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9573 openjpeg<2.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-9580 openjpeg<2.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2016-9581 lftp<4.8.4 arbitrary-file-removal https://nvd.nist.gov/vuln/detail/CVE-2018-10916 libXcursor<1.1.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-9262 jasper<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-8654 jasper<2.0.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-9583 cfitsio<3.44 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-3847 apache-tomcat>=7.0.28<7.0.87 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=8.0.0<8.0.52 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=8.5.0<8.5.31 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=9.0.0<9.0.8 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-1336 apache-tomcat>=7.0.35<7.0.89 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=8.0.0<8.0.53 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=8.5.0<8.5.32 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=9.0.0<9.0.10 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-8034 apache-tomcat>=8.5.5<8.5.32 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8037 apache-tomcat>=9.0.0<9.0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8037 ntp<4.2.8p10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-9042 knot<2.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-10920 #php-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-9118 # disputed https://bugs.php.net/bug.php?id=74604 php{56,70,71,72}-mysqli-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9120 php>=7.0<7.0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884 php>=7.1<7.1.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884 php>=7.2<7.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14884 mantis>=2.1.0<2.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-13055 mantis>=2.0<2.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14504 py{27,34,35,36,37}-django>=1.11.0<1.11.15 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574 py{34,35,36,37}-django>=2.0<2.0.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574 php{56,70,71,72}-drupal>=7<7.56 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-003 php{56,70,71,72}-drupal>=8<8.3.4 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-003 rpm<4.14.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-7500 webkit-gtk<2.20.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-12293 webkit-gtk<2.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12294 php{56,70,71,72}-tiki6<18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14849 php{56,70,71,72}-tiki6<18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14850 php{56,70,71,72}-nextcloud<13.05 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-3780 apache>=2.2<2.2.32 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2016-4975 apache>=2.4<2.4.25 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2016-4975 redis<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12453 gdm<3.29.91 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14424 mingw-w64-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-5392 libxml2<2.9.8nb3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-14567 xentools42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xentools45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xentools48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xentools411<4.11.1 denial-of-service https://xenbits.xen.org/xsa/advisory-272.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-269.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-269.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-269.html openssh<7.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15473 libgit2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15501 py{27,34,35,36,37}-cryptodome<3.6.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-15560 py{27,34,35,36,37}-Pyro<3.15 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-2765 sympa<6.2.32 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000550 zutils<1.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000637 libtasn1<4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000654 rust>=1.3.0<1.22.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000657 libvirt<2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2015-5160 pkgconf>=1.5.0<1.5.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000221 soundtouch<2.1.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000223 gd<2.2.5nb4 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000222 dropbear<2019.77 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-15599 nodejs<6.14.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166 nodejs>=8<8.11.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166 nodejs>=10<10.9.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-7166 nodejs<6.14.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115 nodejs>=8<8.11.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115 nodejs>=10<10.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-12115 ImageMagick<7.0.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15607 ImageMagick6<6.9.10.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15607 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15671 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15672 gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10844 gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10845 gnutls<3.6.3 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10846 samba<4.6.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10858 samba>=4.7<4.7.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10918 samba>=4.8<4.8.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10918 samba<4.6.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10919 samba>=4.7<4.7.9 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-1139 samba>=4.8<4.8.4 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-1139 samba>=4.8<4.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1140 libbpg-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-2575 libvirt>=2.5.0<3.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-2635 curl<7.10.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2003-1605 jenkins-lts<2.121.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-08-15/ jenkins<2.138 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-08-15/ ffmpeg2<2.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822 ffmpeg3<3.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822 ffmpeg4<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15822 php{56,70,71,72}-nextcloud<12.0.3 weak-authorization https://nvd.nist.gov/vuln/detail/CVE-2018-3775 php{56,70,71,72}-nextcloud<12.0.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-3776 libX11<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14598 libX11<1.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14599 libX11<1.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-14600 pango<1.42.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15120 php{56,70,71,72,73}-phpmyadmin<4.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-15605 ntp<4.2.8p11 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15605 xenkernel42-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel45-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel46-[0-9]* sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel48<4.8.5 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html xenkernel411<4.11.1 sensitive-information-disclosure https://xenbits.xen.org/xsa/advisory-273.html apache-ant<1.9.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15605 apache-ant>=1.10<1.10.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15605 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16391 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16392 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16393 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16418 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16419 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16420 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16421 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16422 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16423 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16424 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16425 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16426 opensc<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16427 libykneomgr-[0-9]* multiple-vulnerabilities https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/ ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15870 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15871 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15853 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15854 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15855 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15856 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15857 libxkbcommon<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15858 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15859 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15861 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15862 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15863 libxkbcommon<0.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15864 ap{22,24}-perl<2.0.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2011-2767 podofo<0.9.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15889 ghostscript-agpl<9.24 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15908 ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-15908 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15909 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15909 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15910 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15910 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15911 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15911 nsd<4.1.23 sensitive-information-disclosure https://www.nlnetlabs.nl/projects/nsd/security-advisories/#nsd-time-sensitive-tsig-compare-vulnerability firefox<62.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/ firefox60<60.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/ ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16511 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16511 ghostscript-agpl<9.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16509 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16509 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16510 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16510 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16513 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16513 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16541 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16541 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16539 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16539 ghostscript-agpl<9.24 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16540 ghostscript-gpl-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16540 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16542 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16542 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16543 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16585 ghostscript-agpl<9.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16585 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16543 ghostscript-agpl<9.25 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16802 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16802 adobe-flash-player<30.0.0.154 multiple-vulnerabilities https://helpx.adobe.com/security/products/flash-player/apsb18-25.html trafficserver<7.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1318 trafficserver<7.1.4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2018-8004 trafficserver<7.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8005 trafficserver<6.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8022 trafficserver<7.1.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8040 spamassassin<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15705 spamassassin<3.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-11780 spamassassin<3.4.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11781 ImageMagick<7.0.8.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16323 ImageMagick<7.0.8.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16328 ImageMagick6<6.9.10.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16328 ImageMagick<7.0.8.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16329 ImageMagick<7.0.8.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16412 ImageMagick<7.0.8.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16413 ImageMagick6<6.9.10.11 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16413 ImageMagick<7.0.8.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16640 ImageMagick6<6.9.10.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16640 ImageMagick<7.0.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16641 ImageMagick<7.0.7.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16642 ImageMagick6<6.9.9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16642 ImageMagick<7.0.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16643 ImageMagick6<6.9.10.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16643 ImageMagick<7.0.8.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16644 ImageMagick<6.9.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16644 ImageMagick<7.0.8.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16645 ImageMagick<7.0.7.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16749 ImageMagick6<6.9.9.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16749 ImageMagick<7.0.7.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16750 ImageMagick6<6.9.9.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16750 mgetty<1.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16741 mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16742 mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16743 mgetty<1.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16744 mgetty<1.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16745 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10904 glusterfs<3.12.14 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10907 glusterfs<3.12.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10911 glusterfs<3.12.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10913 glusterfs<3.12.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10914 glusterfs<3.12.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10923 glusterfs<3.12.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10924 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10926 glusterfs<3.12.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10927 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10928 glusterfs<3.12.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10929 glusterfs<3.12.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-10930 icu<60.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-15396 moodle<3.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-14630 moodle<3.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-14631 curl<7.61.1 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2018-14618 wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16056 wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16057 wireshark<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16058 glib2<2.56.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16428 glib2<2.56.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16429 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16336 php{56,70,71,72}-contao35<3.5.36 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057 php{56,70,71,72}-contao44<4.4.25 cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057 php{71,72}-contao45-4.5.* cross-site-scripting https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17057 php{71,72}-contao45-4.5.* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh-[0-9]* oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-15919 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15746 grafana<4.6.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-15727 fig2dev<3.2.7b out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-16140 jdbc-postgresql{93,94}-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-10936 tiff<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16335 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16368 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16369 openjpeg<2.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16375 openjpeg<2.3.1nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16376 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16554 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17088 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16647 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16648 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16382 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16517 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16999 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000667 openafs<1.6.23 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16947 openafs>=1.7<1.8.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16947 openafs<1.6.23 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16948 openafs>=1.7<1.8.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16948 openafs<1.6.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16949 openafs>=1.7<1.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16949 powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7068 pdns-recursor<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7068 powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7072 powerdns<4.0.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7073 pdns-recursor<4.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7073 powerdns<4.0.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7074 pdns-recursor<4.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-7074 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17096 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17097 soundtouch<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17098 tiff<4.0.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17000 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17100 tiff<4.0.9nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17101 wordpress<4.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1000600 wordpress-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000773 zsh<5.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0502 zsh<5.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-13259 libextractor<1.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16430 lcms2<2.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16435 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16438 pidgin<2.11.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-1000030 npm<3.10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-1000232 py{27,34,35,36,37,38}-flask-admin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16516 zziplib<0.13.70 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16548 sympa<6.2.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000671 okular<18.08.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-1000801 accountsservice<0.6.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-14036 poppler<0.72 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16646 openssl<1.0.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2016-7056 monit<5.20.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2016-7067 ansible<2.4.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10875 libbson<1.13.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16790 dnsdist<1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-7069 radare2<2.9.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-15834 gitolite<3.6.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16976 opencc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16982 tor-browser<8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-16983 php<5.6.38 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 php>=7.0<7.0.32 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 php>=7.1<7.1.22 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 php>=7.2<7.2.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17082 libaudiofile-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17095 podofo<0.9.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-14320 thunderbird<60.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/ firefox<61.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/ boringssl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-15423 xml-security-c<2.0.1 denial-of-service https://shibboleth.net/community/advisories/secadv_20180803.txt seamonkey<2.49.4 multiple-vulnerabilities https://www.seamonkey-project.org/releases/seamonkey2.49.4/ bitcoin<0.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17144 ghostscript-agpl<9.25 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-17183 ghostscript-gpl-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-17183 elasticsearch<6.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-3826 elasticsearch<6.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-3831 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17229 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17230 hylafax<6.0.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17141 asterisk>=11<12 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-009.html bind<8.2.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2001-0497 bind>=9.0<9.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2001-0497 sun-{jre,jdk}<1.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2000-1099 dropbear<0.43 unauthorised-access https://nvd.nist.gov/vuln/detail/CVE-2004-2486 hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17233 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17234 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17237 libmp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17235 libmp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17236 exiv2<0.27 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17282 gitolite<3.5.3.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2013-4451 gitolite<3.5.3.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2013-7203 haproxy<1.8.14 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14645 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17358 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17359 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17360 mediawiki<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0503 mediawiki<1.31.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-0504 mediawiki<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-0505 mediawiki>=1.31<1.31.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-13258 firefox60<60.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/ dvipsk<5.998nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407 luatex<1.07.0nb6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407 web2c<2018nb5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17407 hdf5-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17432 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17433 hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17434 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17435 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17436 hdf5<1.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17437 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17438 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17439 spidermonkey52-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ firefox<62.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ firefox60<60.2.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/ git-base<2.14.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.15<2.15.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.16<2.16.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.17<2.17.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.18<2.18.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 git-base>=2.19<2.19.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17456 py27-expat<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py34-expat<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py35-expat<3.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py36-expat<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 py37-expat<3.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14647 adobe-flash-player<31.0.0.108 privilege-escalation https://helpx.adobe.com/security/products/flash-player/apsb18-31.html apache>=2.4.17<2.4.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-11763 ruby{23,24,25}-jekyll<3.6.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567 ruby{23,24,25}-jekyll>=3.7<3.7.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567 ruby{23,24,25}-jekyll>=3.8<3.8.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-17567 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17580 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17582 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17581 libiberty-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-17794 zziplib-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-17828 py{34,35,36,37,38}-django>=2.1<2.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16984 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17965 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17966 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-17967 ImageMagick<7.0.7.28 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18016 ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18023 ImageMagick6<6.9.10.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18024 ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18024 ImageMagick<7.0.8.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18025 tcpreplay<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17974 apache-tomcat<7.0.91 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 apache-tomcat>=8.0<8.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 apache-tomcat>=8.5.0<8.5.34 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 apache-tomcat>=9.0.0<9.0.12 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-11784 py27-mercurial<4.7.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-17983 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17985 py{27,34,35,36,37,38}-paramiko<2.4.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1000805 py{27,34,35,36,37,38}-OpenSSL<17.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000807 py{27,34,35,36,37,38}-OpenSSL<17.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000808 rust<1.29.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000810 cairo<1.16.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18064 net-snmp<5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18065 net-snmp<5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18066 webkit-gtk<2.22.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0007.html firefox45-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox52-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages spidermonkey52-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tinc<1.0.30 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16737 tinc<1.0.35 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16738 tinc<1.0.35 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-16758 geeklog<1.4.0rc1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2005-4026 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17961 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17961 py{27,34,35,36,37,38}-requests<2.20.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-18074 qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17958 qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17962 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17963 openjpeg<2.3.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18088 jenkins-lts<2.138.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-10-10/ jenkins<2.146 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-10-10/ wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18225 wireshark>=2.6.0<2.6.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18226 wireshark<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18227 wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18227 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18309 py27-moin<1.9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-5934 clamav<0.100.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15378 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18073 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18073 libssh<0.76 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-10933 firefox{,-bin,-gtk1}<1.5.0.9 heap-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-69.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 heap-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-69.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-69.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow https://www.mozilla.org/security/announce/2006/mfsa2006-69.html firefox60<60.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/ firefox<62.0.2 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2018-22/ thunderbird<60.2.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/ firefox60<60.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/ tiff<4.0.9nb4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18557 modular-xorg-server>=1.19<1.20.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-14665 mkvtoolnix<28.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-4022 salt<2018.3.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-15750 salt<2018.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15751 mysql-server>=5.5<5.5.62 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL mysql-server>=5.6<5.6.42 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL mysql-server>=5.7<5.7.24 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL mariadb-server>=5.5<5.5.62 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL oracle-{jdk,jre}8<8.0.192 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA openjdk8<1.8.192 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixJAVA xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18454 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18455 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18456 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18457 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18458 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18459 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18650 xpdf<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18651 qemu<4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18438 qemu<4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10839 unzip<6.0nb9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18384 tcpreplay<4.3.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18407 tcpreplay<4.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-18408 tcpflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18409 openexr<2.4.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18443 openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18444 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18483 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18484 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18284 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18284 xfce4-thunar-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-18398 ImageMagick<7.0.8.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18544 ImageMagick6<6.9.10.14 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18544 teeworlds<0.6.5 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18541 libmspack<0.8alpha out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18584 libmspack<0.8alpha unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-18585 libmspack<0.8alpha directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-18586 ansible<2.6.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16837 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18605 binutils<2.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18606 binutils<2.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18607 amanda-client<3.3.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-10729 amanda-client<3.3.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-10730 prayer-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-18655 mupdf<1.15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-18662 tiff<4.0.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18661 openssl>=1.1.0<1.1.0j timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0735 py{27,34,35,36,37,38}-flask<0.12.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000656 gthumb-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2018-18718 gettext-tools<0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18751 mini_httpd<1.30 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-18778 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18700 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18701 openssl<1.0.2q timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0734 openssl>=1.1.0<1.1.0j timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-0734 firefox<63.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/ ruby{22,23,24,25}-loofah<2.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16468 curl<7.62.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16839 curl<7.62.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-16840 curl<7.62.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16842 php{56,70,71,72}-nextcloud<12.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16463 php{56,70,71,72}-nextcloud>=13<13.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16463 php{56,70,71,72}-nextcloud<14.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16464 php{56,70,71,72}-nextcloud<14.0.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16465 php{56,70,71,72}-nextcloud<12.0.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16466 php{56,70,71,72}-nextcloud>=13<13.0.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16466 php{56,70,71,72}-nextcloud<14.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16467 mantis>=2.1.0<2.17.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17782 mantis>=2.1.0<2.17.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-17783 redis<6.0.6nb1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-2121 glusterfs<4.1.6 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-14651 glusterfs<4.1.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14652 glusterfs<4.1.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-14653 glusterfs<4.1.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2018-14654 glusterfs<4.1.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14659 glusterfs<4.1.6 format-string https://nvd.nist.gov/vuln/detail/CVE-2018-14661 jasper<2.0.19 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-18873 samba<4.3.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2125 libexif<0.6.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-6328 xenkernel411<4.11.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18883 icecast<2.4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18820 samba>=4.0.0<4.3.13 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2016-2123 powerdns<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-2120 glusterfs<4.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14660 SDL2_image<2.0.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-3977 qemu<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16847 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18849 poppler<0.73.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-18897 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18915 icu<63.1nb2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18928 ruby23-base<2.3.8 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395 ruby24-base<2.4.5 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395 ruby25-base<2.5.2 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-16395 ruby23-base<2.3.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396 ruby24-base<2.4.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396 ruby25-base<2.5.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-16396 ruby{23,24,25}-rack>=2.0.4<2.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16470 ruby{23,24,25}-rack16<1.6.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16471 ruby{23,24,25}-rack<2.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16471 php{56,70,71,72}-basercms<4.1.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18942 php{56,70,71,72}-basercms<4.1.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18943 ruby{23,24,25}-i18n<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-10077 nginx<1.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16843 nginx>=1.15<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16843 nginx<1.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16844 nginx>=1.15<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16844 powerdns<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 powerdns>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10851 powerdns>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626 pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626 pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14626 pdns-recursor<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14644 pdns-recursor>=4.1.0<4.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14644 lighttpd<1.4.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-19052 poppler<0.72.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19058 poppler<0.72.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-19059 poppler<0.72.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19060 librecad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19105 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19107 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19108 postgresql93-server<9.3.25 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql94-server<9.4.20 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql95-server<9.5.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql96-server<9.6.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 postgresql10-server<10.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16850 squid-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19131 squid-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19132 jasper<2.0.19 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19139 poppler<0.70.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19149 caddy<0.11.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19148 poppler<0.70.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19149 thunderbird<60.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/ py{27,34,35,36,37,38}-crypto-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages uriparser<0.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-19198 uriparser<0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19199 uriparser<0.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19200 php{56,70,71,72}-roundcube-plugin-enigma<1.3.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19205 php{56,70,71,72}-roundcube<1.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19206 libwpd<0.10.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19208 tiff<4.0.10nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19210 ncurses<6.1nb7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19211 ncurses<6.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19217 nasm<2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19209 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19213 nasm<2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19214 nasm<2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19215 nasm<2.13.02 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-19216 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19218 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19219 adobe-flash-player<31.0.0.148 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb18-39.html asterisk>=15.0<15.6.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2018-010.html harfbuzz<1.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9274 qemu<3.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-18954 webkit1-gtk{,3}-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages go-net<20180713 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17075 go-net<20180926 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17142 go-net<20180926 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17143 go-net<20190126 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-17846 go-net<20190126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17847 go-net<20190126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17848 py{27,34,35,36,37,38}-notebook<5.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19351 py{27,34,35,36,37,38}-notebook<5.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19352 gnome-keyring-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19358 xenkernel42-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel48<4.8.5 privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel411<4.11.0nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-275.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-276.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-277.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-279.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-279.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-279.html xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-280.html xenkernel411<4.11.0nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-280.html u-boot<2018.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18439 u-boot<2018.09 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18440 php<7.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19396 webkit-gtk<2.22.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0008.html ghostscript-agpl<9.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-19409 ghostscript-gpl-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-19409 libsndfile<1.0.28nb3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19432 adobe-flash-player<31.0.0.153 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb18-44.html php56-imap<5.6.39 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 php70-imap<7.0.33 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 php71-imap<7.1.25 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 php72-imap<7.2.13 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-19518 py{27,34,35,36,37,38}-tryton>=5.0.0<5.0.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-19443 openssl<1.0.2q timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-5407 openssl>=1.1.0<1.1.0i timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-5407 ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19475 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19475 ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19476 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19476 ghostscript-agpl<9.26 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19477 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19477 git-base<2.19.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19486 gnuplot<5.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19490 gnuplot<5.2.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19491 gnuplot<5.2.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19492 faad2<2.9.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19502 faad2<2.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19503 faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19504 qpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18020 tcpdump-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19519 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19532 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19535 jasper<2.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19539 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19540 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19541 jasper<2.0.17 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19542 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19543 pdns-recursor>=4.1.0<4.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16855 moodle<3.5.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-16854 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19565 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19566 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19567 dcraw-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19568 dnsdist<1.3.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-14663 ruby{23,24,25}-activejob42<4.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16476 ruby{23,24,25}-activejob51<5.1.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16476 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19607 samba>=4.0.0<4.9.3 denial-of-service https://www.samba.org/samba/security/CVE-2018-14629.html samba>=4.3.0<4.9.3 double-free https://www.samba.org/samba/security/CVE-2018-16841.html samba>=4.0.0<4.9.3 denial-of-service https://www.samba.org/samba/security/CVE-2018-16851.html avahi<0.8 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2018-1000845 nodejs<6.15.0 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2018-12116 nodejs>=8<8.14.0 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2018-12116 nodejs<6.15.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-12120 nodejs<6.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121 nodejs>=8<8.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121 nodejs>=10<10.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12121 nodejs<6.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122 nodejs>=8<8.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122 nodejs>=10<10.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12122 nodejs<6.15.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123 nodejs>=8<8.14.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123 nodejs>=10<10.14.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-12123 samba>=4.9.0<4.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-16852 samba>=4.9.0<4.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16853 samba>=4.9.0<4.9.3 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2018-16857 qemu<4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19665 dcraw-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19655 wireshark<2.4.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19622 wireshark>=2.6.0<2.6.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19622 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19623 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19623 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19624 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19624 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19625 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19625 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19626 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19626 wireshark<2.4.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19627 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19627 wireshark>=2.6.0<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19628 lighttpd<1.4.20 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4359 lighttpd<1.4.20 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2008-4360 seamonkey<2.4 multiple-vulnerabilities https://www.mozilla.org/security/announce/2011/mfsa2011-41.html seamonkey<2.4 information-disclosure https://www.mozilla.org/security/announce/2011/mfsa2011-45.html libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19661 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19662 libjpeg-turbo<2.0.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19664 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8784 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8785 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8786 freerdp<2.0.0rc4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-8787 freerdp<2.0.0rc4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-8788 freerdp<2.0.0rc4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-8789 perl<5.28.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18311 perl<5.28.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-18312 perl<5.26.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18313 perl<5.26.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-18314 sleuthkit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19497 nasm<2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19755 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19756 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19757 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19759 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19761 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19762 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19763 confuse<3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19760 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19758 mxml-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-19764 mupdf-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19777 py{27,34,35,36,37,38}-lxml<4.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19787 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19797 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19827 gnutls<3.6.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-16868 nettle<3.4.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-16869 polkit<0.116 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19788 ruby1{8,9}-puppet<2.7.18 spoofing https://nvd.nist.gov/vuln/detail/CVE-2012-3408 nss<3.40.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12404 libsass<3.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19837 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19838 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19839 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19840 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19841 radare2<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19842 radare2<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19843 vault<1.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19786 qt5-qtbase<5.11.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-19865 vlc<3.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19857 webkit-gtk<2.22.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19876 mbedtls<2.7.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-19608 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19881 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19882 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19886 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19887 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19888 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19889 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19890 faac<1.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19891 adobe-flash-player<32.0.0.101 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb18-42.html php{53,54}-owncloud<5.0.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2013-2085 py{27,34,35,36,37,38}-httplib2-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-2037 jenkins-lts<2.138.4 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-12-05/ jenkins<2.154 multiple-vulnerabilities https://jenkins.io/security/advisory/2018-12-05/ php-5.5.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.6.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-7.0.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel42-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel48<4.8.5 denial-of-service https://xenbits.xen.org/xsa/advisory-282.html xenkernel411<4.11.1 denial-of-service https://xenbits.xen.org/xsa/advisory-282.html binutils<2.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19931 binutils<2.32 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-19932 php56-imap<5.6.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 php70-imap<7.0.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 php71-imap<7.1.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 php72-imap<7.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19935 libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5800 libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5801 libraw<0.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5802 libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5804 libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5805 libraw<0.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5806 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5807 libraw<0.18.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5808 libraw<0.18.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-5809 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5810 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5811 libraw<0.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5812 consul<1.4.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19653 binutils<2.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20002 mxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20004 mxml-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-20005 php{56,70,71,72,73}-phpmyadmin<4.8.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-19968 php{56,70,71,72,73}-phpmyadmin<4.8.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-19969 php{56,70,71,72,73}-phpmyadmin<4.8.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19970 py{27,34,35,36,37,38}-urllib3<1.2.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-20060 firefox<64.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/ firefox60<60.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-30/ exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20096 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20097 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20098 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20099 haproxy<1.8.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20102 haproxy<1.8.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20103 inetutils-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-0469 grafana<4.6.5 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-19039 qemu<3.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-19364 qemu<3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19489 webkit-gtk<2.22.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2018-0009.html qemu<4.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2018-16872 go<1.10.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16873 go>=1.11<1.11.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16873 go<1.10.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16874 go>=1.11<1.11.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16874 go<1.10.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16875 go>=1.11<1.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16875 wordpress<5.0.1 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2018-20147 wordpress<5.0.1 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20148 wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20149 wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20150 wordpress<5.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20151 wordpress<5.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-20152 wordpress<5.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20153 sqlite3<3.25.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20346 couchdb<2.3.0 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2018-17188 nagios-base<4.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18245 icinga-base>=2<2.6.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-18246 icinga-base>=2<2.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18247 icinga-base>=2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18248 icinga-base>=2<2.6.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-18249 icinga-base>=2<2.6.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-18250 yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19974 yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19975 yara-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19976 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20123 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20184 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20185 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20189 libsass<3.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20190 libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5817 libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5818 libraw<0.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5819 libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20030 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20194 faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20195 faad2<2.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20196 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20197 faad2<2.8.8nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20198 faad2<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20199 ruby{193,200,21,22,23,24,25}-sprockets>=2.2<2.2.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-7819 ruby{193,200,21}-sprockets>=2.8<2.8.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-7819 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-6307 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15126 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-15127 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20019 libVNCServer<0.9.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20020 libVNCServer<0.9.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20021 libVNCServer<0.9.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20022 libVNCServer<0.9.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20023 libVNCServer<0.9.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20024 netatalk22<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160 netatalk30<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160 netatalk3<3.1.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-1160 grafana<5.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000816 freecol-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2018-1000825 zoneminder<1.32.3 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000832 zoneminder<1.32.3 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2018-1000833 freerdp-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-1000852 gnupg2<2.2.12 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-1000858 binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000876 libarchive>=3.1.0<3.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000877 libarchive>=3.1.0<3.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1000878 libarchive>=3.3.0<3.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-1000879 libarchive>=3.2.0<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000880 mbedtls1-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nasm<2.15.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000886 knc<1.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9732 elasticsearch>=6.4.0<6.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-17244 elasticsearch>=6.5.0<6.5.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2018-17247 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19134 ghostscript-agpl<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-19134 qemu<4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20124 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20125 qemu<4.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20126 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20191 qemu<4.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-20216 libjpeg-turbo<2.0.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20330 libraw<0.20.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20337 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20357 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20358 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20359 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20360 faad2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20361 faad2<2.8.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20362 libraw<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20363 libraw<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20364 libraw<0.19.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20365 xchat-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python36<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20406 python37<3.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20406 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20425 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20426 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20427 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20428 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20429 libextractor<1.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20430 libextractor<1.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20431 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20455 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20456 radare2<3.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20457 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20458 radare2<3.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20459 radare2<3.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20460 radare2<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20461 ImageMagick<7.0.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20467 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20481 gtar-base<1.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20482 wget<1.20.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20483 mit-krb5<1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20217 qt5-qtbase<5.11.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-15518 qt5-qtbase<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19870 qt5-qtbase<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19873 qt5-qtimageformats<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19871 qt5-qtsvg<5.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19869 wireshark<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12086 wireshark>=2.6.0<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12086 py{27,34,35,36,37,38}-mezzanine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16632 nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20535 nasm<2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20538 libcaca<0.99.20 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2018-20544 libcaca<0.99.20 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20545 libcaca<0.99.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20546 libcaca<0.99.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20547 libcaca<0.99.20 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20548 libcaca<0.99.20 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20549 tcpreplay<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20552 tcpreplay<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20553 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20551 jasper<2.0.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20570 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20573 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20574 #jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20584 Disputed, see https://github.com/jasper-maint/jasper/issues/19 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20591 mxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20592 mxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20593 netbeans-ide<10.0 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2018-17191 jasper<2.0.19 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20622 binutils<2.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-20623 binutils<2.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20651 binutils<2.32 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20657 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20650 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19478 ghostscript-agpl<9.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19478 aria2<1.35.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3500 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3573 libsixel<1.8.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3574 ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3572 ansible<2.6.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16876 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20230 poppler<0.73.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20662 py{27,34,35,36,37,38}-django<1.11.18 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py{34,35,36,37,38}-django>=2.0<2.0.10 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py{34,35,36,37,38}-django>=2.1<2.1.5 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py27-django-1.4.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,34,35,36}-django-1.8.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages uriparser<0.9.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20721 rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8791 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8792 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8793 rdesktop<1.8.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-8794 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8795 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8796 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8797 rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-8798 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-8799 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-8800 rdesktop<1.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20174 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20175 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20176 rdesktop<1.8.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-20177 rdesktop<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20178 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20179 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20180 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20181 rdesktop<1.8.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20182 binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20671 binutils<2.32 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20673 qemu<3.1.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2018-16867 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5716 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5717 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5717 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5718 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5718 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5719 wireshark>=2.6.0<2.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5719 wireshark<2.4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5721 mate-screensaver<1.20.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20681 gitolite<3.6.11 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20683 irssi<1.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-5882 tiff<4.0.10nb1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-6128 mupdf<1.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6130 mupdf<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6131 openssh<8.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-20685 openssh<8.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-6109 openssh<8.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-6110 openssh<8.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6111 polkit<0.116 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6133 zeromq>=4.2.0<4.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6250 binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20712 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6285 yaml-cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6292 libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6283 libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6284 libsass<3.6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6286 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6290 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6291 flex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6293 php{56,70,71,72}-drupal>=8<8.3.7 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2017-004 php{56,70,71,72}-tiki6<17.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20719 mysql-server>=5.6<5.6.43 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL mysql-server>=5.7<5.7.25 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL mariadb-server>=5.5<5.5.63 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL oracle-{jdk,jre}8<8.0.202 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA openjdk8<1.8.202 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixJAVA bind>=9.9<9.9.9pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138 bind>=9.10<9.10.4pl8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138 bind>=9.11<9.11.0pl5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-3138 bind>=9.12<9.12.1pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5736 bind>=9.12<9.12.1pl2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5737 bind>=9.9<9.9.13pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.10<9.10.8pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.11<9.11.4pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.12<9.12.2pl1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5740 bind>=9.11<9.11.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-5741 bind>=9.12<9.12.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-5741 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20723 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20724 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20725 cacti<1.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-20726 cairo<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6461 cairo<1.16.0nb8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6462 py{27,34,35,36,37,38}-numpy-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6446 php{56,70,71,72}-drupal>=7<7.62 unspecified https://www.drupal.org/SA-CORE-2019-001 php{56,70,71,72}-drupal>=8<8.6.6 unspecified https://www.drupal.org/SA-CORE-2019-001 php{56,70,71,72}-drupal>=7<7.62 arbitrary-code-execution https://www.drupal.org/SA-CORE-2019-002 php{56,70,71,72}-drupal>=8<8.6.6 arbitrary-code-execution https://www.drupal.org/SA-CORE-2019-002 jenkins-lts<2.150.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-01-16/ jenkins<2.160 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-01-16/ mysql-client>=5.5<5.5.62nb1 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/ mysql-client>=5.6<5.6.42nb1 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/ mysql-client>=5.7<5.7.24nb2 information-disclosure https://gwillem.gitlab.io/2019/01/20/sites-hacked-via-mysql-protocal-flaw/ pdns-recursor>=4.1.0<4.1.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3806 pdns-recursor>=4.1.0<4.1.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3807 firefox<68.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt cliqz<1.28.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt firefox60-[0-9]* information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt tor-browser<9.0 information-disclosure https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-041.txt apache>=2.4.17<2.4.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17189 apache>=2.4.37<2.4.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0190 apache>=2.4.0<2.4.38 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-17199 opensc<0.20.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-6502 ap{22,24}-subversion<1.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11803 lua53<5.3.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-6706 go110<1.10.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-6486 go111<1.11.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-6486 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6777 postgresql{10,94,95,96}-postgis2<2.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18359 mumble<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20743 faad2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-6956 php{56,70,71,72,73}-phpmyadmin<4.8.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-6798 php{56,70,71,72,73}-phpmyadmin<4.8.5 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-6799 gd<2.3.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php56-gd<5.6.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php71-gd<7.1.26 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php72-gd<7.2.14 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 php73-gd<7.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6977 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6116 ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-6116 py27-gnupg<0.4.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6690 gd<2.3.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-6978 openjpeg<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6988 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6990 zoneminder-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6991 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-6992 firefox<65.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/ firefox60<60.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/ nasm<2.15.04 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-7147 thunderbird<60.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2018-31/ thunderbird<60.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/ libvncserver<0.9.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20748 libvncserver<0.9.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20749 libvncserver-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20750 rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1000018 rssh-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages npm<6.2.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16487 npm<6.4.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2018-16492 poppler<0.74.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7310 php{56,70,71,72}-pear<1.10.7nb1 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2018-1000888 py{27,34,35,36,37,38}-buildbot<1.8.1 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-7313 libreoffice<6.1.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-16858 rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3463 rssh-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3464 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-20751 agg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6245 agg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6247 png<1.6.37 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-7317 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7325 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7326 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7327 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7328 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7329 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7330 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7331 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7332 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7333 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7334 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7335 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7336 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7337 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7338 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7339 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7340 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7341 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7342 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7343 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7344 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7345 zoneminder-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-7346 zoneminder-[0-9]* improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2019-7347 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7348 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7349 zoneminder-[0-9]* session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-7350 zoneminder-[0-9]* log-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7351 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-7352 cvsweb<3.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-1000998 rebar3>3.7<3.8.0 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-1000014 ffmpeg4<4.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1000016 libarchive>=3.0.2<3.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1000019 libarchive>=2.8.0<3.4.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-1000020 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7395 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7395 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7396 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7396 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7397 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7397 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7398 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7398 dovecot<2.3.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3814 curl>=7.36.0<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16890 gnurl<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-16890 curl>=7.36.0<7.64.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-3822 gnurl<7.64.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-3822 curl>=7.34.0<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3823 gnurl<7.64.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3823 gdm<3.31.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3825 cgiirc<0.5.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2017-8920 gpac<0.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20760 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20761 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20762 gpac<0.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20763 py{27,34,35,36,37,38}-sqlalchemy<1.3.0b3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7548 ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-7581 ming-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-7582 SDL<1.2.15nb27 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7572 SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7572 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7573 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7573 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7574 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7574 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7575 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7575 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7576 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7576 SDL<1.2.15nb27 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7577 SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7577 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7578 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7578 ghostscript-gpl-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages guacamole-server<1.0.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-1340 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7635 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7635 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7636 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7636 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7637 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7637 SDL<1.2.15nb27 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7638 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7638 tiff<4.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7663 gsoap>=2.7<2.8.75 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7659 webkit-gtk<2.22.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0001.html py{27,34,35,36,37,38}-django<1.11.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 py{34,35,36,37,38}-django>=2.0<2.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 py{34,35,36,37,38}-django>=2.1<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 thunderbird-enigmail<2.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15586 seamonkey-enigmail<2.0.6 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15586 evolution<3.31.2 spoofing https://nvd.nist.gov/vuln/detail/CVE-2018-15587 bitcoin>=0.12.0<0.17.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2018-20587 adobe-flash-player<32.0.0.142 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb19-06.html gnome-keyring<3.27.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20781 firefox<65.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/ firefox60<60.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/ msmtp>=1.8.2<1.8.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-8337 thunderbird<60.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/ nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-8343 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8354 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8355 sox-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8356 sox-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-8357 hiawatha<10.8.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-8358 tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8376 tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8377 tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8381 advancecomp<2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8379 advancecomp<2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8383 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8396 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8397 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8398 zabbix<3.4.4rc1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2016-10742 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8423 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8424 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-8425 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-8426 zoneminder-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8427 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8428 zoneminder-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8429 file<5.36 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8904 file<5.36 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8905 file<5.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8906 file<5.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8907 qemu<4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3812 ansible<2.6.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-3828 liblive<20181017 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-4013 liblive<20181126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6256 wordpress<5.0.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8942 wordpress-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-8943 py{27,34,35,36,37,38}-sqlalchemy<1.3.0b3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7164 php{56,70,71,72,73}-drupal>=8<8.6.10 remote-code-execution https://www.drupal.org/SA-CORE-2019-003 php<5.6.39 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 php>=7.0<7.0.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 php>=7.1<7.1.25 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 php>=7.2<7.2.13 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20783 tor<0.3.5.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8955 bind>=9.11<9.11.5pl4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5744 bind>=9.11<9.11.5pl4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5745 bind>=9.11<9.11.5pl4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6465 bind>=9.12<9.12.3pl4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-5744 bind>=9.12<9.12.3pl4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5745 bind>=9.12<9.12.3pl4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-6465 php56-xmlrpc<5.6.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php71-xmlrpc<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php72-xmlrpc<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php73-xmlrpc<7.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9020 php>=5.6<5.6.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.1<7.1.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.2<7.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.3<7.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9021 php>=7.1<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022 php>=7.2<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022 php>=7.3<7.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9022 php56-mbstring<5.6.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php71-mbstring<7.1.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php72-mbstring<7.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php73-mbstring<7.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9023 php56-xmlrpc<5.6.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php71-xmlrpc<7.1.26 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php72-xmlrpc<7.2.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php73-xmlrpc<7.3.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9024 php73-mbstring<7.3.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9025 matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9026 matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9027 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9028 matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9029 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9030 matio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9031 matio-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9032 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9033 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9034 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9035 matio-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9036 matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9037 matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9038 binutils<2.35 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9070 binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9071 #binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9072 binutils<2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9073 binutils<2.33 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9074 binutils<2.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9075 binutils<2.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9076 binutils<2.33 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9077 vim<8.1.0633 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20786 webkit-gtk<2.24.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8375 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9113 ming-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9114 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9143 exiv2<0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9144 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9151 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9152 openssl<1.0.2r oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-1559 podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9199 poppler<0.75.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9200 podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20797 advancecomp<2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9210 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9211 wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208 wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208 wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9209 wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9209 wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214 wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214 liblive<20190227 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9215 ikiwiki<3.20190228 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-9187 asterisk>=15.0<15.7.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html asterisk>=16.0<16.2.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737 nodejs>=8<8.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737 nodejs>=10<10.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737 nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5739 poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9543 poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9545 python27<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1752 python27<2.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python34<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python35<3.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python36<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 python37<3.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5010 consul>=1.4<1.4.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-8336 openssl>=1.1.0<1.1.0k security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-1543 openssl>=1.1.1<1.1.1c security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-1543 samba>=4.1<4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3824 webmin-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9624 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9587 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9588 xpdf<4.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9589 xenkernel45-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel46-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel48-[0-9]* memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel411<4.11.1nb1 memory-leak https://xenbits.xen.org/xsa/advisory-284.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-285.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-287.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-288.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-290.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-291.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-292.html xenkernel45-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel46-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel411<4.11.1nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-293.html xenkernel45-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel46-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel411<4.11.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-294.html xenkernel45-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel46-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools45-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools46-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages trafficserver<7.1.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-11783 gdk-pixbuf2<2.38.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12447 libjpeg-turbo<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14498 binutils<2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14038 go-dns<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17419 ImageMagick6<6.9.10.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7175 ImageMagick<7.0.8.25 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-7175 poppler<0.76.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9631 botan>=1.11.20<2.8.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-20187 glib2<2.59.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9633 python27<2.7.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python34<3.4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python35<3.5.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python36<3.6.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 python37<3.7.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9636 php>=7.1<7.1.27 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637 php>=7.2<7.2.16 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637 php>=7.3<7.3.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-9637 php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638 php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638 php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9638 php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639 php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639 php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9639 php71-exif<7.1.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640 php72-exif<7.2.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640 php73-exif<7.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9640 php71-exif<7.1.27 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641 php72-exif<7.2.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641 php73-exif<7.3.3 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-9641 ntp<4.2.8p13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8936 libofx-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9656 podofo<0.9.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9687 vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9704 vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9705 vixie-cron-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9706 ruby24-base<2.4.5nb1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320 ruby25-base<2.5.3nb2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320 ruby26-base<2.6.1nb1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-8320 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8321 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8322 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8323 ruby24-base<2.4.5nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324 ruby25-base<2.5.3nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324 ruby26-base<2.6.1nb1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8324 ruby24-base<2.4.5nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325 ruby25-base<2.5.3nb2 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325 ruby26-base<2.6.1nb1 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2019-8325 py{27,34,35,36,37}-notebook<5.7.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-9644 ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9718 ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9721 ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9718 ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9721 xmltooling<3.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9628 python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python36<3.6.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9740 go111-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9741 gpsd>=2.90<3.18 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-17937 wordpress<5.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-9787 liblive<20190203 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-7314 qemu<4.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-9824 ruby{22,23,24,25,26}-actionpack42<4.2.11.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418 ruby{22,23,24,25,26}-actionpack51<5.1.6.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418 ruby{22,23,24,25,26}-actionpack52<5.2.2.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-5418 ruby{22,23,24,25,26}-actionpack42<4.2.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419 ruby{22,23,24,25,26}-actionpack51<5.1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419 ruby{22,23,24,25,26}-actionpack52<5.2.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5419 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3855 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3856 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3857 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3858 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3859 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3860 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3861 libssh2<1.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-3862 libssh2<1.8.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-3863 firefox<66.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/ firefox60<60.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/ php{56,70,71,72,73}-drupal>=7<7.65 cross-site-scripting https://www.drupal.org/SA-CORE-2019-004 php{56,70,71,72,73}-drupal>=8<8.6.13 cross-site-scripting https://www.drupal.org/SA-CORE-2019-004 ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3835 ghostscript-agpl<9.27 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3835 ghostscript-gpl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3838 ghostscript-agpl<9.27 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3838 dropbear<2013.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-2659 p5-Email-Address-List<0.06 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18898 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19191 qt5-qtbase<5.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19872 haproxy<1.8.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20615 libsndfile<1.0.28nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3832 qemu<4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-6501 qemu<4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6778 qemu<4.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-8934 moodle>=3.5<3.5.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-6970 xpdf<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9877 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9878 putty<0.71 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-9894 putty<0.71 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9895 putty<0.71 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9897 putty<0.71 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-9898 poppler<0.75.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9903 graphviz-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9904 powerdns<4.0.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3871 powerdns>=4.1.0<4.1.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-3871 fuse-ntfs-3g-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-9755 gtar-base<1.32 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9923 bash<4.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9924 sqlite3<3.28.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9936 sqlite3<3.28.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9937 firefox<66.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/ firefox60<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ python27<2.7.17 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python34-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python35-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python36-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python37<3.7.4 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-9947 python27<2.7.17 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python34-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python35-[0-9]* restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python36<3.6.9 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 python37<3.7.4 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9948 ImageMagick6<6.9.10.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956 ImageMagick<7.0.8.35 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9956 gitea<1.16.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-15192 ap24-auth-mellon<0.14.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-3877 ap24-auth-mellon<0.14.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3878 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10018 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10019 xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10020 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10021 xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10022 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10023 xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10024 xpdf<4.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10025 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-10026 moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3808 moodle<3.1.16 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-3809 moodle<3.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3810 gvfs<1.39.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3827 elasticsearch<6.6.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-7611 thunderbird<60.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/ thunderbird<60.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-12/ prometheus<2.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3826 moodle<3.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3848 moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3849 moodle<3.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-3850 moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3851 moodle<3.6.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-3852 consul<1.4.4 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9764 qemu<4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20815 gnutls>=3.5.8<3.6.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-3829 gnutls>=3.6.4<3.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3836 glpi<9.4.1.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10231 glpi<9.4.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10232 glpi<9.4.1.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2019-10233 libvirt<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3840 moodle<3.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-3847 znc<1.7.3rc1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9917 jetty<9.4.12.20180830 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12545 jetty-7.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dovecot<2.3.5.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7524 py{27,34,35,36,37,38}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10255 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10649 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10649 ImageMagick6<6.9.10.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10650 ImageMagick<7.0.8.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10650 lzo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10654 bwa-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10269 apache>=2.4.17<2.4.39 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-0196 apache>=2.4.34<2.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0197 apache>=2.4.17<2.4.39 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-0211 apache>=2.4.27<2.4.39 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-0215 apache>=2.4<2.4.39 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-0217 apache>=2.4<2.4.39 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-0220 ImageMagick6<6.9.10.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-10714 ImageMagick<7.0.8.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-10714 sqlite3<3.25.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20505 sqlite3<3.25.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-20506 cups<2.2.10 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2018-4300 podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10723 py{27,34,35,36,37,38}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10856 libvirt>=4.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-3886 py27-trytond<4.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10868 poppler<0.81.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10871 poppler<0.77.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10872 poppler<0.76.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-10873 teeworlds<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10877 teeworlds<0.7.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-10878 teeworlds<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10879 roundup-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10904 py{27,34,35,36,37,38}-jinja2<2.8.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2016-10745 py{27,34,35,36,37,38}-jinja2<2.10.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10906 php{56,70,71,72,73}-roundcube-plugin-enigma-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10740 claws-mail-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10735 trojita-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10734 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10894 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10895 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10896 wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10897 wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10898 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10899 wireshark>=3.0<3.0.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-10900 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10901 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10902 wireshark<2.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903 wireshark>=2.6<2.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903 wireshark>=3.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10903 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11005 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11006 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11007 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11008 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11009 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11010 clamav>=0.101<0.101.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1785 clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1786 clamav<0.100.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1787 clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1787 clamav<0.100.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-1788 clamav>=0.101<0.101.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-1788 clamav<0.100.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1789 clamav>=0.101<0.101.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1789 clamav>=0.101<0.101.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-1798 graphviz-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-11023 libsixel<1.8.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-11024 cacti<1.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11025 poppler<0.76.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-11026 wget<1.20.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5953 samba>=4.9<4.10.2 information-disclosure https://www.samba.org/samba/security/CVE-2019-3870.html samba>=3.2.0<4.10.2 symlink-attack https://www.samba.org/samba/security/CVE-2019-3880.html php{56,70,71,72,73}-contao35<3.5.39 improper-session-handling https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10641 ruby22-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby23-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adobe-flash-player<32.0.0.171 information-disclosure https://helpx.adobe.com/security/products/flash-player/apsb19-19.html jenkins-lts<2.164.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-04-10/ jenkins<2.172 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-04-10/ gradle>=1.4<5.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-11065 wpa_supplicant<2.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-9494 wpa_supplicant<2.8 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-9495 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9496 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9497 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9498 wpa_supplicant<2.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-9499 apache-tomcat>=8.5.0<8.5.38 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0199 apache-tomcat>=9.0.0<9.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0199 webkit-gtk<2.24.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0002.html libxslt<1.1.34 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2019-11068 lighttpd<1.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11072 magento<1.9.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-7139 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11221 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11222 gitea<1.8.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-11228 gitea<1.8.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11229 py{27,34,35,36,37,38}-urllib3<1.25 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-11236 png<1.6.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14048 png<1.6.37 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14550 dovecot<2.3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10691 php{56,70,71,72,73}-contao35<3.5.37 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2018-20028 wpa_supplicant<2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11555 libvirt<1.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-10746 php71-exif<7.1.28 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034 php72-exif<7.2.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034 php73-exif<7.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11034 php71-exif<7.1.28 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035 php72-exif<7.2.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035 php73-exif<7.3.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11035 py{27,34,35,36,37,38}-urllib3<1.24.2 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11324 ffmpeg2<2.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338 ffmpeg3<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338 ffmpeg4<4.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11338 ffmpeg4<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11339 teamspeak-client<3.2.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11351 qemu<4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5008 libmediainfo<20.03 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11372 libmediainfo<20.03 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11373 php{56,70,71,72,73}-drupal>=8<8.6.15 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-005 php{56,70,71,72,73}-drupal>=7<7.66 cross-site-scripting https://www.drupal.org/SA-CORE-2019-006 php{56,70,71,72,73}-drupal>=8<8.6.15 cross-site-scripting https://www.drupal.org/SA-CORE-2019-006 ekiga<3.3.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-1830 freeradius<3.0.19 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-11234 freeradius<3.0.19 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11235 bwa-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11371 py27-mercurial<4.9 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-3902 jetty<9.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10241 jetty<9.2.27.20190418 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10247 evince-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11459 gnome-desktop<3.30.2.2 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-11460 nautilus<3.30.6 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-11461 lepton-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20819 lepton-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20820 libsass<3.6.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20821 libsass<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20822 ImageMagick<7.0.8.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11470 ImageMagick6<6.9.10.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11470 ImageMagick<7.0.8.41 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-11472 ImageMagick<6.9.10.41 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2019-11472 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11473 GraphicsMagick<1.3.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11474 mariadb-server>=5.5<5.5.64 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL mysql-server>=5.6<5.6.44 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL mysql-server>=5.7<5.7.26 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL mysql-server>=8.0<8.0.16 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL oracle-{jdk,jre}8<8.0.203 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA openjdk8<1.8.203 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixJAVA wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11498 gst-plugins1-base<1.16.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9928 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11505 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11506 bind>=9.11<9.11.6pl1 denial-of-service https://kb.isc.org/docs/cve-2018-5743 bind>=9.12<9.12.4pl1 denial-of-service https://kb.isc.org/docs/cve-2018-5743 bind>=9.12<9.12.4pl1 denial-of-service https://kb.isc.org/docs/cve-2019-6467 firefox<58.0.1 arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/ gitea<1.8.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-11576 dhcpcd<7.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11577 dhcpcd<7.2.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2019-11578 dhcpcd<7.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11579 bind>=9.6<9.11.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nss<3.39 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2018-12384 bugzilla<4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-5123 ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11597 ImageMagick6<6.9.10.42 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11597 ImageMagick<7.0.8.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11598 ImageMagick6<6.9.10.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11598 memcached<1.5.14 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-11596 filezilla<3.41.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-5429 dovecot<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11494 dovecot<2.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11499 npm<6.2.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2018-20834 ImageMagick<7.0.7.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10131 php71-exif<7.1.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036 php72-exif<7.2.18 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036 php73-exif<7.3.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11036 u-boot<2019.07 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11690 php{56,70,71,72,73}-imagick<3.4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11037 dhcpcd<7.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11766 kauth<5.55 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-7443 mpg123<1.25.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-12839 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12805 ImageMagick<7.0.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-12806 haproxy<1.9.7 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11323 go-crypto<0.0.20190320 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-11840 libreoffice<6.2.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9847 postgresql94-server<9.4.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql95-server<9.5.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql96-server<9.6.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql10-server<10.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql11-server<11.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10129 postgresql95-server<9.5.17 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql96-server<9.6.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql10-server<10.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql11-server<11.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10130 postgresql91-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql92-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql93-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages u-boot<2019.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11059 sqlite3<3.28.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-5018 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3839 ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-3839 go-crypto<0.0.20190426 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-11841 rust>=1.34<1.34.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-12083 adobe-flash-player<32.0.0.192 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-26.html xenkernel48-[0-9]* side-channel https://xenbits.xen.org/xsa/advisory-297.html xenkernel411<4.11.2 side-channel https://xenbits.xen.org/xsa/advisory-297.html samba>=4.0<4.10.3 invalid-validation https://www.samba.org/samba/security/CVE-2018-16860.html php{56,70,71,72,73}-drupal>=7<7.67 path-traversal https://www.drupal.org/SA-CORE-2019-007 php{56,70,71,72,73}-drupal>=8<8.6.16 path-traversal https://www.drupal.org/SA-CORE-2019-007 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12126 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12127 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2018-12130 intel-microcode-netbsd<20190618 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-11091 capstone<4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2016-7151 heimdal<7.6.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2018-16860 heimdal<7.6.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-12098 miniupnpd-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12107 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12108 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12109 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12110 miniupnpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12111 rdesktop<1.8.5 multiple-vulnerabilities https://github.com/rdesktop/rdesktop/releases/tag/v1.8.5 webkit-gtk<2.24.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0003.html freeimage-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12211 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12212 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12213 freeimage-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12214 SDL2_image<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12216 SDL2_image<2.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12217 SDL2_image<2.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12218 SDL2_image<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12219 SDL2_image<2.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12220 SDL2_image<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12221 SDL2_image<2.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12222 php-[0-9]* security-bypass https://seclists.org/bugtraq/2019/May/52 caff<2.10 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12222 qemu<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12155 thunderbird-enigmail<2.0.11 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12269 seamonkey-enigmail<2.0.11 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12269 curl>=7.62.0<7.65.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5435 gnurl>=7.62.0<7.65.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5435 curl>=7.19.4<7.65.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5436 gnurl>=7.19.4<7.65.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5436 firefox<67.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/ cliqz<1.27.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/ firefox60<60.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/ thunderbird<60.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/ wordpress-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-6514 gcc48-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc49-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc5-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc6-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc7-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gcc8-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-12886 gzip<1.3.9 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2003-0367 ghostscript-agpl<9.23 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15652 ghostscript-gpl-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2017-15652 zookeeper<3.4.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-0201 poppler<0.77.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12293 wireshark<2.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295 wireshark>=2.6<2.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295 wireshark>=3.0<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12295 py{27,34,35,36,37,38}-buildbot<1.8.2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-12300 libwebp<0.5.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2016-9969 ampache-[0-9]* php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2017-18375 tor-browser<8.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12383 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12360 horde-[0-9]* remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-9858 glib2>=2.15.0<2.60.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12450 gvfs<1.41.3 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-12448 gvfs<1.41.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12447 gvfs<1.41.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12449 apache-roller>=5.1<5.2.2 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2018-17198 apache-tomcat>=7.0.0<7.0.94 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221 apache-tomcat>=8.5.0<8.5.40 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221 apache-tomcat>=9.0.0.M1<9.0.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0221 sqlite3>=3.6.0<3.28.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12481 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-12482 gpac<0.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12483 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12493 gd<2.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php71-gd<7.1.30 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php72-gd<7.2.19 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php73-gd<7.3.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11038 php71-iconv<7.1.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039 php72-iconv<7.2.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039 php73-iconv<7.3.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-11039 php71-exif<7.1.30 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040 php72-exif<7.2.19 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040 php73-exif<7.3.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11040 R-RSQLite<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12515 py{27,34,35,36,37,38}-django<1.11.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308 py{34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308 py{34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358 ffmpeg2<2.8.16 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730 ffmpeg3<3.4.7 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730 ffmpeg4<4.1.4 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12730 exim>=4.87<4.92 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10149 php{56,70,71,72,73}-phpmyadmin<4.9.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-11768 php{56,70,71,72,73}-phpmyadmin<4.9.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12616 vim<8.1.1365 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12735 mantis<2.13.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2018-9839 py{27,34,35,36,37,38}-parso-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12760 py{27,34,35,36,37,38}-xdg<0.26 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12761 python34-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19800 aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19802 aubio>=0.4.0<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-19801 bind>=9.12<9.13 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python27<2.7.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 python35-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 python36<3.6.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 python37<3.7.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10160 cyrus-imapd>=2.5<2.5.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11356 cyrus-imapd>=3.0<3.0.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11356 consul>=1.4<1.4.5 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-12291 consul>=1.5<1.5.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-12291 py{27,34,35,36,37,38}-twisted<19.2.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-12387 dbus<1.12.16 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12749 ruby{22,23,24,25,26}-ruby-openid-[0-9]* remote-unknown https://nvd.nist.gov/vuln/detail/CVE-2019-11027 radare2<3.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12790 adobe-flash-player<32.0.0.207 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-30.html gvfs<1.40.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12795 mediawiki<1.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358 mediawiki<1.32.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-12466 mediawiki<1.32.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12467 mediawiki<1.32.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12468 mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12469 mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12470 mediawiki<1.32.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12471 mediawiki<1.32.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12472 mediawiki<1.32.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12473 mediawiki<1.32.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12474 vlc<3.0.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5439 mupdf<1.15.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7321 mupdf<1.15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12798 radare2<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12802 radare2<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12829 radare2<3.6.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-12865 znc<1.7.3nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12816 php{56,71,72,73}-orangehrm<4.3.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12839 webmin-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12840 py{27,34,35,36,37,38}-twisted-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-12855 php{56,71}-concrete5<8.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-19146 thunderbird<60.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/ vlc<3.0.7 multiple-vulnerabilities https://www.videolan.org/developers/vlc-branch/NEWS bash<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2012-6711 vlc<3.0.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-12874 firefox<67.0.3 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ cliqz<1.27.3 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ firefox60<60.7.1 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ tor-browser<8.5.60.7.1 denial-of-service https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/ samba>=4.0<4.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12435 samba>=4.0<4.10.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12436 bind>=9.11<9.11.8 denial-of-service https://kb.isc.org/docs/cve-2019-6471 bind>=9.12<9.12.4pl2 denial-of-service https://kb.isc.org/docs/cve-2019-6471 bind>=9.14<9.14.3 denial-of-service https://kb.isc.org/docs/cve-2019-6471 bzip2<1.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-12900 libgcrypt<1.8.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-12904 firefox<67.0.4 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ cliqz<1.27.4 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ firefox60<60.7.2 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ tor-browser<8.5.60.7.2 sandbox-escape https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ thunderbird<60.7.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/ mantis<2.17.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-16514 apache-tomcat>=8.5.0<8.5.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10072 apache-tomcat>=9.0.0.M1<9.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10072 postgresql10-server<10.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10164 postgresql11-server<11.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10164 libvirt>=0.9.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10161 libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10166 libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10167 libvirt-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10168 powerdns<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10162 powerdns>=4.1.0<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10162 powerdns<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10163 powerdns>=4.1.0<4.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10163 expat<2.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20843 xpdf>=4.0<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12957 xpdf>=4.0<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12958 binutils<2.33 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12972 openjpeg<2.3.1 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2018-20845 openjpeg<2.3.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20847 moodle>=3.6<3.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 moodle>=3.5<3.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 moodle>=3.4<3.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 moodle>=3.1<3.1.18 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10133 openjpeg<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20846 moodle>=3.6<3.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10154 ImageMagick<7.0.8.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12974 ImageMagick6<6.9.10.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12974 openjpeg<2.3.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12973 ImageMagick<7.0.8.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12975 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12975 ImageMagick<7.0.8.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12976 ImageMagick6<6.9.10.35 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-12976 ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12977 ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12977 moodle>=3.6<3.6.4 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 moodle>=3.5<3.5.6 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 moodle>=3.4<3.4.9 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 moodle>=3.1<3.1.18 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-10134 ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12979 ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12979 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12980 ming-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12981 ming-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12982 ImageMagick<7.0.8.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12978 ImageMagick6<6.9.10.35 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-12978 glib2<2.59.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13012 FlightCrew<0.7.2nb62 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13032 irssi<1.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045 irssi>=1.1.0<1.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045 irssi>=1.2.0<1.2.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13045 ap{22,24}-auth-mellon-[0-9]* open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-13038 zoneminder-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13072 grafana<6.2.5 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2019-13068 tor-browser<9.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13075 matio<1.5.16 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13107 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13109 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13111 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13112 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13113 exiv2<0.27.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13110 libxslt<1.1.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13117 exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13114 libxslt<1.1.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13118 exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13108 dosbox<0.74.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-7165 dosbox<0.74.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12594 py{27,34,35,36,37,38}-django>=1.11<1.11.22 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 py{34,35,36,37,38}-django>=2.1<2.1.10 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 py{34,35,36,37,38}-django>=2.2<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 squirrelmail<1.4.23pre14832 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12970 libaudiofile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13147 ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13134 ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13133 ImageMagick<7.0.8.50 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-13135 ImageMagick6<6.9.10.50 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-13135 ImageMagick<7.0.8.50 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13136 ImageMagick<7.0.8.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13137 ImageMagick6<6.9.10.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13137 virt-manager>=2.2.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-10183 qemu<4.1.0 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13164 SDL2_image<2.0.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5052 SDL2_image<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5051 nsd<4.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13207 intellij-ue-bin<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9872 intellij-ue-bin<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9873 intellij-idea-ce<2017.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9186 intellij-idea-ce<2018.1.8 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2019-9823 intellij-ue-bin<2017.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-10104 glpi<9.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13239 FlightCrew<0.9.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-13241 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13281 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13282 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13283 xpdf<4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13286 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13287 xpdf<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13288 xpdf<4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13289 xpdf<4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13291 mupdf<1.15.0nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13290 unzip<6.0nb11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13232 squid-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-13345 ffmpeg4<4.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13312 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13309 ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13309 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13310 ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13310 ImageMagick<7.0.8.52 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13311 ImageMagick6<6.9.10.52 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13311 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13307 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13307 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13308 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13308 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13305 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13305 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13303 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13306 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13306 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13304 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13304 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13302 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13300 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13300 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13298 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13299 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13301 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13297 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13297 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13296 ImageMagick<7.0.8.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13295 ImageMagick6<6.9.10.50 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-13295 ffmpeg3<3.4.7 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13390 ffmpeg4<4.2.1 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13390 ImageMagick<7.0.8.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13391 ImageMagick6<6.9.10.50 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13391 libtomcrypt<1.18.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-0739 gnupg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13050 gnupg2<2.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13050 ImageMagick<7.0.8.54 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13454 ImageMagick6<6.9.10.54 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-13454 php{56,70,71,72}-contao44<4.4.39 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-11512 zeromq<4.3.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13132 firefox<68.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/ cliqz<1.28.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/ firefox60<60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ tor-browser<8.5.60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ php<7.0.18 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2017-7189 png<1.6.32 unspecified https://nvd.nist.gov/vuln/detail/CVE-2017-12652 oniguruma<6.9.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-13224 oniguruma<6.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13225 glpi<9.4.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-13240 exiv2<0.27.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-13504 asterisk>=13.0<13.27.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html asterisk>=15.0<15.7.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html asterisk>=16.0<16.4.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-002.html asterisk>=13.0<13.27.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html asterisk>=15.0<15.7.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html asterisk>=16.0<16.4.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-003.html apache-roller<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-0234 slurm-wlm<18.08.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12838 kafka>=0.11.0.0<2.1.1 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-17196 redis<5.0.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10192 redis<5.0.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10193 gitea<1.7.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010314 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010315 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010317 wavpack<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010319 squid<4.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-12525 squid<4.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12527 squid<4.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12529 glpi<9.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010310 python27<2.7.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python34<3.4.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python35<3.5.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python36<3.6.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 python37<3.7.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20852 sox-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13590 sox-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010004 evince<3.28.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010006 vlc<3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13602 libmspack<0.10alpha buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010305 thunderbird<60.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/ ruby{22,23,24,25,26}-mini-magick<4.9.4 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13574 rust<1.30.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-1010299 jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010301 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010302 glpi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010307 cfitsio<3.43 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010060 libssh2<1.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13115 libebml<1.3.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13615 SDL<1.2.15nb31 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13616 SDL2<2.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13616 gpac<0.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13618 libreoffice<6.2.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9848 libreoffice<6.2.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-9849 jenkins-lts<2.176.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-07-17/ jenkins<2.186 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-07-17/ nfdump<1.6.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010057 py{27,34,35,36,37,38}-flask<1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010083 SDL2<2.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13626 wireshark<2.4.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619 wireshark>=2.6<2.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619 wireshark>=3.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13619 patch-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2019-13636 sleuthkit<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010065 abcm2ps<8.13.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010069 gitea<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-1010261 salt<2019.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-1010259 vlc<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13962 mongodb<3.0.7 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2015-7882 scapy<2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010142 pango<1.42.4nb5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1010238 proftpd<1.3.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-12815 oracle-{jdk,jre}8<8.0.213 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA openjdk8<1.8.213 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixJAVA poppler<0.79.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9959 haproxy>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14241 haproxy>=1.9<1.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14241 binutils>=2.21<2.32 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010204 tcpdump-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-1010220 cherokee-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010218 nasm<2.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14248 binutils<2.33 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14250 libdwarf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14249 mpg321-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-14247 mgetty<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010189 mgetty<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-1010190 mysql-server>=5.6<5.6.45 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL mysql-server>=5.7<5.7.27 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL mysql-server>=8.0<8.0.17 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL zstd<1.3.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11922 exim>=4.85<4.92.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-13917 mcpp-[0-9]* multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-14274 fig2dev<3.2.7b buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14275 openldap-server<2.4.48 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-13057 openldap-server<2.4.48 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-13565 patch-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-13638 upx-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14296 upx-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14295 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14293 xpdf<4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14294 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14292 xpdf<4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14288 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14291 xpdf<4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14290 xpdf<4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14289 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14368 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14369 exiv2<0.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14370 ioquake3-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010043 ruby{22,23,24,25,26}-yard<0.9.20 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-1020001 u-boot<2019.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13103 jabberd<=2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages freetype2<2.6.1 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2015-9290 cryptopp<8.3.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-14318 libopenmpt<0.4.3 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14381 binutils<2.33 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14444 openssl<1.0.2t multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt openssl>=1.1.0<1.1.0l multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt openssl>=1.1.1<1.1.1d multiple-vulnerabilities https://www.openssl.org/news/secadv/20190730.txt ansible>=2.0<2.6.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156 ansible>=2.7<2.7.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156 ansible>=2.8<2.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10156 libopenmpt<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14382 libopenmpt<0.3.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20861 libopenmpt<0.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14380 libopenmpt<0.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14383 Sigil<0.9.16 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-14452 yarn<1.17.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-5448 php{56,70,71,72}-nextcloud<15.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-5449 vlc<3.0.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-5460 vlc<3.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-5459 u-boot<2019.10 multiple-vulnerabilities https://blog.semmle.com/uboot-rce-nfs-vulnerability/ yara<3.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5020 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5057 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5058 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5059 SDL2_image<2.0.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5060 pixman<0.32.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-5297 moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10187 moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10188 moodle<3.7.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-10186 moodle<3.7.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10189 schismtracker<20190805 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14465 nfdump<1.6.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14459 milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14464 libopenmpt<0.3.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20860 gdb<9.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010180 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14486 opencv<3.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14491 opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14491 poppler<0.79.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14494 3proxy<0.8.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-14495 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14468 opencv<3.4.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14492 opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14492 opencv<3.4.7 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14493 opencv>=4.0<4.1.1 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14493 milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14496 milkytracker<1.03.00 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14497 dnsmasq<2.76 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14513 py{27,34,35,36,37,38}-django>=1.11<1.11.23 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ py{34,35,36,37,38}-django>=2.1<2.1.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ py{34,35,36,37,38}-django>=2.2<2.2.4 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14528 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14531 sleuthkit-[0-9]* off-by-one https://nvd.nist.gov/vuln/detail/CVE-2019-14532 schismtracker<20190805 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2019-14523 schismtracker<20190805 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14524 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14541 seamonkey-enigmail<2.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-14664 thunderbird-enigmail<2.1 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-14664 magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-13 magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-23 magento<1.9.4.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 magento>=2.1<2.1.18 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 magento>=2.2<2.2.9 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 magento>=2.3<2.3.2 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33 brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14662 brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14663 brandybasic-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14665 subversion-base<1.12.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2019-0203 subversion-base<1.12.1 denial-of-service https://security-tracker.debian.org/tracker/CVE-2018-11782 elasticsearch<6.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7614 elasticsearch>=7.0.0<7.2.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7614 mariadb-server>=5.5<5.5.65 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL mongodb<3.4.22 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-2386 mongodb>=4<4.0.9 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-2386 u-boot<2019.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13104 u-boot<2019.07 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-13105 u-boot<2019.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-13106 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14690 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14691 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14692 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14732 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14733 adplug<2.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14734 kconfig<5.61.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-14744 radare2<3.7.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14745 postgresql94-server<9.4.24 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql95-server<9.5.19 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql96-server<9.6.15 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql10-server<10.10 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql11-server<11.5 arbitrary-sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-10208 postgresql11-server<11.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10209 php71-exif<7.1.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041 php72-exif<7.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041 php73-exif<7.3.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11041 php71-exif<7.1.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042 php72-exif<7.2.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042 php73-exif<7.3.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11042 ruby{22,23,24,25,26}-nokogiri<1.10.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-5477 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14982 ImageMagick6<6.9.10.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14980 ImageMagick<7.0.8.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14980 ImageMagick6<6.9.10.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14981 ImageMagick<7.0.8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14981 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10216 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-10216 go111<1.11.13 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14809 go112<1.12.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14809 nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nginx<1.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nginx>=1.17<1.17.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nghttp2<1.39.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nghttp2<1.39.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 go111<1.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 go111<1.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 go112<1.12.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 go112<1.12.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 h2o<2.2.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 libexosip<5.0.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2014-10375 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14973 mupdf<1.16.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14975 apache>=2.4<2.4.41 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 apache>=2.4<2.4.41 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10081 apache>=2.4<2.4.41 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10082 apache>=2.4<2.4.41 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-10092 apache>=2.4<2.4.41 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-10097 apache>=2.4<2.4.41 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-10098 gradle<5.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15052 firefox<68.0.2 sensitive-information-disclosure https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/ cliqz<1.28.2 sensitive-information-disclosure https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/ squid>=4<4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12854 wpa_supplicant<2.9 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-13377 patch-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20969 webmin>=1.882<1.930 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15107 libreoffice<6.2.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9850 libreoffice<6.2.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9851 libreoffice<6.2.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-9852 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 nodejs<8.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 nodejs>=10<10.16.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 nodejs>=12<12.8.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 nodejs-6.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages cups-base<2.2.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8675 cups-base<2.2.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-8696 zabbix-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-15132 giflib<5.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15133 ImageMagick<7.0.8.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15139 ImageMagick6<6.9.10.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15139 ImageMagick<7.0.8.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15140 ImageMagick6<6.9.10.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15140 ImageMagick<7.0.8.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15141 ImageMagick6<6.9.10.43 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15141 djvulibre-lib<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15142 djvulibre-lib<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15143 djvulibre-lib<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15144 djvulibre-lib<3.5.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15145 adplug<2.3.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-15151 ruby{22,23,24,25,26}-rest-client>=1.6.10<1.6.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15224 webmin<1.930 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15231 php{56,70,71,72,73}-roundcube-[0-9]* homograph-attack https://nvd.nist.gov/vuln/detail/CVE-2019-15237 faad2<2.8.8nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15296 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14437 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14438 vlc<3.0.8 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14498 vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14533 vlc<3.0.8 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-14534 vlc<3.0.8 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-14535 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14776 vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14777 vlc<3.0.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-14778 vlc<3.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14970 sphinxsearch-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14511 mantis<2.21.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15074 py{27,34,35,36,37,38}-nltk<3.4.5 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-14751 ampache<4.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12386 ampache<4.0.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-12385 php{56,71,72,73}-tiki6-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15314 py{27,34,35,36,37,38}-httpie<1.0.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-10751 libextractor<1.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15531 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9511 trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9512 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9513 trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9514 trafficserver>=6.0.0<7.1.7 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 trafficserver>=8.0.0<8.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9515 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9516 trafficserver-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9517 trafficserver>=6.0.0<7.1.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 trafficserver>=8.0.0<8.0.5 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9518 trafficserver>=6.0.0<7.1.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-10079 trafficserver>=8.0.0<8.0.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-10079 qemu<4.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14378 webkit-gtk<2.24.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0004.html irssi>=1.2.0<1.2.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-15717 inspircd>=3.0.0<3.1.0 use-after-free https://docs.inspircd.org/security/2019-01/ inspircd<2.0.28 null-pointer-dereference https://docs.inspircd.org/security/2019-02/ inspircd>=3.0.0<3.3.0 null-pointer-dereference https://docs.inspircd.org/security/2019-02/ grafana<6.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15043 php{56,70,71,72,73}-contao35-3.* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jasper<2.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14232 webmin-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15641 webmin<1.930 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15642 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13451 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13452 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13273 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13455 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13274 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13486 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13484 xymon<4.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13485 jenkins-lts<2.176.3 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-08-28/ jenkins<2.191 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-08-28/ nmap<7.80 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-18594 gnuchess-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15767 dovecot<2.3.7.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11500 dovecot-pigeonhole<0.5.7.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11500 teamspeak-client<3.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15502 memcached<1.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15026 gcc7-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-15847 gcc8-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-15847 freetype2<2.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9381 freetype2<2.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9382 freetype2<2.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2015-9383 samba>=4.9<4.10.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-10197 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14811 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14811 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14817 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14817 xpdf>=2.0<3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15860 varnish<6.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15892 expat<2.2.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15903 poppler<0.66.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-21009 seamonkey<2.49.5 multiple-vulnerabilities http://www.seamonkey-project.org/releases/seamonkey2.49.5/ firefox<69.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/ cliqz<1.29.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/ firefox68<68.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/ firefox60<60.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/ tor-browser<8.5.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/ asterisk>=15.0<15.7.4 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-004.html asterisk>=16.0<16.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-004.html asterisk>=13.0<13.28.0 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-005.html asterisk>=16.0<16.5.0 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-005.html ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14813 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14813 openjpeg<2.3.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-21010 exim<4.92.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15846 qemu<5.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-15890 opencv<3.4.8 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-15939 ffmpeg4<4.2.1 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2019-15942 opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15945 opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-15946 bitcoin<0.20.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15947 php56-http<2.6.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-7398 php{70,71,72,73}-http>=3.0.0<3.1.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2016-7398 python27<2.7.17 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 python35-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 python36<3.6.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 python37<3.7.5 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16056 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16088 libreoffice<6.3.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-9854 libreoffice<6.3.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9855 kilo-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16096 imapfilter-[0-9]* ssl-certificate-spoofing https://nvd.nist.gov/vuln/detail/CVE-2016-10937 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16115 bird>=1.6.4<1.6.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird6>=1.6.4<1.6.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird>=2.0.0<2.0.6 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 oniguruma<6.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16163 cflow-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-16165 cflow-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16166 sqlite3>=3.8.5<3.30.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-16168 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14812 ghostscript-agpl<9.50 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2019-14812 openssl<1.0.2t multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt openssl>=1.1.0<1.1.0l multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt openssl>=1.1.1<1.1.1d multiple-vulnerabilities https://www.openssl.org/news/secadv/20190910.txt wpa_supplicant<2.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16275 curl>=7.52.0<7.66.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-5481 curl>=7.19.4<7.66.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5482 ruby{22,23,24,25,26,27,30}-padrino-contrib<0.2.0nb1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16145 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16224 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16225 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16226 py{27,34,35,36,37,38}-lmbd-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16227 py{27,34,35,36,37,38}-lmbd-[0-9]* divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2019-16228 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16217 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16218 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16219 wordpress<5.2.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-16220 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16221 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16222 wordpress<5.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16223 opencv>=4.0<4.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16249 opendmarc-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-16378 thunderbird<60.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/ ibus<1.5.21 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14822 php{56,70,71,72,73}-phpmyadmin<4.9.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-12922 php{56,70,71,72,73}-piwigo<2.10.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-13363 php{56,70,71,72,73}-piwigo<2.10.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-13364 adobe-flash-player<32.0.0.255 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb19-46.html picoc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16277 asterisk>=14<15 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<2.6.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-16319 wireshark>=3.0<3.0.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-16319 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21015 gpac<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21016 gpac<0.8.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-21017 gradle<6.0 weak-hash https://nvd.nist.gov/vuln/detail/CVE-2019-16370 openconnect<8.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16239 gnucobol-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16395 gnucobol-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-16396 mosquitto>=1.6.0<1.6.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-11778 mosquitto>=1.5.0<1.5.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11779 mosquitto>=1.6.0<1.6.6 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-11779 grafana<6.2.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15635 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16705 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16708 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16708 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16709 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16709 ImageMagick<7.0.8.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16710 ImageMagick6<6.9.10.36 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16710 ImageMagick<7.0.8.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16711 ImageMagick6<6.9.10.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16711 ImageMagick<7.0.8.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16712 ImageMagick6<6.9.10.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16712 ImageMagick<7.0.8.43 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-16713 hunspell<1.7.0nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-16707 radare2<3.9.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16718 cacti<1.2.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-16723 go112<1.12.10 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16276 thunderbird<68.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-30/ firefox<69.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/ cliqz<1.29.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/ thunderbird<68.1.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-32/ jenkins-lts<2.176.4 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-09-25/ jenkins<2.197 multiple-vulnerabilities https://jenkins.io/security/advisory/2019-09-25/ unbound<1.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16866 qemu<4.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-12068 e2fsprogs<1.45.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5094 libgcrypt<1.8.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13627 glpi<9.4.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14666 ruby{22,24,25,26}-zip<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16892 mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-16738 mbedtls<2.19.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-16910 libreoffice<6.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9853 exim>=4.92<4.92.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16928 py{27,34,35,36,37,38}-flower-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16925 py{27,34,35,36,37,38}-flower-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16926 xpdf<4.02 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-16927 xpdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17064 python27<2.7.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935 python36<3.6.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935 python37<3.7.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16935 rust<1.26.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-16760 putty<0.73 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-17068 putty<0.73 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17069 pycharm-bin<2019.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14958 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10103 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-10105 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14461 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14462 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14463 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14464 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14465 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14466 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14467 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14468 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14469 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14470 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14879 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14880 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14881 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-14882 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16227 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16228 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16229 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16230 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16300 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16301 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16451 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-16452 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15166 tcpdump<4.9.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15167 libpcap<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15161 libpcap<1.9.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-15162 libpcap<1.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15163 libpcap<1.9.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-15164 libpcap<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15165 libopenmpt<0.4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17113 freerdp-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-17177 py{27,34,35,36,37}-Pillow<6.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16865 libsoup<2.68.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17266 p5-libapreq2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12412 libtomcrypt<1.18.2nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17362 gif2png<3.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-17371 zabbix-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17382 exiv2<0.27.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17402 mantis<2.22.1 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15715 ruby{22,24,25,26}-netaddr<2.0.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-17383 ruby{22,24,25,26}-redmine<3.4.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17427 binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17450 binutils<2.34 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17451 libntlm<1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17455 matio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17533 py{27,34,35,36,37,38}-graphite-web-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2017-18638 ImageMagick<7.0.8.54 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17540 ImageMagick<7.0.8.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17541 ImageMagick6<6.9.10.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17541 ImageMagick<7.0.8.62 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17547 ffmpeg3<3.4.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17539 ffmpeg4<4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-17539 ffmpeg2<2.8.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542 ffmpeg3<3.4.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542 ffmpeg4<4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17542 lz4<1.9.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17543 aspell<0.60.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17544 gdal-lib<3.0.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-17545 tiff<4.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17546 sudo<1.8.28 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-14287 nostromo<1.9.6nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16278 nostromo<1.9.6nb2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16279 ncurses<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17594 ncursesw<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17594 ncurses<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17595 ncursesw<6.1nb7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17595 ruby{22,24,25,26}-haml<5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-1002201 rabbitmq<3.7.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11281 py{27,36,37,38}-reportlab<3.5.27 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-17626 oracle-{jdk,jre}8<8.0.232 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA openjdk8<1.8.232 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA openjdk11<1.11.0.5 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixJAVA mysql-server>=5.6<5.6.46 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL mysql-server>=5.7<5.7.28 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL mysql-server>=8.0<8.0.18 multiple-vulnerabilities https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL bind>=9.14<9.14.7 security-bypass https://kb.isc.org/docs/cve-2019-6475 bind>=9.14<9.14.7 denial-of-service https://kb.isc.org/docs/cve-2019-6476 wordpress<5.2.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17669 wordpress<5.2.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17670 wordpress<5.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17671 wordpress<5.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17672 wordpress<5.2.4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2019-17673 wordpress<5.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17674 wordpress<5.2.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17675 ansible<2.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14846 doas<6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15900 doas<6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15901 libxslt<1.1.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-18197 proftpd<1.3.6b remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18217 t1lib-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox68<68.2.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/ tor-browser<9.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/ firefox<70.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/ cliqz<1.30.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/ thunderbird<68.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/ xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-296.html xenkernel411<4.11.2nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-296.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-298.html xenkernel411<4.11.2nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-298.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-299.html xenkernel411<4.11.2nb2 privilege-escalation https://xenbits.xen.org/xsa/advisory-299.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-302.html xenkernel411<4.11.2nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-302.html ikiwiki<3.20101112 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2010-1673 ikiwiki<3.20110122 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-0428 ikiwiki<3.20110608 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-1408 chicken<4.8.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6122 chicken<4.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-6123 chicken<4.8.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2012-6124 chicken<4.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6125 chicken<4.9.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2024 chicken<4.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-2075 webkit-gtk<2.26.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0005.html elasticsearch<6.8.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-7619 file<5.38 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-18218 freetds<1.1.20 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-13508 go112<1.12.11 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17596 haproxy<2.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-18277 isc-dhcpd<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6470 libarchive<3.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-18408 libidn2<2.2.0 spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-12290 libidn2<2.1.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18224 libssh2<1.10.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17498 libvncserver-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15681 magento<1.9.4.1 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update magento>=2.1<2.1.17 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update magento>=2.2<2.2.8 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update magento>=2.3<2.3.1 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18359 openafs<1.6.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18601 openafs>=1.7<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18601 openafs<1.6.24 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18602 openafs>=1.7<1.8.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18602 openafs<1.6.24 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18603 openafs>=1.7<1.8.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18603 php71-fpm<7.1.33 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043 php72-fpm<7.2.24 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043 php73-fpm<7.3.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-11043 py{27,34,35,36,37,38}-notebook<5.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-21030 python27<2.7.18 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 python36<3.6.11 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 python37<3.7.8 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 python38<3.8.3 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-18348 qt5-qtbase<5.12.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-18281 ruby{22,23,24,25,26}-loofah<2.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15587 thrift<0.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-0205 thrift<0.13.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-0210 tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-8287 tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15678 tightvnc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15679 tightvnc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15680 unoconv<0.9 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-17400 mediawiki<1.18.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0046 mediawiki<1.20.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1951 magento<1.9.4.3 multiple-vulnerabilities https://magento.com/security/patches/supee-11219 MesaLib<19.2.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-5068 clamav<0.101.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12625 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18797 libsass<3.6.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-18798 libsass<3.6.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18799 samba>=4.0<4.10.10 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-10218 samba>=4.0<4.10.10 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2019-14833 samba>=4.0<4.10.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14847 mantis<1.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1930 mantis<1.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1931 mantis<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1932 mantis<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1934 zoo-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2005-2349 snoopy<2.0.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2002-2444 py{24,25,26,27,31}-keyring<0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-5577 libytnef-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2009-3887 mapserver<5.6.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2010-1678 py{26,27,34,35,36}-mercurial<1.6.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2010-4237 bitlbee<3.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-1187 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0206 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0207 transmission<1.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2010-0748 transmission<1.92 unspecified https://nvd.nist.gov/vuln/detail/CVE-2010-0749 icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5331 icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5332 icoutils<0.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-5333 nsd<3.2.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-2979 miniupnpd<1.8.20130607 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-2600 evince<3.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-3718 minidlna<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2738 minidlna<1.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-2739 archivemail<0.7.0 temporary-file-race https://nvd.nist.gov/vuln/detail/CVE-2006-4245 clamav<0.100.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2007-0899 gdm-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-1000002 konversation<1.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2009-5050 mutt<1.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2005-2351 php{56,70,71,72,73}-gettext<1.0.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8980 py{25,26,27,31,32}-pip<1.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2013-5123 py{26,27,32,33}-scipy<0.12.1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2013-4251 ruby{193,200}-nokogiri<1.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6460 ruby{193,200}-nokogiri<1.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-6461 slim<1.3.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2013-4412 smokeping<2.6.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4168 sudo<1.7.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2005-4890 xlockmore-[0-9]* unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2006-0061 xlockmore<5.24 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2006-0062 openttd<1.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0049 tahoe-lafs<1.9.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-0051 djvulibre-lib<3.5.28 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18804 viewvc-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2007-5743 clamav<0.91.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2007-6745 gri<2.12.18 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2008-7291 gource-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2010-2449 shibboleth-sp<2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2010-2450 mantis<1.2.13 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2013-1811 fribidi<1.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18397 webkit-gtk<2.26.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2019-0006.html magento>=2.2<2.2.10 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update magento>=2.3<2.3.3 multiple-vulnerabilities https://magento.com/security/patches/magento-2.3.3-and-2.2.10-security-update mantis<1.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2009-2802 tnef<1.4.18 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-18849 ImageMagick<7.0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-18853 libjpeg-turbo<2.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-2201 py{27,36,37,38}-psutil-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2019-18874 py{26,27,32,33}-twisted<14.0.1 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2014-7143 ghostscript-agpl<9.50nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-14869 ettercap<0.7.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-3844 offlineimap<6.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2010-4532 offlineimap<6.3.4 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2010-4533 poppler<0.16.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2010-4654 poppler<0.16.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-4653 consolekit<0.4.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2010-4664 intel-microcode-netbsd<20191115 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-11135 intel-microcode-netbsd<20191115 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11139 cyrus-imapd>=2.5<2.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18928 cyrus-imapd>=3.0<3.0.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18928 oniguruma>=6.0<6.9.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19012 jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19035 xfce4-thunar<1.3.1 format-string https://nvd.nist.gov/vuln/detail/CVE-2011-1588 rsyslog<5.7.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2011-1488 rsyslog<5.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-1489 rsyslog<5.7.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-1490 php{56,70,71,72,73}-drupal>=7<7.5 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-2726 chrony<1.29.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0021 perdition<2.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2013-4584 unixodbc<2.2.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2011-1145 sniffit-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-5439 unbound<1.9.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-18934 foomatic-rip<4.0.0 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2923 foomatic-rip<4.0.10 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2011-2924 php{56,71,72,73}-tiki6<8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4454 php{56,71,72,73}-tiki6<8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4455 ansible<2.6.19 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10206 ansible<2.9.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-10217 ansible<2.6.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14856 asterisk>=13.0<13.29.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html asterisk>=16.0<16.6.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html asterisk>=17.0<17.0.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-006.html asterisk>=13.0<13.29.2 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html asterisk>=16.0<16.6.2 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html asterisk>=17.0<17.0.1 remote-code-execution https://downloads.asterisk.org/pub/security/AST-2019-007.html asterisk>=13.0<13.29.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-008.html bind>=9.11<9.11.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6477 bind>=9.14<9.14.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6477 gnome-font-viewer-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19308 haproxy<2.0.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19330 jetty>=9.4.23.20191118<9.4.24.20191120 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-17632 libarchive<3.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19221 oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19203 oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19204 oniguruma<6.9.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19246 phpmyadmin<4.9.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-18622 powerdns<4.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10203 powerdns>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-10203 proftpd<1.3.6c verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19270 proftpd<1.3.6 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19271 proftpd<1.3.6 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19272 py{27,36,37,38}-ecdsa<0.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14853 py{36,37,38}-typed-ast<1.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19274 py{36,37,38}-typed-ast<1.3.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19275 rabbitmq<3.7.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11287 rabbitmq<3.7.20 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11291 ruby24-base<2.4.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845 ruby25-base<2.5.7 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845 ruby26-base<2.6.5 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-15845 ruby24-base<2.4.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201 ruby25-base<2.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201 ruby26-base<2.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16201 ruby24-base<2.4.8 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254 ruby25-base<2.5.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254 ruby26-base<2.6.5 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2019-16254 ruby24-base<2.4.8 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255 ruby25-base<2.5.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255 ruby26-base<2.6.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2019-16255 ruby{22,24,25,26}-redmine<3.3.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-18890 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19242 sqlite3<3.31.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-19244 squid<4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12523 squid<4.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12526 squid<4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-18676 squid<4.9 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-18677 squid<4.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-18678 squid<4.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-18679 9base-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-1935 chicken<4.9.0.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-6310 claws-mail-vcalendar<2.0.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-5527 evolution-data-server<3.2.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-3355 gnupg2<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1606 gnupg<1.4.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1607 gnupg2<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-1607 ikiwiki<3.20150329 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2015-2793 lilo>=23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2011-1934 mediawiki<1.20.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1816 mediawiki<1.20.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-1817 moodle<2.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1155 moodle<2.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1156 moodle<2.2.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-1168 nss<3.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-5285 patch<2.7.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2015-1396 php{53,54}-owncloud<4.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-0203 phpldapadmin<0.9.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-4082 py{24,25,26,27,31}-keyring<0.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2012-5578 py{26,27,32,33,34}-rply<0.7.4 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-1938 py27-trytond<2.4.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-2238 py27-xml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-0877 python27<2.7.13 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 python34<3.4.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 python35<3.5.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 python36<3.6.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000110 quagga-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5521 ruby{22,24,25,26}-net-ldap<0.16.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2014-0083 tahoe-lafs<1.8.3 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2011-3617 thttpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-5640 vsftpd<2.3.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2011-2523 wide-dhcpv6-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2011-2717 xscreensaver<5.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-2187 yaws<1.92 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2011-4350 libvpx<1.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9232 libvpx<1.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9325 libvpx<1.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9371 libvpx<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-9433 libpurple-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-1257 py{34,35,36,37,38}-django>=2.1<2.1.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118 py{34,35,36,37,38}-django>=2.2<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118 clamav<0.102.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15961 firefox<71.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/ cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/ firefox68<68.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/ tor-browser<9.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/ php{56,71,72,73}-davical<1.1.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-18345 php{56,71,72,73}-davical<1.1.9 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-18346 php{56,71,72,73}-davical<1.1.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-18347 dia<0.97.3nb21 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-19451 fig2dev<3.2.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19555 freeradius>=3.0.0<3.0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-13456 opensc<0.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19479 opensc<0.20.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19480 opensc<0.20.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19481 proftpd<1.3.6c denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19269 rabbitmq-c<0.10.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18609 zabbix-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2013-7484 xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-304.html xenkernel411<4.11.2nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-304.html xenkernel48-[0-9]* side-channel https://xenbits.xen.org/xsa/advisory-305.html xenkernel411<4.11.2nb1 side-channel https://xenbits.xen.org/xsa/advisory-305.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-306.html xenkernel411<4.11.2nb3 privilege-escalation https://xenbits.xen.org/xsa/advisory-306.html wireshark<2.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19553 wireshark>=3.0.0<3.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19553 radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19590 py{27,36,37,38}-validators<0.12.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-19588 minidlna<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2013-2745 ap{22,24}-fcgid-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000104 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19317 phpmyadmin<4.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-19617 ruby{22,24,25,26}-puma<3.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-16770 openssl<1.0.2u integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1551 openssl>=1.1.0<1.1.1e integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1551 opencv>=4.0<4.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-19624 openslp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5544 htmldoc-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19630 libsixel<1.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19635 libsixel<1.8.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19636 libsixel<1.8.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19637 libsixel<1.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19638 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19647 yara-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19648 ruby{22,24,25,26}-base-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2011-3624 sqlite3<3.31.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19603 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19645 sqlite3<3.31.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19646 samba>=4.0<4.10.11 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14861 samba>=4.0<4.10.11 restriction-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14870 php-7.1.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libssh<0.8.8 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14889 libssh>=0.9<0.9.3 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14889 git-base<2.23.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19604 git-base>=2.24<2.24.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-19604 yabasic<2.86.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19720 yabasic<2.86.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19796 libxslt<1.1.34 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2019-5815 xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-307.html xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-307.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-308.html xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-308.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-309.html xenkernel411<4.11.3nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-309.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-310.html xenkernel411<4.11.3nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-310.html xenkernel48-[0-9]* privilege-escalation https://xenbits.xen.org/xsa/advisory-311.html xenkernel411<4.11.3nb1 privilege-escalation https://xenbits.xen.org/xsa/advisory-311.html fig2dev<3.2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19746 cacti<1.2.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-17358 spamassassin<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12420 npm<6.13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16775 npm<6.13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16776 npm<6.13.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-16777 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19777 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19778 atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19785 atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19786 atasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19787 dovecot2<2.3.9.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19722 samurai<1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19795 bash<5.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-18276 cyrus-imapd<2.5.15 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-19783 cyrus-imapd>=3.0<3.0.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-19783 cyrus-sasl<2.1.27nb1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19906 fig2dev<3.2.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19797 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1348 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1348 git-base<2.23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1349 git-base>=2.24<2.24.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1349 git-base<2.23.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1350 git-base>=2.24<2.24.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1350 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351 libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1351 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352 libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1352 git-base<2.23.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353 git-base>=2.24<2.24.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353 libgit2<0.99 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-1353 git-base<2.23.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354 git-base>=2.24<2.24.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354 libgit2<0.99 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-1354 git-base<2.23.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1387 git-base>=2.24<2.24.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-1387 go-dns<1.1.25 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2019-19794 knot<4.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19331 libspiro-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19847 mediawiki-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-19709 nethack-lib<3.6.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19905 py{27,34,35,36,37,38}-django>=1.11<1.11.27 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 py{34,35,36,37,38}-django>=2.1<2.1.15 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 py{34,35,36,37,38}-django>=2.2<2.2.9 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 ruby{22,24,25,26}-rack16<1.6.12 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2019-16782 ruby{22,24,25,26}-rack<2.0.8 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2019-16782 sqlite3<3.31.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19880 sudo<1.8.30beta2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19232 sudo<1.8.30beta2 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19234 php{56,71,72,73}-typo3<8.7.30 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-19848 php{56,71,72,73}-typo3<8.7.30 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19849 php{56,71,72,73}-typo3<8.7.30 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-19850 yarn<1.21.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-10773 thunderbird<68.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/ nss<3.47.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-11745 nss<3.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17007 py{27,36,37,38}-ecdsa<0.13.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14859 spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2018-11805 ImageMagick6<6.8.8.9 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2014-8561 duplicity<0.6.21 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2014-3495 erlang-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2016-1000107 kde-workspace4<4.10.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2013-4133 mcollective-[0-9]* insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2014-0175 mediawiki<1.21.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4303 orca-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-4245 p5-DBD-PgPP<0.06 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2014-7257 p5-Data-UUID-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2013-4184 p5-Module-Signature<0.74 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2015-3406 pen<0.22.1 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2014-2387 ruby{22,24,25,26}-puppet>=6<6.4.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2018-11751 smokeping<2.6.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-4158 xerces-c-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2018-1311 yaws<2.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2016-1000108 php56-typo3<8.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages lout-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19917 lout-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19918 py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16785 py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16786 libgnome-keyring<3.10.0 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2012-6111 gnutls<3.2.0 oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2015-8313 libreoffice<6.4.4 remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2012-5639 php{56,70,71,72,73,74}-drupal>=8.7.4<8.7.5 access-bypass https://www.drupal.org/SA-CORE-2019-008 php{56,70,71,72,73,74}-drupal>=8<8.7.11 denial-of-service https://www.drupal.org/SA-CORE-2019-009 php{56,70,71,72,73,74}-drupal>=8<8.7.11 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-010 php{56,70,71,72,73,74}-drupal>=8<8.7.11 access-bypass https://www.drupal.org/SA-CORE-2019-011 php{56,70,71,72,73,74}-drupal>=7<7.69 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-012 php{56,70,71,72,73,74}-drupal>=8<8.7.11 multiple-vulnerabilities https://www.drupal.org/SA-CORE-2019-012 php>=7.2<7.2.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044 php>=7.3<7.3.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044 php>=7.4<7.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11044 php>=7.2<7.2.26 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045 php>=7.3<7.3.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045 php>=7.4<7.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-11045 php>=7.3<7.3.13 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-11049 php>=7.4<7.4.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-11049 php72-bcmath<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046 php73-bcmath<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046 php74-bcmath<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11046 php72-exif<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047 php73-exif<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047 php74-exif<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11047 php72-exif<7.2.26 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050 php73-exif<7.3.13 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050 php74-exif<7.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-11050 sqlite3<3.31.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19926 apache-tomcat>=7.0.0<7.0.99 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418 apache-tomcat>=8.5.0<8.5.49 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418 apache-tomcat>=9.0.0<9.0.29 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-12418 apache-tomcat>=7.0.0<7.0.99 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563 apache-tomcat>=8.5.0<8.5.49 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563 apache-tomcat>=9.0.0<9.0.29 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-17563 apache-tomcat-6.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages apache-tomcat-8.0.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages GraphicsMagick<1.3.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19950 GraphicsMagick<1.3.32 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19951 GraphicsMagick<1.3.34 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19953 ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19948 ImageMagick6<6.9.10.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19948 ImageMagick<7.0.8.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19949 ImageMagick6<6.9.10.43 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19949 ImageMagick<7.0.9.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19952 libxml2<2.9.10 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-19956 sqlite3<3.31.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-19923 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19924 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19925 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15691 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15692 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15693 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15694 tigervnc<1.10.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-15695 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16780 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16781 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20041 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20042 wordpress<5.3.1 incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2019-20043 libesmtp-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19977 py{27,36,37,38}-waitress<1.4.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16789 ezxml-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20005 ezxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20006 ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20007 libsixel<1.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20022 libsixel<1.8.5 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20023 libsixel<1.8.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20024 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20017 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20018 matio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20019 matio-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20020 upx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20021 thttpd-[0-9]* buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2007-0158 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20051 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20053 libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20056 libsixel<1.8.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20094 podofo<0.9.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20093 vim<8.1.2136 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20079 libsixel<1.8.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20140 qemu<1.5.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2013-2016 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20159 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20160 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20161 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20162 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20163 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20164 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20165 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20166 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20167 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20168 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20169 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20170 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20171 pure-ftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20176 ezxml-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20198 ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20199 ezxml-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20200 ezxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20201 ezxml-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2019-20202 tiff<3.7.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2004-0804 cups-base<2.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-2228 ansible>=2.9<2.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864 ansible>=2.8<2.8.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864 ansible>=2.7<2.7.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14864 libsixel<1.8.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20205 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20208 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-20218 opencv>=4.0<4.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5063 opencv>=4.0<4.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-5064 py{27,36,37,38}-Pillow<6.2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5310 py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5311 py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5312 py{27,36,37,38}-Pillow<6.2.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5313 tigervnc<1.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-0011 qemu<2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-4532 sqlite3<3.31.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19959 nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20334 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5496 fontforge-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-5395 py{27,36,37,38}-Pillow<6.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-19911 firefox<72.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/ cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/ firefox68<68.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/ tor-browser<9.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/ firefox<72.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ cliqz<1.32.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ firefox68<68.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ tor-browser<9.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ gnutls<3.6 signature-forgery https://mail.gnome.org/archives/desktop-devel-list/2020-January/msg00002.html gnupg-[0-9]* signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-14855 gnupg2<2.2.18 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-14855 thunderbird<68.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/ #KeePass-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-20184 ansible<1.5.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-2686 bftpd<5.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6162 bftpd<5.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6835 curl<7.68.0 remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2019-15601 dnsmasq<2.81 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-14834 e2fsprogs<1.45.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-5188 ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20378 ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20379 gcpio<2.13 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-14866 glib2>=2.60<2.63.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-6750 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6630 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6631 cacti<1.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-7106 delegate-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2015-7556 firefox36<3.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-2670 fwknop<2.0.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2012-4434 hiredis<0.14.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7105 isc-dhcpd<4.2.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-2748 isc-dhcpd<4.2.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2011-2749 jhead-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6624 jhead-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-6625 kafka<2.0.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12399 libmysofa<0.9.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-20016 libmysofa<0.8 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2019-20063 libmysofa<1.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6860 libraw<0.17.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8366 libraw<0.17.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-8367 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6628 ming-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-6629 moodle<2.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2012-0797 moodle<3.7.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14879 mysql-client<5.6.47 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-client>=5.7<5.7.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-client>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-server<5.6.47 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-server>=5.7<5.7.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL mysql-server>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL openjdk8<1.8.232 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA openjdk11<1.11.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA nasm<2.15.04 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20352 nginx<1.16.1nb2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-20372 nginx>=1.17<1.17.7 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-20372 ntp-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-5209 openjpeg<2.3.1nb3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-6851 pcre<8.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2325 pcre<8.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-2326 php{56,70,71}-concrete5<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-3183 php{56,71,72,73}-tiki6<6.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2011-4336 phpmyadmin<4.9.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-5504 poppler<0.21.4 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2012-2142 qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7039 salt<2019.2.3 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-17361 slurm-wlm<18.08.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-19727 slurm-wlm<18.08.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19728 spamdyke<4.2.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0070 wireshark>=3.2.0<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7044 wireshark>=3.0.0<3.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7045 wordpress<5.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-16773 wordpress<5.3.1 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2019-16788 p5-Template-Toolkit<3.004 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-19781 mariadb-server>=5.5<5.5.66 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2974 mariadb-client>=5.5<5.5.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-2574 cacti<1.2.9 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7237 cacti<1.2.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2019-17357 samba>=4.9<4.11.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-19344 samba>=4.0<4.11.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-14907 samba>=4.0<4.11.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2019-14902 libxml2<2.9.10nb1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20388 libxml2<2.9.10nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7595 webkit-gtk<2.26.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0001.html vault>=0.11.0<1.3.2 operation-on-expired-resource https://nvd.nist.gov/vuln/detail/CVE-2020-7220 py{27,36,37,38}-waitress<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-16792 webkit-gtk<2.14.0 multiple-vulnerabilities https://www.webkitgtk.org/security/WSA-2016-0006.html freeciv-server<2.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2012-6083 qemu<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5239 qemu<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5745 qemu<2.4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5278 libressl<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5334 libressl<2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-5333 slurm-wlm<18.08.5 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-6438 jenkins-lts<2.204.2 multiple-vulnerabilities https://jenkins.io/security/advisory/2020-01-29/ jenkins<2.219 multiple-vulnerabilities https://jenkins.io/security/advisory/2020-01-29/ aspell>=0.60<0.60.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20433 consul<1.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7219 consul<1.6.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7955 exiv2<0.27.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20421 magento<1.9.4.4 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-02.html mbedtls<2.16.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-18222 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5209 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5210 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5211 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5212 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5213 nethack-lib<3.6.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-5214 openjpeg<2.3.1nb3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8112 py{27,36,37,38}-feedgen<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-5227 python27<2.7.18nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 python36<3.6.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 python37<3.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 python38<3.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8492 spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1930 spamassassin<3.4.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1931 sudo<1.8.26 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-18634 u-boot<2020.04 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-8432 opensmtpd<6.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7247 php{53,54,55}-owncloud<5.0.15 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2014-2050 php{53,54,55}-owncloud>=6<6.0.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2014-2050 php{56,71,72,73,74}-tiki6-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-4558 vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9625 vlc<2.1.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2014-9626 vlc<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9627 vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9628 vlc<2.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-9629 vlc<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-9630 lldpd<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-8011 lldpd<0.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-8012 opensc-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2013-1866 p5-File-Temp-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-4116 perl-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2011-4116 p5-Module-Metadata<1.000015 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2013-1437 # Disputed: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726578 #pwgen-[0-9]* weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2013-4441 py{26,27,33,34}-tornado<3.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-9720 qt5-qtbase<5.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9541 librsvg<2.40.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20446 librsvg>=2.41<2.46.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20446 qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-1711 py{27,34,35,36,37,38}-django>=1.11<1.11.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471 py{34,35,36,37,38}-django>=2.2<2.2.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471 py{27,36,37,38}-waitress>=1.4.2<1.4.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-5236 pppd>=2.4.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8597 qt5-qtbase<5.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-0569 qt5-qtbase<5.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-0570 mariadb-server>=10.4.7<10.4.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7221 ImageMagick<6.9.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7523 ImageMagick<7.0.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7523 ImageMagick<6.9.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7524 ImageMagick<7.0.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-7524 clamav<0.102.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3123 evolution-data-server<3.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2013-4166 ipmitool<1.8.19 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-5208 libvncserver<0.9.9 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2010-5304 mcabber<1.0.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2016-9928 nghttp2<1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-1544 nodejs<10.19.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604 nodejs>=12<12.15.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604 nodejs>=13<13.8.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15604 nodejs<10.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605 nodejs>=12<12.15.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605 nodejs>=13<13.8.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-15605 nodejs<10.19.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606 nodejs>=12<12.15.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606 nodejs>=13<13.8.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15606 npm-[0-9]* modification-of-assumed-immutable-data https://nvd.nist.gov/vuln/detail/CVE-2020-8116 phppgadmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-10784 #python27-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs #python36-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs #python37-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9674 # fix was improving docs qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8608 squid<4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-12528 squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8449 squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8450 squid<4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8517 zabbix-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2013-3628 php{56,72,73,74}-nextcloud<15.0.3 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2019-15612 php{56,72,73,74}-nextcloud<17.0.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15613 php{56,72,73,74}-nextcloud<17.0.0 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2019-15616 php{56,72,73,74}-nextcloud<17.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2019-15617 php{56,72,73,74}-nextcloud<15.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15618 php{56,72,73,74}-nextcloud<16.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15619 php{56,72,73,74}-nextcloud<16.0.2 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-15621 php{56,72,73,74}-nextcloud<16.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-15623 php{56,72,73,74}-nextcloud<15.0.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2019-15624 php{56,72,73,74}-nextcloud<14.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8117 php{56,72,73,74}-nextcloud<16.0.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8118 php{56,72,73,74}-nextcloud<17.0.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8119 php{56,72,73,74}-nextcloud<15.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8121 php{56,72,73,74}-nextcloud<15.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8122 nodejs-8.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages go112<1.12.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7919 go113<1.13.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7919 moodle<3.7.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-14880 moodle>=3.7<3.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14881 moodle<3.7.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14882 moodle<3.7.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-14883 moodle<3.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14884 moodle>=3.8<3.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-1691 php>=7.2<7.2.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059 php>=7.3<7.3.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059 php>=7.4<7.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7059 php>=7.2<7.2.27 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060 php>=7.3<7.3.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060 php>=7.4<7.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7060 ansible<2.9.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14904 ansible<2.9.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2019-14905 libexif<0.6.21nb2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-9278 php56-orangehrm-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-1353 php{56,72,73,74}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8089 gd<2.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-14553 dovecot2<2.3.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7046 dovecot2<2.3.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7957 weechat<2.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8955 adobe-flash-player<32.0.0.255 type-confusion https://helpx.adobe.com/security/products/flash-player/apsb20-06.html echoping-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-4448 lvm2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8991 pcre2<10.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20454 firefox<73.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/ cliqz<1.33.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/ tor-browser<9.0.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/ firefox68<68.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/ thunderbird<68.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/ postgresql96-server<9.6.17 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql10-server<10.12 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql11-server<11.7 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql12-server<12.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-1720 postgresql94-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages webkit-gtk<2.26.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0002.html moodle<3.7.2 information-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-1692 horde-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8518 zabbix<2.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-3738 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2013-6022 kdeplasma-addons4-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2013-2213 kdeplasma-addons4<4.10.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2013-2120 libarchive<3.4.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-9308 tiff<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-8128 cacti<1.2.10 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-8813 go-crypto<0.0.20200221 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9283 proftpd<1.3.6c out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-9272 proftpd<1.3.6c remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9273 ruby{22,24,25,26}-puppet>=6<6.13.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7942 py{27,36,37,38}-yaml>=5.1<5.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20477 py{27,36,37,38}-ruamel-yaml-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20478 sqlite3<3.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9327 ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4658 ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4659 ansible<1.5.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-4660 ansible<1.6.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4966 ansible<1.6.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-4967 curl<7.49.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2016-4606 jasper<1.900.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-8751 libaudiofile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-7747 netsurf<2.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2012-0844 openjpeg<2.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2016-3182 php{53,54,55}-owncloud<5.0.15 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-2052 php{53,54,55}-owncloud>=6<6.0.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2014-2052 php{54,55,56}-owncloud<8.0.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2015-4715 php>=5.6<5.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2014-3622 python27<2.7.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2014-4650 rrdtool<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-6262 ruby{193,200}-nokogiri<1.5.4 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2012-6685 varnish<3.0.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2013-4090 apache-tomcat>=7.0.98<7.0.100 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569 apache-tomcat>=8.5.48<8.5.51 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569 apache-tomcat>=9.0.28<9.0.31 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17569 apache-tomcat>=7.0.0<7.0.100 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935 apache-tomcat>=8.5.0<8.5.51 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935 apache-tomcat>=9.0.28<9.0.31 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1935 pure-ftpd-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-9365 screen>=4.2.0<4.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-9366 sympa>=6.2.38<6.2.54 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9369 yarn<1.22.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8131 zsh<5.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-20044 opensmtpd<6.6.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-8793 opensmtpd<6.6.4 remote-command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-8794 pam-radius-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2015-9542 pure-ftpd-[0-9]* uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-9274 gd<2.2.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2017-6363 apache-tomcat>=7.0.0<7.0.100 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938 apache-tomcat>=8.5.0<8.5.51 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938 apache-tomcat>=9.0.28<9.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1938 php>=7.3<7.3.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7061 php>=7.4<7.4.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7061 php>=7.2<7.2.28 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062 php>=7.3<7.3.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062 php>=7.4<7.4.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-7062 php>=7.2<7.2.28 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063 php>=7.3<7.3.15 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063 php>=7.4<7.4.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-7063 ruby{22,24,25,26}-puma<4.3.2 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-5247 wireshark<2.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428 wireshark>=3.0.0<3.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428 wireshark>=3.2.0<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9428 wireshark>=3.2.0<3.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-9429 wireshark<2.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430 wireshark>=3.0.0<3.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430 wireshark>=3.2.0<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9430 wireshark<2.6.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431 wireshark>=3.0.0<3.0.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431 wireshark>=3.2.0<3.2.2 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9431 qt5-qtwebsockets<5.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21035 ruby{22,24,25,26}-puma<4.3.3 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-5249 webkit-gtk<2.28.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-10018 #ansible-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1734 py{27,34,35,36,37,38}-django>=1.11<1.11.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 py{34,35,36,37,38}-django>=2.2<2.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 py{34,35,36,37,38}-django>=3.0<3.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 qemu<4.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20382 py{27,34,35,36,37,38}-urllib3>=1.25.2<1.25.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7212 sleuthkit-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10232 sleuthkit-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10233 ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1737 firefox<74.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/ cliqz<1.34.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/ firefox68<68.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/ tor-browser<9.0.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/ thunderbird<68.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/ ImageMagick6<6.9.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10251 ImageMagick<7.0.10.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10251 ansible<2.9.7 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2020-1733 ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1735 ansible<2.9.12 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-1736 ansible<2.9.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1738 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1739 ansible<2.9.7 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2020-1740 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1753 bitcoin<0.17.1 log-injection https://nvd.nist.gov/vuln/detail/CVE-2018-20586 icu<67.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10531 nethack-lib<3.6.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-5253 nethack-lib>=3.6.1<3.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-5254 gthumb<3.8.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20326 nagios-nrpe<4.0.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-6581 nagios-nrpe<4.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-6582 npm<6.14.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7598 npm-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7608 ruby{22,24,25,26,27}-puppet<6.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7943 py{27,34,35,36,37}-twisted<16.3.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-1000111 py{27,36,37,38}-twisted<20.3.0rc1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-10108 py{27,36,37,38}-twisted<20.3.0rc1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-10109 python27<2.7.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2013-1753 qemu<4.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-15034 tcpdump-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-19325 yarn<1.19.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-15608 tor<0.4.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10592 tor<0.4.2.7 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-10593 GraphicsMagick<1.3.32 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-12921 libvirt<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20485 u-boot<2018.03 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10648 mantis<2.21.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-15539 squid<4.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-18860 freeradius>=3.0<3.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-17185 php{56,72,73,74}-nextcloud<17.0.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8138 php{56,72,73,74}-nextcloud<18.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-8139 phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10802 phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10803 phpmyadmin<4.9.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10804 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10809 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10810 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10811 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10812 vault>=0.9.0<1.3.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-10660 vault>=0.11<1.3.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-10661 weechat>=0.4.0<2.7.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9759 weechat>=0.3.4<2.7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-9760 trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17559 trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17559 trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17565 trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2019-17565 trafficserver<7.1.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1944 trafficserver>=8.0.0<8.0.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-1944 py{27,36,37,38}-zim-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10870 horde-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8866 horde-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8865 memcached>=1.6.0<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10931 ansible<2.9.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10684 py{27,36,37,38}-yaml<5.3.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1747 GraphicsMagick<1.3.35 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10938 okular<20.04.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9359 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20629 gpac<0.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20630 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20631 gpac<0.8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20632 gpac<0.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-20628 mbedtls<2.6.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10941 py{27,36,37,38}-bleach<3.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-6802 py{27,36,37,38}-bleach<3.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-6816 patch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20633 php{56,72,73,74}-piwigo<2.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-9467 jenkins<2.204.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-2160 jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2161 jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2162 jenkins<2.204.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2163 gst-rtsp-server<1.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6095 netbeans-ide<11.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17560 netbeans-ide<11.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2019-17561 pam-krb5<4.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10595 php72-exif<7.2.29 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064 php73-exif<7.3.16 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064 php74-exif<7.4.4 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-7064 php>=7.3<7.3.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7065 php>=7.4<7.4.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-7065 php>=7.2<7.2.29 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066 php>=7.3<7.3.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066 php>=7.4<7.4.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7066 #phpmyadmin-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-11441 Disputed, see https://github.com/phpmyadmin/phpmyadmin/issues/16056 elasticsearch<6.8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7009 elasticsearch>=7.0.0<7.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7009 apache>=2.4.0<2.4.42 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-1934 apache>=2.4.0<2.4.42 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-1927 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8966 ast-ksh-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-14868 haproxy<2.1.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11100 viewvc>=1.2<1.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-5283 viewvc<1.1.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-5283 firefox<74.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ cliqz<1.34.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ firefox68<68.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ tor-browser<9.0.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/ mediawiki<1.34.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10960 gnutls>=3.6.3<3.6.13 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-11501 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-11558 qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11102 p5-Convert-ASN1<0.28 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2013-7488 codeblocks-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10814 sqlite3<3.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11655 sqlite3<3.32.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-11656 varnish>=5.0<6.0.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-20637 varnish>=6.0<6.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11653 libssh<0.9.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1730 firefox<75.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/ cliqz<1.35.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/ firefox68<68.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/ tor-browser<9.0.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/ wireshark<2.6.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647 wireshark>=3.0.0<3.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647 wireshark>=3.2.0<3.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11647 wolfssl<4.4.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-11713 libsixel<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11721 git-base<2.25.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5260 git-base>=2.26<2.26.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5260 xenkernel411<4.11.3nb2 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-313.html xenkernel48-[0-9]* multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-313.html xenkernel411<4.11.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-318.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-318.html xenkernel411<4.11.3nb2 denial-of-service https://xenbits.xen.org/xsa/advisory-316.html xenkernel48-[0-9]* denial-of-service https://xenbits.xen.org/xsa/advisory-316.html webkit-gtk<2.28.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11793 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11758 openexr<2.4.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11759 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11760 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11761 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11762 openexr<2.4.1 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-11763 openexr<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11764 openexr<2.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11765 squid-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12519 squid-[0-9]* cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2019-12520 squid-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12521 squid-[0-9]* bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2019-12522 squid-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12524 mbedtls<2.16.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10932 oracle-{jdk,jre}8<8.0.242 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA openjdk7<1.7.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA openjdk8<1.8.242 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA openjdk11<1.11.0.7 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixJAVA evolution<3.35.91 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-11879 mysql-server<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-server>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-server>=8<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-client<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-client>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-client>=8.0<8.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL mysql-cluster<7.4.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11894 ming-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11895 rclone-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2018-12907 py{27,36,37,38}-markdown2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11888 re2c>=1.2<2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11958 openssl>=1.1.1d<1.1.1g denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1967 teeworlds<0.7.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20787 teeworlds>=0.7<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12066 git-base<2.25.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11008 git-base>=2.26<2.26.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11008 openconnect<8.09 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-12105 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11940 squid<4.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11945 ndpi-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11939 libvncserver-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20788 grafana<6.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12245 thunderbird<68.7.0 use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/ mailman<2.1.30 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12137 qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-1983 webkit-gtk<2.28.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0005.html grafana<6.7.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12052 jbig2dec<0.18 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12268 libgit2<0.99.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12278 libgit2<0.99.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12279 opendmarc-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-20790 opendmarc-[0-9]* spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-12272 openvpn<2.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11810 qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11869 php>=7.2<7.2.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067 php>=7.3<7.3.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067 php>=7.4<7.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7067 ffmpeg4<4.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12284 libvirt<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-12430 opensc<0.20.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-20792 openldap-server<2.4.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12243 ruby{22,24,25,26,27}-json<2.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10663 qt5-qtbase<5.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-12267 re2c<3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-21232 ansible<2.9.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-10691 salt<2019.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11651 salt<2019.2.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-11652 wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11025 wordpress<5.4.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11026 wordpress<5.4.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-11027 wordpress<5.4.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11028 wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11029 wordpress<5.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11030 cups-base<2.3.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-8842 cups-base<2.3.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-3898 php{56,72,73,74}-roundcube<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12625 php{56,72,73,74}-roundcube<1.4.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-12626 samba>=4.0<4.12.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10700 php{56,72,73,74}-roundcube<1.4.4 file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2020-12640 php{56,72,73,74}-roundcube<1.4.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12641 ruby25-base<2.5.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933 ruby26-base<2.6.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933 ruby27-base<2.7.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10933 qemu>=5.0.0<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10717 firefox<76.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/ cliqz<1.36.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/ firefox68<68.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/ tor-browser<9.0.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/ thunderbird<68.8.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/ ruby24-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages glpi<9.4.6 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-11034 glpi<9.4.6 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2020-11035 glpi>=9.1<9.4.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11033 glpi<9.4.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-11032 glpi<9.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11036 GraphicsMagick<1.3.36 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12672 samba>=4.0<4.11.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10704 samba>=4.12<4.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10704 mailman<2.1.31 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-12108 mongodb<3.6.18 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7921 mongodb>=4.0.0<4.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7921 ntp-[0-9]* timing-attack https://nvd.nist.gov/vuln/detail/CVE-2018-8956 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11046 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11048 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11042 freerdp>1.2.0<2.0.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-11044 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11045 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11047 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11049 #py{27,36,37,38}-pip<21.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-20225 tcpreplay<4.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12740 imlib2<1.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12761 json-c<0.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-12762 libexif<0.6.22 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-12767 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10685 exim-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12783 php{56,72,73,74}-nextcloud<18.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8154 php{56,72,73,74}-nextcloud<18.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8155 openconnect<8.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12823 libcroco-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12825 glpi<9.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-5248 glpi<9.4.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11060 freerdp>=1.1<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11058 glpi>=0.68.1<9.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11062 ansible<2.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1746 clamav<0.102.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3327 clamav>=0.101<0.102.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3341 apache-ant>=1.1<1.9.15 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1945 apache-ant>=1.10<1.10.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1945 libexif<0.6.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-0093 transmission<3.00 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-10756 freerdp>1.0.0<2.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11521 ansible-base<2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10744 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11522 freerdp>1.0.0<2.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11523 freerdp>1.0.0<2.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-11524 freerdp>1.0.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11525 freerdp>1.1.0<2.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11526 vlc<3.0.9 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2019-19721 yaws-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12872 cherokee-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-20798 cherokee-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20799 cherokee-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-20800 dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10957 dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10958 dovecot<2.3.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10967 libreoffice<6.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-12801 prboom-plus<2.6.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20797 unbound<1.10.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-12662 unbound<1.10.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12663 knot<5.1.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-12667 bind>=9.11<9.11.19 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-8616 bind>=9.14<9.14.12 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-8616 bind>=9.11<9.11.19 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8617 bind>=9.14<9.14.12 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8617 couchdb>=3.0.0<3.0.1 remote-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-1955 powerdns-recursor<4.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10030 powerdns-recursor<4.3.1 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2020-10995 powerdns-recursor<4.3.1 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12244 wireshark<2.6.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164 wireshark>=3.0<3.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164 wireshark>=3.2<3.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13164 apache-tomcat>=7.0.0<7.0.104 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484 apache-tomcat>=8.5.0<8.5.55 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484 apache-tomcat>=9.0.0<9.0.35 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9484 py{27,36,37,38}-httplib2<0.18.0 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-11078 zabbix<3.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11800 qmail-run<20200519 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 adplug<2.3.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2018-17825 amarok<3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13152 cacti<1.2.11 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13230 cacti<1.2.11 cross-site-request-forgeries https://nvd.nist.gov/vuln/detail/CVE-2020-13231 freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13396 freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13397 freerdp<2.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13398 gitea<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13246 libexif<0.6.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13112 libexif<0.6.22 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13113 libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13114 mariadb-connector-c<3.1.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-13249 moodle<3.8.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-10738 php>=7.2<7.2.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048 php>=7.3<7.3.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048 php>=7.4<7.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-11048 py{27,36,37,38}-meinheld<1.0.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-7658 ruby{24,25,26,27}-puma<4.3.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-11076 ruby{24,25,26,27}-puma<4.3.5 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-11077 slurm-wlm<19.05.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12693 qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1514 qmail<1.03nb49 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1515 grafana<7.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13430 sqlite3<3.32.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13434 sqlite3<3.32.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13435 ruby{22,24,25,26,27}-em-http-request-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13482 qore<0.9.4.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13615 qemu<5.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13253 sqlite<3.32.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13630 sqlite<3.32.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13631 sqlite<3.32.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-13632 sympa<6.2.56 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-10936 vim<8.1.0881 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-20807 qemu<4.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-13361 qemu<4.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13362 glib-networking<2.64.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13645 balsa<2.6.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-13645 php{56,70,71,72,73,74}-drupal>=8.7.4<8.7.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6342 freerdp<2.1.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-11017 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11018 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11019 freerdp<2.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11038 freerdp<2.1.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11039 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11040 freerdp<2.1.0 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-11041 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11043 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11085 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11086 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11087 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11088 freerdp<2.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11089 firefox<77.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/ cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/ firefox68<68.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/ tor-browser<9.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/ thunderbird<68.9.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/ fossil<2.11.1 command-injection https://fossil-scm.org/forum/forumpost/0e1a0540fd qt5-qtbase>=5.12.2<5.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13962 php{56,72,73,74}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13964 php{56,72,73,74}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13965 vlc<3.0.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13428 nagios-base<4.4.6 url-injection https://nvd.nist.gov/vuln/detail/CVE-2020-13977 qemu>=4.2<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10761 vault<1.4.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12757 vault<1.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13223 libexif<0.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-0182 libexif<0.6.23 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-0198 consul>=1.6.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12758 consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-12797 consul>=1.4.0<1.6.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-13170 consul>=1.2.0<1.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13250 adobe-flash-player<32.0.0.387 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-30.html wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4046 wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4047 wordpress<5.4.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-4048 wordpress<5.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-4049 wordpress<5.4.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-4050 upx<3.96 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-20805 sane-backends<1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12867 py{27,36,37,38}-rsa<4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13757 grafana<6.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18623 libvirt>=3.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10703 mediawiki<1.35 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-10959 qemu<4.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13659 qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13754 znc>=1.8.0<1.8.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13775 ruby{22,24,25,26,27}-websocket-extensions<0.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7663 py{34,35,36,37,38}-django>=2.2<2.2.13 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 py{34,35,36,37,38}-django>=3.0<3.0.7 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 py{34,35,36,37,38}-django>=2.2<2.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 py{34,35,36,37,38}-django>=3.0<3.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 nghttp2<1.41.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11080 grafana>=3.0.1<7.0.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-13379 libjpeg-turbo<2.0.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13790 elasticsearch<6.8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7014 elasticsearch>=7.0.0<7.6.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-7014 gnutls>=3.6.4<3.6.14 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-13777 qemu<5.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13765 qemu<5.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-13791 qemu<5.1.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-13800 ntp<4.2.8p14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13817 ntp>=4.3<4.3.100 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13817 qemu<5.0.0 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2020-10702 libupnp<1.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13848 perl<5.30.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10543 perl<5.30.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12723 perl<5.30.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10878 sqlite3<3.32.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13871 pam-tacplus-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13881 ffmpeg2<2.8.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904 ffmpeg3<3.4.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904 ffmpeg4<4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-13904 ImageMagick<7.0.10.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13902 dbus>=1.3.0<1.12.18 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-12049 libreoffice<6.4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-12802 libreoffice<6.4.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12803 xawtv<3.107 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-13696 nodejs>=12.0.0<12.18.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8172 nodejs>=14.0.0<14.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8172 sane-backends<1.0.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-12861 sane-backends<1.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12862 sane-backends<1.0.30 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12863 sane-backends<1.0.30 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-12864 sane-backends<1.0.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12865 sane-backends<1.0.30 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12866 bison<3.5.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14150 caddy<0.10.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-21246 jpeg<9d unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14151 jpeg<9d denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14152 jpeg<9d out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14153 mutt<1.14.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14093 mutt<1.14.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14154 npm<6.14.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2017-18869 pcre<8.43 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20838 pcre<8.44 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14155 pound<2.8 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2018-21245 redis<6.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14147 ffmpeg4<4.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14212 libvncserver<0.9.13 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-21247 libvncserver<0.9.13 information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-20839 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20840 libvncserver<0.9.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-14396 libvncserver<0.9.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-14397 libvncserver<0.9.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14398 libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14399 libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14400 libvncserver<0.9.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14401 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14402 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14403 libvncserver<0.9.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14404 libvncserver<0.9.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-14405 cacti-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14295 bind>=9.16<9.16.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8618 bind>=9.11.14<9.11.20 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8619 bind>=9.14.9<9.16.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8619 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9103 adns<1.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9104 adns<1.5.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-9105 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9106 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9107 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9108 adns<1.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-9109 python35-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 python36<3.6.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 python37<3.7.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 python38<3.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14422 ruby{22,24,25,26,27}-rails42-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails51-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails52<5.2.4.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails60<6.0.3.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack42-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack51-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack52<5.2.4.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-actionpack60<6.0.3.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-8164 ruby{22,24,25,26,27}-rails42-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails51-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails52<5.2.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails60<6.0.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack42-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack51-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack52<5.2.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-actionpack60<6.0.3.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8162 ruby{22,24,25,26,27}-rails42-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails51-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview42-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview51-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-actionview60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8167 ruby{22,24,25,26,27}-rails42-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rails51-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rails52<5.2.4.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rails60<6.0.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8165 ruby{22,24,25,26,27}-rack<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184 ruby{22,24,25,26,27}-rack14-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184 ruby{22,24,25,26,27}-rack16-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8184 go{19,110,113,114}-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040 go-bin<1.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040 alpine<2.23 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14929 squirrelmail-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14933 squirrelmail-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14932 mutt<1.14.4 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14954 neomutt<20200619 weak-ssl-authentication https://nvd.nist.gov/vuln/detail/CVE-2020-14954 php{56,70,71,72}-concrete5<8.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14961 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11095 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11096 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11099 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11098 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11097 chocolate-doom<3.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14983 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-4030 freerdp<2.1.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-4032 freerdp<2.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-4031 freerdp<2.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-4033 mailman<2.1.33 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15011 trafficserver<7.1.11 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-9494 mediawiki<1.34.2 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-15005 ntp<4.2.8p15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15025 ntp>4.3<4.3.101 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15025 wolfssl<4.4.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-11735 net-snmp<5.8.1pre1 double-free https://nvd.nist.gov/vuln/detail/CVE-2019-20892 trojita<0.8 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-15047 py{27,36,37,38}-Pillow<7.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10994 py{27,36,37,38}-Pillow<6.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10379 py{27,36,37,38}-Pillow<6.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10378 py{27,36,37,38}-Pillow<7.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11538 py{27,36,37,38}-Pillow<6.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10177 openexr<2.5.2 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2020-15304 openexr<2.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15306 openexr<2.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15305 apache-tomcat>=9.0.0<9.0.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11996 apache-tomcat>=8.5.0<8.5.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11996 magento<1.9.4.5 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-22.html sqlite3<3.32.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15358 libraw<0.20.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-15365 firefox<78.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/ cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/ firefox68<68.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/ tor-browser<9.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/ thunderbird<68.10.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/ guacamole-server<1.2.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-9497 guacamole-server<1.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-9498 hylafax-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15396 hylafax-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15397 libraw<0.19.5nb1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-15503 libvncserver<0.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18922 libmediainfo<20.03nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15395 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15471 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15472 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15473 ndpi-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15474 ndpi-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15475 ndpi-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15476 openjpeg<2.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15389 openssh<8.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14145 putty>=0.68<0.74 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14002 powerdns-recursor<4.3.2 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14196 qemu<5.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-15469 ruby{25,26,27}-rack<2.2.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-8161 ruby{25,26,27}-rack16-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-8161 ruby{25,26,27}-actionpack52<5.2.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8166 ruby{25,26,27}-actionpack60<6.0.3.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-8166 ruby{25,26,27}-actionpack60<6.0.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8185 squid<4.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14058 squid<4.12 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-15049 wireshark>=3.2.0<3.2.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-15466 milkytracker<1.03.00 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15569 php{56,72,73,74}-roundcube<1.4.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15562 samba<4.12.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10730 samba<4.12.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10745 samba<4.12.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-10760 samba<4.12.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14303 webkit-gtk<2.28.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0006.html xenkernel411<4.11.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-317.html xenkernel413<4.13.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-317.html xenkernel411<4.11.3nb3 denial-of-service https://xenbits.xen.org/xsa/advisory-319.html xenkernel413<4.13.1nb1 denial-of-service https://xenbits.xen.org/xsa/advisory-319.html xenkernel411<4.11.3nb3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-321.html xenkernel413<4.13.1nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-321.html xenkernel411<4.11.3nb3 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-328.html xenkernel413<4.13.1nb1 multiple-vulnerabilities https://xenbits.xen.org/xsa/advisory-328.html xenkernel48-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools48-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages npm<6.14.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15095 apache-tomcat>=8.5.0<8.5.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11994 apache-tomcat>=7.0.0<7.0.76 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11994 qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-10756 jetty>=9.4.27.20200227<9.4.30.20200611 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638 python27<2.7.18nb3 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python35-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python36<3.6.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python37<3.7.9 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 python38<3.8.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-20907 mysql-server<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-server>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-server>=8.0<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-client<5.6.48 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-client>=5.7<5.7.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL mysql-client>=8.0<8.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL oracle-{jdk,jre}8<8.0.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA openjdk7<1.7.262 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA openjdk8<1.8.252 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA openjdk11<1.11.0.8 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2020.html#AppendixJAVA apache-tomcat>=8.5<8.5.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13934 apache-tomcat>=9.0<9.0.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13934 apache-tomcat>=8.5<8.5.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13935 apache-tomcat>=9.0<9.0.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13935 openldap<2.4.50 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2020-15719 synergy<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15117 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2220 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2220 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2221 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2221 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2222 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2222 jenkins<2.245 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2223 jenkins-lts<2.235.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-2223 ruby{25,26,27}-kramdown<2.3.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-14001 glpi<9.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15108 zabbix>=4.0<4.0.22rc1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15803 go113<1.13.13 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14039 go114<1.14.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14039 go113<1.13.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15586 go114<1.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15586 evolution-data-server<3.36.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-14928 radare2<4.5.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15121 clamav<0.102.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-3481 clamav<0.102.4 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2020-3350 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15859 qemu<5.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15863 lua54<5.4.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15888 lua54<5.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15889 LuaJIT2<2.1.1713773202 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15890 magento<1.9.4.6 multiple-vulnerabilities https://helpx.adobe.com/security/products/magento/apsb20-41.html magento<2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python27-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages claws-mail<3.17.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-15917 lua54<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15945 nodejs>=10<10.21.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174 nodejs>=12<12.18.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174 nodejs>=14<14.18.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-8174 openssh-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15778 grafana<6.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-11110 libetpan-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-15953 py{27,36,37,38}-uvicorn<0.11.7 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7694 py{27,36,37,38}-uvicorn<0.11.7 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2020-7695 firefox<78.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/ cliqz<1.38.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/ thunderbird<78.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-29/ firefox<79.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-30/ cliqz-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-30/ firefox68<68.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/ tor-browser<9.5.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/ firefox78<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/ mozjs78<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/ thunderbird<78.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/ webkit-gtk<2.28.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0007.html opendmarc>=1.3.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12460 cherokee>=0.4.27<1.2.104 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-12845 freerdp<2.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15103 ghostscript-agpl<9.53.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-15900 libX11<1.6.10 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-14344 fehqlibs<0.9.15 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2005-1513 claws-mail-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16094 freeDiameter-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6098 php{56,72,73,74}-typo3<10.4.6 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-15098 php{56,72,73,74}-typo3<10.4.6 information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-15098 php{56,72,73,74}-concrete5<8.5.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-11476 magento<2.3.5.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-9690 magento<2.3.5.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-9692 magento<2.3.5.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-9689 magento<2.3.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-9691 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14308 grub2<2.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14309 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14310 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14311 grub2<2.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-15705 grub2<2.0.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-15706 grub2<2.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-15707 grub2<2.0.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-10713 balsa<2.6.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16118 libssh<0.9.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16135 evolution-data-server<3.35.91 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16117 ruby{25,26,27}-faye-websocket<0.11.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-15133 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8966 radare2-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-16269 ark<20.04.1nb3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-16116 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16131 modular-xorg-server<1.20.9 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-14347 lilypond-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-17353 go113<1.13.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-16845 go114<1.14.7 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-16845 apache<2.4.46 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11984 apache<2.4.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-9490 apache<2.4.46 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-11993 apache<2.4.24 spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-11985 thunderbird<68.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/ qemu<5.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16092 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17487 jenkins-lts<2.235.4 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2020-08-12/ jenkins<2.252 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2020-08-12/ dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12100 dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12673 dovecot<2.3.11.3 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12674 mantis<2.24.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16266 py{27,36,37,38}-asyncpg<0.21.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-17446 php{56,72,73,74}-roundcube<1.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16145 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16287 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16288 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16289 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16290 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16291 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16292 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16293 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16294 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16295 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16296 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16297 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16298 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16299 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16300 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16301 ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16302 ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16303 ghostscript-agpl<9.51 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-16304 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16305 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16306 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16307 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16308 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16309 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16310 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17538 qt5-qtbase<5.15.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-17507 wireshark>=3.2.0<3.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17498 lua54<5.4.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24342 nim-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15692 nim-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-15693 nim-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-15694 snmptt<1.4.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24361 jenkins-lts<2.235.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638 jenkins<2.243 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2019-17638 lua54<5.4.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-24369 lua54<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24370 lua54<5.4.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-24371 LuaJIT2<2.1.1713773202 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24372 elasticsearch<6.8.12 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7019 elasticsearch>=7.0.0<7.9.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-7019 curl>=7.29.0<7.72.0 expired-pointer-dereference https://curl.haxx.se/docs/CVE-2020-8231.html fossil<2.12.1 remote-code-execution https://fossil-scm.org/forum/forumpost/9e114feec0 net-snmp<5.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15861 net-snmp<5.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15862 wolfssl<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-12457 wolfssl<4.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15309 wolfssl<4.5.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-24585 apache-solr<8.6.0 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13941 mongodb>=4.5.0<4.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 mongodb>=4.4.0<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 mongodb>=4.2.0<4.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 mongodb>=4.0.0<4.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7923 bind>=9.15.6<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8620 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8620 bind>=9.14<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8621 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8621 bind>=9.0<9.11.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622 bind>=9.12<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8622 bind>=9.10<9.11.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623 bind>=9.12<9.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623 bind>=9.17<9.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8623 bind>=9.9.12<9.11.22 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624 bind>=9.12.1<9.16.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624 bind>=9.17<9.17.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-8624 postgresql10-server<10.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349 postgresql11-server<11.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349 postgresql12-server<12.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14349 postgresql95-server<9.5.23 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql96-server<9.6.19 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql10-server<10.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql11-server<11.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 postgresql12-server<12.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14350 chrony<3.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14367 firefox<80.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/ cliqz-[0-9]* multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/ firefox68<68.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/ tor-browser<9.5.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/ firefox78<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/ mozjs78<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-38/ bison<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24240 nasm<2.15.04 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24241 nasm<2.15.04 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24242 squid<4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24606 wolfssl<4.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-24613 vault<1.2.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16251 vault<1.2.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16250 grafana<6.4.4 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2019-19499 php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15159 php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15155 php{56,70,71,72}-basercms<4.3.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15154 py{27,34,35,36,37,38}-flask-cors<3.0.9 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-25032 fossil<2.10.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24614 fossil>=2.12<2.12.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24614 rabbitmq<3.8.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-5419 qemu<5.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14415 qemu<5.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-12829 bind>=9.14<9.16 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{37,38}-django>=2.2<2.2.16 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24583 py{37,38}-django>=3.0<3.0.10 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24583 py{37,38}-django>=2.2<2.2.16 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24584 py{37,38}-django>=3.0<3.0.10 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-24584 qemu<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-14364 apache-cassandra<2.2.18 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-13946 apache-cassandra>=3<3.11.8 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-13946 ark<20.04.1nb3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-24654 go114<1.14.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24553 go115<1.15.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24553 mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-16150 miller>=5.9.0<5.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15167 rebar3<3.14.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-13802 squid<4.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-15810 squid<4.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-15811 gnupg2>=2.2.21<2.2.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25125 bison<3.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24979 bison<3.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24980 ghostscript-agpl<9.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14373 gnutls<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24659 libxml2<2.9.11 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24977 nasm<2.15.05 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-24978 php{56,72,73,74}-concrete5<8.5.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-24986 py{27,36,37,38}-pip<19.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-20916 ruby{25,26,27}-bundler1-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-3881 ruby{25,26,27}-bundler<2.1.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-3881 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24996 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24999 netbeans-ide-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-11986 openssl<1.1.1 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-1968 yaws<2.0.8 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-24916 yaws<2.0.8 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-24379 libproxy<0.4.15nb1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25219 php>=7.2<7.2.33 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068 php>=7.3<7.3.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068 php>=7.4<7.4.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7068 bitcoin>=0.16.0<0.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-17145 bitcoin>=0.20.0<0.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14198 #yarn-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15168 zeromq<4.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15166 p5-DBI<1.632 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7490 p5-DBI<1.628 stack-corruption https://nvd.nist.gov/vuln/detail/CVE-2013-7491 p5-DBI<1.632 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-10401 ansible<2.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14332 ansible<2.11.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14330 libX11<1.6.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14363 python35-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<5.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25286 modular-xorg-server<1.20.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14345 brotli<1.0.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8927 modular-xorg-server<1.20.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14346 modular-xorg-server<1.20.9 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2020-14361 modular-xorg-server<1.20.9 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2020-14362 p5-DBI<1.643nb3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2014-10402 p5-DBI<1.643 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-14392 p5-DBI<1.643 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-14393 libraw<0.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24890 libraw<0.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24889 gnuplot<5.2.8nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25412 gnuplot<5.2.8nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25559 p5-DBI<1.643 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-20919 php{56,72,73,74}-soycms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15183 zoneminder<1.34.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25729 yed<3.20.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-25215 php{56,72,73,74}-soycms<3.0.2.328 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15188 php{56,72,73,74}-soycms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15189 nodejs>=12<12.18.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8201 nodejs>=14<14.11.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8201 nodejs>=14<14.11.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8251 nodejs<10.22.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252 nodejs>=12<12.18.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252 nodejs>=14<14.9.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8252 php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25787 php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25789 php{56,70,71,72}-tt-rss-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25788 bsdiff-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14315 ansible<2.9.13 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14365 glpi<9.5.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-11031 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25595 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25595 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25596 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25596 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25597 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25597 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25598 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25598 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25599 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25599 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25600 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25600 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25601 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25601 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25602 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25602 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25603 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25603 xenkernel411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25604 xenkernel413<4.13.1nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25604 python27<2.7.18nb3 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python35<3.5.10 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python36<3.6.12 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python37<3.7.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 python38<3.8.5 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26116 qemu<5.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25084 qemu<5.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25085 qemu<5.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-25625 ruby-oauth-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2016-11086 tigervnc<1.11.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2020-26117 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25812 mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25813 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25814 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25815 mediawiki<1.34.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25827 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25828 mediawiki<1.34.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25869 mediawiki<1.34.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26120 mediawiki<1.34.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-26121 py{27,36,37,38}-rpyc>=4.1.0<4.1.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-16328 py{27,36,37,38}-djangorestframework<3.12.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25626 grafana<8.3.1 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-15216 vault>=1.5.0<1.5.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816 vault>=1.4.0<1.4.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25816 mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25288 mantis<2.24.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25781 mantis<2.24.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25830 py{27,36,37,38}-urllib3<1.25.9 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-26137 go-jwt-go<4.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-26160 libproxy<0.4.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26154 oniguruma<6.9.6rc1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26159 apache-ant<1.10.9 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11979 powerdns<4.3.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2020-17482 powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24697 powerdns<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24698 powerdns<4.4.0 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2020-24696 thunderbird<78.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-41/ firefox<81 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/ cliqz-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox78<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/ mozjs78<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/ tor-browser<10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/ thunderbird<78.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/ erlang>=22.3<22.3.4.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-25623 erlang>=23<23.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2020-25623 qemu-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25741 mupdf<1.18.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26519 php>=7.2<7.2.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069 php>=7.3<7.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069 php>=7.4<7.4.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7069 php>=7.2<7.2.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070 php>=7.3<7.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070 php>=7.4<7.4.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7070 thunderbird<68.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/ php{56,72,73,74}-nextcloud>=19<19.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223 php{56,72,73,74}-nextcloud>=18<18.0.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223 php{56,72,73,74}-nextcloud<17.0.8 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8223 opensc<0.21.0rc1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26570 opensc<0.21.0rc1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26572 opensc<0.21.0rc1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26571 wireshark>=2.6<2.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862 wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862 wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25862 wireshark>=2.6<2.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863 wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863 wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25863 wireshark<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26575 spice-server<0.14.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14355 spice-gtk<0.14.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14355 qemu<5.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25742 qemu<5.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25743 glpi<9.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15176 glpi<9.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-15175 glpi<9.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-15217 glpi<9.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15226 glpi<9.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15177 sympa-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-26880 wireshark>=3.2<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25866 wireshark>=3.0<3.0.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25866 php{56,70,71,72,73,74}-phpmyadmin<4.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26934 php{56,70,71,72,73,74}-phpmyadmin<4.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26935 apache-tomcat>=9.0<9.0.38 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13943 apache-tomcat>=8.5<8.5.58 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13943 webmin<1.950 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-12670 webmin<1.950 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-8820 webmin<1.950 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8821 adobe-flash-player<32.0.0.445 arbitrary-code-execution https://helpx.adobe.com/security/products/flash-player/apsb20-58.html ruby{25,26,27}-nexpose<6.6.49 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7383 gitea<1.13.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-14144 libass<0.15.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26682 magento<2.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24408 powerdns-recursor<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25829 py{27,36,37,38,39}-libtaxii<1.1.118 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-27197 qemu<5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24352 matrix-synapse<1.21.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26891 freetype2<2.10.4 remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 suse{,32}_freetype2-[0-9]* remote-system-access https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 tcpreplay<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24265 tcpreplay<4.3.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-24266 nss<3.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25648 nss<3.46 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17006 nss<3.36.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-18508 pam-tacplus-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-27743 firefox<82 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/ firefox78<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/ mozjs78<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/ tor-browser<10.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/ thunderbird<78.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/ grafana<7.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-24303 samba<4.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14323 php{56,72,73,74}-basercms<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15273 php{56,72,73,74}-basercms<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15276 php{56,72,73,74}-basercms<4.4.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-15277 tmux<3.1c buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27347 openjdk8<1.8.262 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA openjdk11<1.11.0.9 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixJAVA mysql-server<5.6.50 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL mysql-server>=5.7<5.7.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL mysql-server>=8.0<8.0.22 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL mysql-cluster<7.4.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixMSQL ImageMagick<7.0.10.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27560 ImageMagick6<6.9.11.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27560 asterisk>=13.0<13.37.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html asterisk>=16.0<16.14.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html asterisk>=17.0<17.8.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-001.html asterisk>=13.0<13.37.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html asterisk>=16.0<16.14.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html asterisk>=17.0<17.8.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-002.html cacti<1.2.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25706 consul<1.7.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25201 jetty<9.4.32.20200930 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-27216 libmaxminddb<1.4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28241 mit-krb5<1.18.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28196 packagekit<1.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-16121 packagekit<1.2.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-16122 php{56,72,73,74}-nextcloud<19.0.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8133 php{56,72,73,74}-nextcloud<19.0.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2020-8150 php{56,72,73,74}-nextcloud<20.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8152 php{56,72,73,74}-nextcloud<19.0.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-8173 php{56,72,73,74}-nextcloud<19.0.1 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-8183 php{56,72,73,74}-nextcloud<19.0.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8236 php{56,72,73,74}-nextcloud<20.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-8259 postgresql95-server<9.5.24 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql96-server<9.6.20 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql10-server<10.15 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql11-server<11.10 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql12-server<12.5 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql13-server<13.1 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2020-25694 postgresql95-server<9.5.24 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql96-server<9.6.20 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql10-server<10.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql11-server<11.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql12-server<12.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 postgresql13-server<13.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-25695 py{27,36,37,38,39}-moin<1.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15275 py{27,36,37,38,39}-moin<1.9.11 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-25074 py{27,36,37,38,39}-rsa<4.7 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-25658 python27<2.7.18nb4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python36<3.6.13 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python37<3.7.10 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python38<3.8.7rc1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 python39<3.9.1rc1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-27619 qemu<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27616 qemu<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27617 raptor-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18926 raptor2<2.0.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-18926 salt<2019.2.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-16846 salt<2019.2.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17490 salt<2019.2.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25592 tcpdump<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8036 tcpdump<4.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8037 wireshark>=3.2.0<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28030 wordpress<5.5.2 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28032 wordpress<5.5.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-28033 wordpress<5.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-28034 wordpress<5.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28035 wordpress<5.5.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28036 wordpress<5.5.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28037 wordpress<5.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-28038 wordpress<5.5.2 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2020-28039 wordpress<5.5.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-28040 xenkernel411<4.11.4nb4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-28368 xenkernel413<4.13.2nb1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-28368 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-26217 firefox<82.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ firefox78<78.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ mozjs78<78.4.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ tor-browser<10.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ thunderbird<78.4.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/ firefox<83 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/ firefox78<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/ mozjs78<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/ tor-browser<10.0.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/ thunderbird<78.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/ go114<1.14.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28366 go115<1.15.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28366 go114<1.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28362 go115<1.15.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28362 go114<1.14.12 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28367 go115<1.15.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28367 py{27,33,34,35,36,37,38}-werkzeug<0.11.6 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-28724 influxdb<1.7.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-20933 py{27,34,35,36,37,38}-notebook<6.1.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-26215 rclone<1.53.3 weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2020-28924 mutt<2.0.2 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-28896 php{56,72,73,74}-pear<1.10.12nb2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2020-28948 php{56,72,73,74}-pear<1.10.12nb2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2020-28949 nodejs>=15<15.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277 nodejs>=14<14.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277 nodejs>=12<12.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8277 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25698 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25700 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25701 moodle<3.5.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle>=3.7<3.7.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle>=3.8<3.8.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle>=3.9<3.9.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25699 moodle<3.5.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.7<3.7.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.8<3.8.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.9<3.9.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25703 moodle>=3.9<3.9.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25702 libsixel<1.8.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-19668 ImageMagick6<6.9.11.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19667 ImageMagick<7.0.10.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19667 php{56,70,71,72,73,74}-drupal>=7<7.74 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671 php{56,70,71,72,73,74}-drupal>=8.8<8.8.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671 php{56,70,71,72,73,74}-drupal>=8.9<8.9.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13671 xpdf-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25725 webkit-gtk<2.30.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0008.html webkit-gtk<2.30.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2020-0009.html blosc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-29367 consul<1.6.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-28053 gitea<1.12.6 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28991 jetty<9.4.35.20201120 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-27218 libslirp<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29129 qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29129 libslirp<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29130 qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29130 libvncserver<0.9.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25708 matrix-synapse<1.20.0 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26890 minidlna<1.3.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28926 mongodb<3.6.9 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20802 mongodb>=4.0<4.0.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-20802 mongodb<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20803 mongodb>=4.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20803 mongodb<3.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20804 mongodb>=4.0<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20804 mongodb<3.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20805 mongodb>=4.0<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20805 mongodb<3.6.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2392 mongodb>=4<4.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2392 mongodb<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2393 mongodb>=4<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-2393 mongodb>=4.0<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20923 mongodb>=4.2<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20924 mongodb<3.6.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20925 mongodb>=4<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-20925 mongodb>=4<4.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7925 mongodb>=4.4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7926 mongodb<3.6.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7928 mongodb>=4<4.2.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-7928 glpi<9.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27662 glpi<9.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27663 postgresql95-server<9.5.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql96-server<9.6.20 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql10-server<10.15 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql11-server<11.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql12-server<12.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 postgresql13-server<13.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25696 qemu<5.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25624 slurm-wlm<19.05.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27745 slurm-wlm<19.05.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27746 php{56,72,73,74}-typo3<10.4.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26227 php{56,72,73,74}-typo3<10.4.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26228 php{56,72,73,74}-typo3<10.4.10 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-26229 x11vnc<0.9.17 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-29074 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29040 ImageMagick6<6.9.11.40 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29599 ImageMagick<7.0.10.40 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29599 awstats<7.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29600 moodle<3.8.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25628 moodle>=3.9<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25628 moodle<3.8.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-25629 moodle>=3.9<3.9.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-25629 moodle<3.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25630 moodle>=3.9<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25630 moodle<3.8.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25631 moodle>=3.9<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25631 openldap-server<2.4.55 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25692 pngcheck-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27818 nsd<4.3.4 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28935 unbound<1.13.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-28935 openssl<1.1.1i null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-1971 thunderbird<78.5.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/ ImageMagick<7.0.9.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25663 ImageMagick6<6.9.10.68 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25664 ImageMagick<7.0.8.68 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25664 ImageMagick6<6.9.10.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25665 ImageMagick<7.0.8.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25665 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25666 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25666 ImageMagick6<6.9.10.69 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25667 ImageMagick<7.0.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25667 ImageMagick6<6.9.10.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25674 ImageMagick<7.0.8.68 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-25674 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25675 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25675 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25676 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25676 ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27750 ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27750 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27751 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27751 ImageMagick6<6.9.11.47 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27752 ImageMagick<7.0.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27752 ImageMagick6<6.9.10.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27753 ImageMagick<7.0.9.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27753 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27754 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27754 ImageMagick6<6.9.10.69 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27755 ImageMagick<7.0.9.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-27755 ImageMagick6<6.9.10.69 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27756 ImageMagick<7.0.9.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27756 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27757 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27757 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27758 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27758 binutils<2.35 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-16590 binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16591 binutils<2.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-16592 binutils<2.35 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16593 binutils<2.35.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16598 binutils<2.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-16599 jasper<2.0.23 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27828 matrix-synapse<1.23.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26257 moodle<3.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25627 mupdf<1.17.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-16600 openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-16587 openexr<2.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16588 openexr<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-16589 password-store-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-28086 phpldapadmin<1.2.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35132 py{27,36,37,38,39}-py-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29651 qemu<5.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27821 sympa<6.2.60 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29668 npm<7.1.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-7788 php{56,71,72,73,74}-tiki6-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-29254 awstats-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-35176 wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26418 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26418 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26419 wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26420 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26420 wireshark<3.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26421 wireshark>=3.4<3.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26421 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27759 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27759 ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27760 ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27760 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27761 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27761 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27762 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27762 ImageMagick6<6.9.10.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27763 ImageMagick<7.0.8.68 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27763 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27764 ImageMagick<7.0.8.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27764 ImageMagick6<6.9.10.69 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27765 ImageMagick<7.0.9.0 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2020-27765 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27766 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27767 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27767 ImageMagick6<6.9.10.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27770 ImageMagick<7.0.8.68 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27770 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27771 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27771 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27772 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27772 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27773 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27773 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27774 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27774 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27775 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27775 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27776 php-7.2.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages apache-tomcat<8.5.60 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17527 apache-tomcat>=9.0<9.0.40 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-17527 audacity<2.4.1nb28 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11867 libvirt<6.6.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-14339 libxls<1.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-2910 poppler-utils<0.76.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27778 py{27,36,37,38,39}-lxml<4.6.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-27783 qemu<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25723 qemu<5.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-28916 samba<4.12.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14318 samba<4.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14383 curl<7.71.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8169 curl<7.71.0 local-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-8177 curl<7.74.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-8284 curl<7.74.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8285 curl<7.74.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-8286 go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29509 go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29509 go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29510 go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29510 go114-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29511 go115-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-29511 firefox<84 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/ firefox78<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/ mozjs78<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/ tor-browser<10.0.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/ thunderbird<78.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/ go-hugo<0.79.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-26284 kitty<0.19.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35605 webmin-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35606 nagios-base-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-35269 opensmtpd<6.8.0p1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35679 opensmtpd<6.8.0p1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35680 gdk-pixbuf2<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29385 gobby<0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35450 libvorbis<1.3.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20412 pure-ftpd-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35359 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35376 openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27841 openjpeg<2.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-27842 openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27843 openjpeg<2.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-27844 openjpeg<2.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27845 php{56,71,72,73,74}-orangehrm<4.6.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-29437 binutils<2.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35448 binutils<2.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35493 binutils<2.34 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35494 binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35495 binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35496 binutils<2.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35507 dovecot<2.3.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-24386 dovecot<2.3.13 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25275 dropbear<2019.77 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2019-12953 ffmpeg4<4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35964 ffmpeg4<4.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35965 gdm<3.38.2.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-27837 go-text-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28851 go-text-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28852 icinga-base>=2<2.12.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-29663 mantis<2.24.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28413 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35849 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35474 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35475 mediawiki<1.35.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35477 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35478 mediawiki<1.35.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35479 mediawiki<1.35.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35480 modular-xorg-server<1.20.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25712 opendkim-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2020-35766 p11-kit<0.23.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-29361 p11-kit<0.23.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29362 p11-kit<0.23.22 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-29363 postsrsd<1.10 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35573 py{27,36,37,38,39}-autobahn<20.12.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-35678 py{27,36,37,38,39}-notebook<5.7.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-26275 qemu<4.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20808 qemu<5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-11947 php{56,72,73,74}-roundcube<1.4.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35730 ruby{25,26,27}-nokogiri<1.11.0 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2020-26247 vault<1.6.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2020-35177 vault<1.6.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35453 wavpack<5.4.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35738 wireshark>=3.4<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26422 xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29479 xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29479 xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29480 xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29480 xentools411<4.11.4nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29481 xentools413<4.13.2nb2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-29481 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29482 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29482 xentools411<4.11.4nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-29483 xentools413<4.13.2nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-29483 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29485 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29485 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29486 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29486 xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29566 xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29566 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29568 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29568 xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29570 xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29570 xenkernel411<4.11.4nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29571 xenkernel413<4.13.2nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29571 xentools411<4.11.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29484 xentools413<4.13.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29484 xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29487 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-29487 nodejs>=10<10.23.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265 nodejs>=12<12.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265 nodejs>=14<14.15.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-8265 nodejs>=10<10.23.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287 nodejs>=12<12.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287 nodejs>=14<14.15.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-8287 py{27,36,37,38,39}-cairosvg<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21236 ruby{25,26,27}-actionpack60>=6.0.0<6.0.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8264 wolfssl<4.6.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36177 php{56,72,73,74,80}-concrete5<8.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3111 vlc<3.0.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26664 cacti<1.2.17 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-35701 py{27,36,37,38,39}-cryptography<3.2 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25659 jenkins<2.263.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-21602 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21603 jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21604 jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21605 jenkins<2.263.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21606 jenkins<2.263.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21607 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21608 jenkins<2.263.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21609 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21610 jenkins<2.263.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21611 R<4.0.3 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-27637 py{27,36,37,38,39}-Pillow<8.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35653 py{27,36,37,38,39}-Pillow<8.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35654 py{27,36,37,38,39}-Pillow<8.1.0 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2020-35655 py{27,36,37,38,39}-m2crypto-[0-9]* timing-attack https://nvd.nist.gov/vuln/detail/CVE-2020-25657 ruby{25,26,27}-redcarpet<3.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-26298 sudo<1.9.5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-23239 sudo<1.9.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-23240 apache-tomcat<7.0.107 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122 apache-tomcat>=8.5<8.5.60 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122 apache-tomcat>=9.0<9.0.40 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-24122 elasticsearch>=7.7.0<7.10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22132 erlang>=23.2<23.2.2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-35733 php{56,72,73,74}-owncloud<10.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-16255 mysql-client<5.6.51 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-client>=5.7<5.7.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-client>=8.0<8.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-server<5.6.51 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-server>=5.7<5.7.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL mysql-server>=8.0<8.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25681 dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25682 dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25683 dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25684 dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25685 dnsmasq<2.83 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25686 dnsmasq<2.83 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25687 mutt<2.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3181 SDL2<2.0.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-14409 SDL2<2.0.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-14410 guacamole-server<1.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-11997 modular-xorg-server<1.20.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-14360 php{56,72,73,74}-pear<1.10.12nb2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-36193 py{27,36,37,38,39}-bottle<0.12.19 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-28473 py{27,36,37,38,39}-tornado-[0-9]* cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2020-28476 python27<2.7.18nb4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python36<3.6.13 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python37<3.7.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python38<3.8.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 python39<3.9.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3177 firefox<84.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ firefox78<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ mozjs78<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ tor-browser<10.0.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/ thunderbird<78.6.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-02/ firefox<85 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/ firefox78<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ mozjs78<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ tor-browser<10.0.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ moodle<3.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20183 moodle<3.10.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20184 moodle<3.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20185 moodle<3.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20186 moodle<3.10.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-20187 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36221 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36222 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36223 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36224 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36225 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36226 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36227 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36228 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36229 openldap-server<2.4.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36230 asterisk>=13.0<13.38.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-003.html asterisk>=16.0<16.15.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-003.html asterisk>=13.0<13.38.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-004.html asterisk>=16.0<16.15.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-004.html bitcoin-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3195 go114<1.14.14 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3114 go115<1.15.7 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3114 go114<1.14.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3115 go115<1.15.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3115 gst-plugins1-bad<1.16.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3185 jasper<2.0.25 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3272 jenkins<2.263.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21615 libgcrypt<1.9.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3345 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29603 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29604 mantis<2.24.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-29605 ImageMagick<7.0.10.62 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20176 ImageMagick6<6.99.11.62 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20176 apache-cassandra<2.2.20 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-17516 apache-cassandra>=3<3.11.24 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-17516 bitcoin<0.19.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3401 gitea<1.13.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3382 gnome-autoar<0.3.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-36241 mit-krb5-appl-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2019-25017 mit-krb5-appl-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-25018 nim<1.2.6 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2020-15690 opendoas>=6.6<6.8.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25016 openjpeg<2.4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27814 php{56,72,73,74}-nextcloud<20.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8293 php{56,72,73,74}-nextcloud<20.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-8294 php{56,72,73,74}-nextcloud<20.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-8295 py{36,37,38,39}-django>=2.2<2.2.18 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281 py{36,37,38,39}-django>=3.1<3.1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281 py{27,36,37,38,39}-jinja2<2.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28493 qemu<5.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-17380 qemu<5.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-29443 vault<1.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25594 vault<1.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3024 ruby{25,26,27}-mechanize<2.7.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-21289 sudo<1.9.5p2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-3156 wolfssl<4.7.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3336 xenkernel413<4.13.2nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3308 ruby{25,26,27}-activerecord52<5.2.4.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22880 ruby{25,26,27}-activerecord60<6.0.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22880 ruby{25,26,27}-actionpack60<6.0.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22881 asterisk<13.38.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35776 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35776 asterisk<13.82.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26712 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26712 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26713 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26717 asterisk<13.38.2 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26906 asterisk>=16<16.16.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26906 ImageMagick6<6.9.10.69 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27768 ImageMagick<7.0.9.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27768 autotrace-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19004 autotrace-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2019-19005 bind<9.11.28 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8625 bind>=9.12<9.16.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-8625 botan<2.17.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24115 dbus<1.12.20 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35512 elasticsearch<6.8.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-7021 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26220 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26221 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-26222 fluent-bit<1.7.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27186 fontforge<20200314 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-25690 glib2<2.66.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-27218 glib2<2.66.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-27219 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13574 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13575 gsoap<2.8.111 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13576 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13577 gsoap<2.8.111 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13578 isync<1.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20247 jasper<2.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26926 jasper<2.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26927 libcaca<0.99.20 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3410 libebml<1.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3405 libmysofa<1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36148 libmysofa<1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36149 libmysofa<1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36150 libmysofa<1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36151 libmysofa<1.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36152 libxls<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27819 libzip<1.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2019-17582 mantis<2.25.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-35571 mumble<1.3.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-27229 mupdf<1.19.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-3407 openscad<2021.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28599 openssl<1.0.2y protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2021-23839 openssl<1.1.1j integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23840 openssl<1.1.1j denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-23841 opnldap-server<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27212 php>=7.3<7.3.26 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7071 php>=7.4<7.4.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7071 php{56,72,73,74}-owncloud<10.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-10252 php{56,72,73,74}-owncloud<10.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10254 php{56,72,73,74}-owncloud<10.6 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-28644 php{56,72,73,74}-owncloud<10.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-28645 php{56,72,73,74}-owncloud<10.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36251 php{56,72,73,74}-owncloud<10.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36252 php73-soap<7.3.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21702 php74-soap<7.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21702 postgresql95-server<9.5.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql96-server<9.6.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql10-server<10.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql11-server<11.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql12-server<12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql13-server<13.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql95-server<9.5.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql96-server<9.6.21 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql10-server<10.16 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql11-server<11.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql12-server<12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 postgresql13-server<13.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20229 py{27,36,37,38,39}-channels<3.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-35681 py{27,36,37,38,39}-cryptography<3.3.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36242 python27<2.7.18nb4 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python36<3.6.13 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python37<3.7.10 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python38<3.8.8 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 python39<3.9.2 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-23336 py{27,36,37,38,39}-yaml<5.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-14343 py{27,36,37,38,39}-httplib2<0.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21240 thunderbird<78.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/ firefox<85.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/ firefox78<78.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/ mozjs78<78.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/ firefox<86 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/ firefox78<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/ mozjs78<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/ tor-browser<10.0.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/ thunderbird<78.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/ apache-tomcat>=8.5<8.5.63 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25122 apache-tomcat>=9.0<9.0.43 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25122 apache-tomcat>=7.0<7.0.108 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329 apache-tomcat>=8.5<8.5.63 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329 apache-tomcat>=9.0<9.0.43 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25329 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28601 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28636 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35628 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35636 dropbear<2020.79 validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-36254 grub2<2.06 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-14372 grub2<2.06 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-25632 grub2<2.06 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-25647 grub2<2.06 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27749 grub2<2.06 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-27779 grub2<2.06 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20225 grub2<2.06 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20233 jetty<9.4.36.20210219 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27223 libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3403 libytnef-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3404 mantis<2.24.5 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2009-20001 matrix-synapse<1.25.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21273 matrix-synapse<1.25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21274 mongodb<3.6.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25004 mongodb>=4.0<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25004 mongodb<3.6.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7929 mongodb>=4.0<4.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-7929 nats-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28466 nodejs>=10<10.24.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883 nodejs>=12<12.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883 nodejs>=14<14.16.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22883 nodejs>=10<10.24.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884 nodejs>=12<12.21.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884 nodejs>=14<14.16.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22884 openssh<8.5 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-28041 owncloudclient<2.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-28646 webkit-gtk<2.30.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0001.html glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21255 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21258 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21312 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21313 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21314 php{56,72,73,74,80}-nextcloud<20.0.0 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2020-8296 php{56,72,73,74,80}-nextcloud<20.0.6 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2021-22877 php{56,72,73,74,80}-nextcloud<20.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-22878 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27921 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27922 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27923 py{27,36,37,38,39}-aiohttp<3.7.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21330 py{27,36,37,38,39}-markdown2<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26813 qemu<6.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20203 redis<6.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21309 php{56,72,73,74,80}-roundcube<1.4.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-26925 salt<3002.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28243 salt<3002.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-28972 salt<3002.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-35662 salt<3002.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25281 salt<3002.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25282 salt<3002.5 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-25283 salt<3002.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-25284 salt<3002.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3144 salt<3002.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3148 salt<3002.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3197 screen<4.8.0nb4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26937 steghide-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-27211 stunnel<5.57 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20230 u-boot<2021.04 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-27097 u-boot<2021.04 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-27138 wireshark<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22173 wireshark<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22174 wpa_supplicant<2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27803 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27379 xterm<366 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27135 zabbix<4.0.28 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-27927 zstd<1.4.1 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-24031 zstd<1.4.9 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-24032 ap24-subversion<1.14.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17525 cairo<1.16.0nb4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35492 gitea<1.13.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28378 gnome-autoar<0.3.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28650 grafana<7.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27358 grub2<2.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3418 libmediainfo<20.03nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-26797 mariadb-server<10.4.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-27928 moodle<3.7.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-14828 moodle<3.7.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2019-14829 moodle<3.7.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14830 moodle<3.7.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2019-14831 moodle<3.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20279 moodle<3.10.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20280 moodle<3.10.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20281 moodle<3.10.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20282 moodle<3.10.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-20283 nats-server<2.2.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2021-3127 php{56,72,73,74,80}-concrete5<8.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28145 py{27,36,37,38,39}-Pillow<8.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25289 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25290 py{27,36,37,38,39}-Pillow<8.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25291 py{27,36,37,38,39}-Pillow<8.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25292 py{27,36,37,38,39}-Pillow<8.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25293 py{27,36,37,38,39}-pygments<2.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27291 py{27,36,37,38,39}-urllib3<1.26.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-28363 qemu<5.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3416 ruby{25,26,27,30}-kramdown<2.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-28834 squid4<4.14 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2020-25097 tor<0.4.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28089 tor<0.4.5.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28090 wireshark<3.4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22191 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20241 ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20241 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20243 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20244 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20245 ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20245 ImageMagick<7.0.10.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20246 ImageMagick6<6.9.11.62 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20246 elasticsearch>=7.6.0<7.11.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22134 git-base<2.30.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-21300 glib2<2.66.8 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-28153 gnutls<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-20231 gnutls<3.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-20232 webkit-gtk<2.30.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0002.html spamassassin<3.4.5 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1946 webkit-gtk<2.32.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0003.html ImageMagick<7.0.10.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27829 binutils<2.37 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20197 binutils<2.36 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20284 go115<1.15.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27918 go116<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27918 go116<1.16.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27919 gsoap-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21783 gtar-base<1.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20193 ircII<20210314 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29376 jasper<2.0.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3443 jasper<2.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3467 leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36277 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36278 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36279 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36280 leptonica<1.80.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-36281 libass<0.15.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-24994 libjpeg-turbo<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20205 libmicrohttpd<0.9.71 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3466 matrix-synapse<1.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21332 matrix-synapse<1.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21333 firefox<87 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/ firefox78<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ mozjs78<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ tor-browser<10.0.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/ thunderbird<78.9 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/ openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3474 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3475 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3476 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3477 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3478 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3479 openssl<1.1.1k remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3449 openssl<1.1.1k improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3450 php{56,73,74,80}-basercms<4.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20681 php{56,73,74,80}-basercms<4.4.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-20682 php{56,73,74,80}-basercms<4.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-20683 glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21324 glpi<9.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21325 glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21326 glpi<9.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21327 privoxy<3.0.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35502 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20210 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20211 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20212 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20213 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20214 privoxy<3.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20215 privoxy<3.0.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20216 privoxy<3.0.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20217 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20272 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20273 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20274 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20275 privoxy<3.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20276 py{27,36,37,38,39}-lxml<4.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28957 py{27,36,37,38,39}-pygments<2.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20270 p5-Data-Validate-IP<0.30 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-29662 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20255 qemu>=2.10.0<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3392 qemu<6.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3409 redis<6.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3470 rpm<4.16.1.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-20271 curl<7.76.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22876 curl<7.76.0 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-22890 jetty<9.4.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28165 jetty<9.4.39 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28163 jetty<9.4.39 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28164 openexr<3.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20296 php{56,72,73,74,80}-piwigo<11.4.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-27973 postgresql95-server<9.5.25 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql96-server<9.6.21 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql10-server<10.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql11-server<11.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql12-server<12.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 postgresql13-server<13.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3393 py{27,36,37,38,39}-django-registration<3.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21416 ruby{25,26,27,30}-redmine41<4.1.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29274 shibboleth-sp<3.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-28963 squid4-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28116 tiff<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35521 tiff<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35522 tiff<4.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35523 tiff<4.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35524 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20285 wpa_supplicant<2.10 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-30004 zeromq<4.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20234 zeromq<4.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20235 php{56,72,73,74,80}-typo3<10.4.14 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-21338 php{56,72,73,74,80}-typo3<10.4.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-21339 php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21340 php{56,72,73,74,80}-typo3<10.4.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-21355 php{56,72,73,74,80}-typo3<10.4.14 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-21357 php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21358 php{56,72,73,74,80}-typo3<10.4.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21359 php{56,72,73,74,80}-typo3<10.4.14 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-21370 ffmpeg3<3.4.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24995 htmldoc-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20308 libpano13-[0-9]* format-string https://nvd.nist.gov/vuln/detail/CVE-2021-20307 nettle<3.7.2 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2021-20305 ruby{25,26,27,30}-redmine41<4.1.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30164 ruby{25,26,27,30}-redmine40<4.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30164 ruby{25,26,27,30}-redmine41<4.1.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30163 ruby{25,26,27,30}-redmine40<4.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30163 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30158 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30157 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30154 p5-Net-Netmask<2.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29424 py{36,37,38,39}-django>=2.2<2.2.20 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658 py{36,37,38,39}-django>=3<3.0.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658 py{36,37,38,39}-django>=3.1<3.1.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-28658 ruby{25,26,27,30}-redmine41<4.1.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36308 ruby{25,26,27,30}-redmine40<4.0.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36308 ruby{25,26,27,30}-redmine41<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36307 ruby{25,26,27,30}-redmine40<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36307 ruby{25,26,27,30}-redmine41<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36306 ruby{25,26,27,30}-redmine40<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-36306 ruby{25,26,27,30}-redmine<3.4.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-25026 ruby{25,26,27,30}-redmine40>=4<4.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-25026 syncthing<1.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21404 gnuchess-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30184 jenkins<2.287 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21640 jenkins-lts<2.277.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21640 jenkins<2.287 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21639 jenkins-lts<2.277.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21639 file-roller<3.39.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-36314 ffmpeg4<4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30123 mosquitto>=2<2.0.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-28166 clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1405 clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1404 clamav<0.103.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-1252 exiv2<0.27.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3482 dnsmasq<2.85 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-3448 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30159 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30155 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30152 mediawiki<1.35.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-30156 ezxml-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30485 rust<1.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28879 rust<1.53 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28878 rust<1.51.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28877 rust<1.50.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28875 rust<1.49.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-36318 rust<1.52.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-28876 rust<1.49.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-36317 rust<1.2.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2015-20001 py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26272 py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26271 py{36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21254 ampache<4.4.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21399 binutils<2.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3487 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31229 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31347 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31348 fluidsynth<2.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-28421 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-28300 gradle<7.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29427 gradle<7.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-29428 gradle<7.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29429 libexif<0.6.23 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27815 #libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36120 # user error, see matrix-synapse<1.28.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21392 matrix-synapse<1.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21393 matrix-synapse<1.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21394 mongodb<3.6.21 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7924 mongodb>=4.0<4.2.11 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2020-7924 openjpeg<2.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29338 rust<1.19.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2017-20004 rust<1.29.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2018-25008 rust<1.50.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36323 rust<1.53.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-31162 wordpress<5.7.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-29447 wordpress<5.7.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29450 gstreamer1<1.18.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3498 gstreamer1<1.18.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3497 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31262 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-31261 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31260 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31259 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31257 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31258 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-31256 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31255 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31254 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30199 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30020 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30022 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30014 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30019 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30015 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29458 exiv2<0.27.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29457 py{36,37,38,39}-wagtail<2.12.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29434 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29279 php{56,72,73,74,80}-composer<2.0.13 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-29472 mysql-server>=5.7<5.7.34 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL mysql-server>=8.0<8.0.24 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL ampache<4.2.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15153 ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20228 apache-maven<3.8.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2021-26291 authelia<4.28.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-29456 bind<9.11.31 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25214 bind>=9.12<9.16.15 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25214 bind<9.11.31 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25215 bind>=9.12<9.16.15 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25215 bind<9.11.31 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25216 bind>=9.12<9.16.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25216 binutils<2.35.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20294 consul<1.9.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-25864 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29463 exiv2<0.27.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29464 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29470 exiv2<0.27.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-29473 ezxml-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-31598 fluidsynth<2.1.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21417 giflib-util-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23922 go-xz<0.5.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29482 gpac<1.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-23928 gpac<1.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23930 gpac<1.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-23931 gpac<1.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23932 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35979 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35980 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35981 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35982 graphviz<2.46.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-18032 jhead<3.06.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3496 libupnp<1.14.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29462 modular-xorg-server<1.20.11 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-3472 mongodb>=4.4<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20326 openjdk8<1.8.282 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA openjdk11<1.11.0.11 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixJAVA openvpn<2.5.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-15078 p5-Image-ExifTool<12.24 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22204 php{56,72,73,74,80}-orangehrm-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2021-28399 py{27,36,37,38,39}-django-filter<2.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15225 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-21391 rpm<4.17.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-20266 ruby{25,26,27,30}-bundler<2.2.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-36327 ruby{25,26,27,30}-redmine40<4.0.9 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-31863 ruby{25,26,27,30}-redmine41<4.1.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-31863 ruby{25,26,27,30}-redmine40<4.0.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31864 ruby{25,26,27,30}-redmine41<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31864 ruby{25,26,27,30}-redmine40<4.0.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31865 ruby{25,26,27,30}-redmine41<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-31865 ruby{25,26,27,30}-redmine40<4.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31866 ruby{25,26,27,30}-redmine41<4.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31866 ruby{25,26,27,30}-rexml<3.2.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-28965 salt<3002.7 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31607 samurai-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30218 samurai-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-30219 shibboleth-sp<3.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-31826 unbound<1.9.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2019-25031 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25032 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25033 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25034 unbound<1.9.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-25035 unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25036 unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25037 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25038 unbound<1.9.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25039 unbound<1.9.5 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2019-25040 unbound<1.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25041 unbound<1.9.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-25042 vault<1.6.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-27400 vault<1.6.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-29653 webmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-31760 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-31761 webmin-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-31762 wget-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31879 wireshark<3.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22207 exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-28007 exim4<4.94.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28008 exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28009 exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28010 exim4<4.94.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28011 exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28012 exim4<4.94.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28013 exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-28014 exim4<4.94.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-28015 exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28016 exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28017 exim4<4.94.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-28018 exim4<4.94.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28019 exim4<4.94.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-28020 exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28021 exim4<4.94.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28022 exim4<4.94.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-28023 exim4<4.94.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28024 exim4<4.94.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28025 exim4<4.94.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-28026 exim4<4.94.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-27216 ImageMagick<7.0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27769 ImageMagick6<6.9.10.69 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27769 ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20309 ImageMagick6<6.9.12.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20309 ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20310 ImageMagick<7.0.11.2 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-20311 ImageMagick<7.0.11.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20312 ImageMagick<7.0.11.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20313 ap24-modsecurity<3.0.4 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25043 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3502 bitcoin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31876 cyrus-imapd<3.2.7 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32056 php{56,73,74,80}-drupal>=7<7.70 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2020-13662 php{56,73,74,80}-drupal>=8<8.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-13664 php{56,73,74,80}-drupal>=8<8.9.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13665 php{56,73,74,80}-drupal>=7<7.73 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13666 php{56,73,74,80}-drupal>=8<8.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13666 elasticsearch<6.8.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22135 elasticsearch<6.8.15 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22137 exiv2<0.27.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29623 hivex<1.3.20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3504 libaom<3.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30473 libcares<1.17.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-14354 libexosip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32611 libxml2<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3537 mapserver<7.0.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32062 matrix-synapse<1.33.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29471 mutt>=1.11.0<2.0.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32055 neomutt>=20191025<20210504 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32055 nim<1.4.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-29495 openjpeg<2.4.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27823 openjpeg<2.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27824 openscad<2021.01 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-28600 php{56,73,74,80}-piwigo<11.5.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32615 prosody<0.11.9 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32917 prosody<0.11.9 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32918 prosody<0.11.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32919 prosody<0.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32920 prosody<0.11.9 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32921 py{36,37,38,39}-django>=2.2<2.2.21 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31542 py{36,37,38,39}-django>=3<3.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31542 py39-django>=2.2<2.2.22 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32052 py39-django>=3<3.2.2 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32052 py{27,36,37,38,39}-flask-caching-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33026 py{27,36,37,38,39}-impacket-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-31800 py{27,36,37,38,39}-octoprint<1.6.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32560 py{27,36,37,38,39}-octoprint<1.6.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32561 pycharm-bin<2020.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30005 #python27-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 #python36-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 #python37-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 python38<3.8.12 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 python39<3.9.5 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-29921 qemu<6.0.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-20181 qemu<6.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-20221 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3507 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32613 raptor-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25713 raptor2<2.0.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25713 redis<6.2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29477 redis<6.2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-29478 ruby{25,26,27,30}-puma<4.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29509 sabnzbd<3.2.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-29488 samba<4.14.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27840 samba<4.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20277 samba<4.14.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-20254 slurm-wlm<20.02.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31215 upx-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24119 xfce4-thunar<1.8.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32563 yara<4.0.4 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-3402 ansible<2.9.6 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2020-10729 ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20178 ansible<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20191 binutils<2.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3549 dmg2img-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32614 dmg2img-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3548 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20445 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20446 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20448 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20450 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20451 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20453 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21041 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22015 ffmpeg4<4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22016 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22017 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22019 ffmpeg4<4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22020 ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22021 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22022 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22023 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22024 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22025 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22026 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22027 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22028 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22029 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22030 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22031 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22032 ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22033 ffmpeg4<4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22034 ffmpeg4<4.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24020 fig2dev<3.2.8b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3561 go115<1.15.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31525 go116<1.16.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31525 go115<1.15.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-33194 go116<1.16.4 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-33194 gupnp<1.0.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33516 gupnp12<1.2.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33516 isc-dhcpd<4.4.2p1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25217 isc-dhclient<4.4.2p1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25217 libX11<1.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31535 libcaca<0.99.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30498 libcaca<0.99.20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30499 libvirt<6.2.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-10701 libvirt<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3559 libytnef<2.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2009-3721 #modular-xorg-server-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-25697 Design limitation of X11 nss<3.55 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-12403 pam-u2f<1.1.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-31924 glpi<9.5.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3486 pleaser<0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31153 pleaser<0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31154 pleaser<0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-31155 podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30469 podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30470 podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30471 podofo-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30472 privoxy<3.0.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20209 putty<0.75 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33500 qemu<6.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20196 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3527 ruby{25,26,27,30}-actionpack52<5.2.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885 ruby{25,26,27,30}-actionpack60<6.0.3.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885 ruby{25,26,27,30}-actionpack61<6.1.3.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22885 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28651 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28652 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28662 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31806 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31808 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30500 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30501 authelia<4.29.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32637 ettercap<0.7.5 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2010-3843 gama<2.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18395 gdk-pixbuf2<2.42.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-20240 libvirt<6.3.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14301 mariadb-server<10.4.15 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15180 mariadb-server>=10.5<10.5.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2020-15180 openldap-server<2.4.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25710 qemu<6.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35504 qemu<6.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35505 qemu<6.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-35506 radsecproxy<1.9.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32642 rsync<3.2.3nb1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2020-14387 spice-server<0.14.92 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20201 squid4<4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33620 zeromq<4.3.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20236 zeromq<4.3.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-20237 dino<0.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33896 libgcrypt<1.9.3 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-33560 nginx<1.13.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-20005 ntpsec-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22212 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23169 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23215 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26260 openexr<3.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26945 py{36,37,38,39}-django>=2.2<2.2.24 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33203 py{36,37,38,39}-django>=3<3.2.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-33203 py{36,37,38,39}-django>=2.2<2.2.24 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-33571 py{36,37,38,39}-django>=3<3.2.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-33571 rabbitmq<3.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22116 wireshark<3.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22222 # rejected #ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3532 # rejected #ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3533 apache>=2.4.6<2.4.48 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-17567 apache>=2.4.41<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-13950 apache<2.4.48 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35452 apache<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-26690 apache<2.4.48 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26691 apache>=2.4.39<2.4.48 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-30641 curl<7.77.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22898 curl<7.77.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22901 php{56,73,74,80}-drupal>=7<7.72 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-13663 php{56,73,74,80}-drupal>=8<8.9.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-13663 php{56,73,74,80}-drupal>=8<8.9.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13688 jetty<9.4.41 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28169 lrzip<0.640 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-25467 lrzip<0.640 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27345 lrzip<0.640 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27347 opendmarc-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34555 php{56,72,73,74,80}-nextcloud<20.0.10 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22915 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-33829 ripgrep<13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3013 ruby{25,26,27,30}-actionpack60<6.0.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22902 ruby{25,26,27,30}-actionpack61<6.1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22902 ruby{25,26,27,30}-actionpack61<6.1.3.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-22903 ruby{25,26,27,30}-actionpack52<5.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904 ruby{25,26,27,30}-actionpack60<6.0.3.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904 ruby{25,26,27,30}-actionpack61<6.1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22904 squid4<4.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-31807 xscreensaver<5.45nb4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34557 py{27,36,37,38,39}-mpmath-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-29063 thunderbird<78.9.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/ thunderbird<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/ firefox78<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ mozjs78<78.10 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ tor-browser<10.0.16 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/ firefox<88 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/ thunderbird<78.8.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-17/ firefox<88.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/ thunderbird<78.10.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/ firefox<89 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/ firefox78<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ mozjs78<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ tor-browser<10.0.17 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/ thunderbird<78.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-26/ # rejected #ImageMagick-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34183 ampache<4.4.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32644 djvulibre-lib<3.5.29 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-32490 djvulibre-lib<3.5.29 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32491 djvulibre-lib<3.5.29 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32492 djvulibre-lib<3.5.29 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32493 djvulibre-lib<3.5.29 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3500 jetty<9.4.41 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2021-34428 moodle-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21809 opengrok<1.6.9 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-2322 php{56,72,73,74,80}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-18670 php{56,72,73,74,80}-roundcube<1.4.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-18671 ruby{25,26,27,30}-bindata<2.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32823 dovecot<2.3.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-28200 dovecot<2.3.14.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-29157 dovecot<2.3.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33515 postsrsd<1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-35525 rabbitmq<3.8.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32718 rabbitmq<3.8.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32719 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21813 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21814 libredwg<0.10.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21815 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21816 libredwg<0.10.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21817 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21818 libredwg<0.10.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21819 libredwg<0.10.1.2665 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21827 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21830 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21831 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21832 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21833 libredwg<0.10.1.2699 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21834 libredwg<0.10.1.2699 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-21835 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21836 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21838 libredwg<0.10.1.2699 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21839 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21840 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21841 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21842 libredwg<0.10.1.2699 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21843 libredwg<0.10.1.2699 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-21844 libredwg<0.10.1.371 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23861 libredwg<0.12.3.4194 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-36080 SOGo<2.4.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2021-33054 SOGo>=3<5.1.1 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2021-33054 apache>=2.4.47<2.4.48 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-31618 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3468 cflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23856 djvulibre-lib<3.5.28 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3630 php{56,73,74,80}-drupal>=8<8.9.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13667 exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32617 fluent-bit<1.8.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-36088 htslib<1.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36403 jenkins<2.300 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-21670 jenkins<2.300 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2021-21671 keystone-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2020-36404 keystone-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-36405 kimageformats<5.83.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36083 libressl<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-25048 libressl<3.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-25049 mediawiki<1.36.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-35197 mediawiki<1.36.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36129 ndpi-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36082 py{36,37,38,39}-django>=3<3.2.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-35042 py{27,36,37,38,39}-urllib3<1.26.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33503 tesseract-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-36081 tor<0.4.6.5 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34548 tor<0.4.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34549 tor<0.4.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34550 unrar<5.6.1.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-20006 unrar<5.6.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-25018 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28692 zeromq<4.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36400 py{27,36,37,38,39}-Flask-User-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23401 moodle<3.7.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-14827 libxml2<2.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3518 websvn<2.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32305 mpv<0.33.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-30145 openldap-server<2.4.56 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25709 libxml2<2.9.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3517 rpm<4.16.1.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3421 prometheus<2.27.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-29622 python36<3.6.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 python37<3.7.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 python38<3.8.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 python39<3.9.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3426 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28906 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28904 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28903 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28902 libyang-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28905 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36332 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36331 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36330 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36329 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36328 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25014 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25013 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25012 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25011 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25010 libwebp<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25009 libxml2<2.9.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3516 nginx<1.20.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-23017 xdg-utils-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-27748 ffmpeg4<4.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-22036 ffmpeg4<4.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-22035 libjpeg-turbo<2.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-17541 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22040 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22044 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22041 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22039 ffmpeg4<4.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22043 ffmpeg4<4.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22038 ffmpeg4<4.4.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22037 ffmpeg4<4.4 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22042 py{27,36,37,38,39}-Pillow<8.2.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-28676 py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28678 py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28677 py{27,36,37,38,39}-Pillow<8.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28675 py{27,36,37,38,39}-Pillow<8.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25287 py{27,36,37,38,39}-Pillow<8.2.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-25288 qemu<6.1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3546 qemu<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3545 qemu<6.1.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3544 qemu<5.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27661 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3595 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3594 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3593 qemu<4.6.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3592 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35503 libraw<0.20.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24870 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22056 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22054 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22051 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22049 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22048 ffmpeg4-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-22046 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-12067 lrzsz-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10195 redis<6.2.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32625 ffmpeg4<4.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-33815 vault<1.6.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32923 lasso<2.7.0 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-28091 moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32244 putty<0.75 spoofing https://nvd.nist.gov/vuln/detail/CVE-2021-36367 php{56,72,73,74,80}-owncloud<10.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-29659 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32657 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32656 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32655 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32653 php{56,72,73,74,80}-nextcloud<21.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32654 gstreamer1<1.18.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3522 lz4<1.9.3nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3520 py{34,35,36,37,38,39}-websockets<9.1 password-exposure https://nvd.nist.gov/vuln/detail/CVE-2021-33880 jdom-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33813 quassel<0.14.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-34825 mantis<2.25.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33557 zziplib<0.13.72 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18442 openexr<3.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3598 libxml2<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3541 postgresql96<9.6.22 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql10<10.17 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql11<11.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql12<12.7 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 postgresql13<13.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-32027 libaom<3.1.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-30474 xdg-utils<1.1.3 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2015-1877 fuse<2.9.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-33805 py{36,37,38,39}-wagtail<2.12.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32681 ruby-addressable<2.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32740 go<1.0.2 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2012-2666 fossil<2.15.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36377 libaom<3.1.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30475 file<5.02 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2009-0947 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32705 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32703 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32688 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32680 php{56,72,73,74,80}-nextcloud<21.0.3 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32678 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32679 prometheus<2.50.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538 grafana<11 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538 apache-ant<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36373 apache-ant>=1.10<1.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36373 apache-ant<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36374 apache-ant>=1.10<1.10.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36374 apache-tomcat<8.5.65 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30639 apache-tomcat>=9.0<9.0.45 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30639 apache-tomcat<8.5.66 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30640 apache-tomcat>=9.0<9.0.46 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-30640 apache-tomcat<8.5.67 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-33037 apache-tomcat>=9.0<9.0.47 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-33037 bat<0.18.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36753 exiv2<0.27.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19715 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19716 fail2ban<0.11.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32749 go115<1.15.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34558 go116<1.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34558 icinga2<2.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-32739 icinga2<2.12.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32743 icingaweb2<2.8.3 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-32746 icingaweb2<2.8.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32747 jasper<2.0.17 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-27845 jetty<9.4.43 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34429 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3530 mbedtls<2.26.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24119 mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22885 mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22886 nodejs<12.22.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-22918 nodejs>=14<14.17.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-22918 php{56,72,73,74,80}-nextcloud<21.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32725 php{56,72,73,74,80}-nextcloud<21.0.3 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2021-32726 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32734 php{56,72,73,74,80}-nextcloud<21.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32741 py{27,36,37,38,39}-Pillow<8.3.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34552 quickjs<20200705 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22876 ruby26-base<2.6.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810 ruby27-base<2.7.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810 ruby30-base<3.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31810 eterm<0.9.6nb3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 mrxvt<0.5.4nb14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 rxvt<2.7.10nb9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 rxvt-unicode<9.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33477 wolfssl<4.8.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-24116 varnish>=5.0<6.6.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36740 consul<1.10.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36213 consul<1.10.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32574 gthumb3<3.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36427 mbedtls<2.24.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36426 mbedtls<2.24.0 invalid-crl-checks https://nvd.nist.gov/vuln/detail/CVE-2020-36425 mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36424 mbedtls<2.23.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36421 mbedtls<2.23.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36423 mbedtls<2.23.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36422 racket<8.2 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-32773 unicorn<1.0.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-36979 qpdf<10.3.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36978 matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36977 libarchive<3.6.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-36976 libsndfile<1.0.31nb1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3246 wireshark<3.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22235 unicorn-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36431 libass>=0.15<0.15.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36430 matio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36428 geckodriver<0.27.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-15660 aspell<0.60.8.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25051 gdal-lib<3.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25050 gradle<7.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32751 curl>=7.27<7.78 input-validation https://curl.se/docs/CVE-2021-22922.html wolfssl>=4.6<4.8.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-37155 php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-22150 php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-22148 mupdf<1.18.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19609 libheif<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19498 matio<1.5.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19497 gpac<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19488 gpac<0.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19481 libheif<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19499 mupdf<1.19.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-37220 redis<6.2.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32761 mysql-server>=5.7<5.7.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL mysql-server>=8.0<8.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL mysql-cluster<8.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixMSQL openjdk8<1.8.292 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixJAVA openjdk11<1.11.0.12 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2021.html#AppendixJAVA mosquitto>=1.6<2.0.11 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34431 mit-krb5<1.18.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-36222 ap{22,24}-auth-openidc<2.4.9 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-32786 ap{22,24}-auth-openidc<2.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32785 mongodb<4.2.10 inject-log-entries https://nvd.nist.gov/vuln/detail/CVE-2021-20333 elasticsearch<6.8.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22144 asterisk>=13.0<13.38.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html asterisk>=16.0<16.16.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html asterisk>=18.0<18.2.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-005.html asterisk>=16.0<16.16.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-006.html asterisk>=18.0<18.2.2 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-006.html asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-007.html asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-007.html asterisk>=13.0<13.38.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-008.html asterisk>=13.0<13.38.3 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html asterisk>=16.0<16.19.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html asterisk>=18.0<18.5.1 remote-denial-of-service https://downloads.asterisk.org/pub/security/AST-2020-009.html webkit-gtk<2.32.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0004.html ap24-auth-openidc<2.4.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-32791 ap24-auth-openidc<2.4.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32792 claws-mail<3.18.0 clickjacking https://nvd.nist.gov/vuln/detail/CVE-2021-37746 exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31291 exiv2<0.27.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-31292 fetchmail<6.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36386 go115<1.15.13 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-33195 go116<1.16.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-33195 go115<1.15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33196 go116<1.16.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33196 go115<1.15.13 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33197 go116<1.16.5 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-33197 go115<1.15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33198 go116<1.16.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33198 mosquitto<2.0.8 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34432 php{56,73,74,80}-pear<1.10.12nb5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32610 php{56,73,74,80}-concrete5-[0-9]* php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36766 powerdns>=4.5.0<4.5.1 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36754 prosody>=0.11.0<0.11.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37601 py{27,36,37,38,39}-Glances<3.2.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-23418 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3673 ruby26-base<2.6.8 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799 ruby27-base<2.7.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799 ruby30-base<3.0.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-31799 ruby26-base<2.6.8 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066 ruby27-base<2.7.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066 ruby30-base<3.0.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-32066 vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25801 vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25802 vlc<3.0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-25803 vlc<3.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25804 libfetch-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36159 courier-mta<1.1.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-38084 gd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38115 ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38114 gpac<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22352 gpac<1.0.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24829 ruby{25,26,27,30}-redmine42<4.2.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37156 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3682 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36584 ffmpeg4<4.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-3566 curl>=7.33<7.78 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22926 curl>=7.7<7.78 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2021-22925 curl>=7.27<7.78 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-22923 curl>=7.10.4<7.78 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22924 thunderbird<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/ tor-browser<10.5.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/ firefox78<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/ mozjs78<78.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-29/ firefox<90 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-28/ firefox<89.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-27/ lynx<2.8.9.1nb5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38165 rust<1.53.0 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29922 gcpio-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38185 go115-[0-9]* access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29923 go116-[0-9]* access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-29923 libcares<1.17.2 invalid-validation https://c-ares.haxx.se/adv_20210810.html alpine<=2.24 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38370 exim4-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38371 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32815 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34334 exiv2<0.27.5 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-34335 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37615 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37616 exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37618 exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37619 exiv2<0.27.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-37620 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37621 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37622 exiv2<0.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37623 ffmpeg4<4.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-21688 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21697 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21675 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21676 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21678 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21680 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21681 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21682 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21683 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21684 go115<1.15.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36221 go116<1.16.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36221 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32437 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32438 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32439 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32440 libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21677 perl>=5.32.0<5.34.0nb3 code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36770 php{56,72,73,74,80}-typo3<7.6.53 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32768 py{27,36,37,38,39}-notebook<6.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32798 qt5-qtbase<5.14.1 code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24741 qt5-qtbase<5.14.0 code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-24742 qt5-qtbase<5.15.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38593 trojita-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-38372 tor<0.4.6.7 denial-of-service https://lists.torproject.org/pipermail/tor-announce/2021-August/000228.html ffmpeg4<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38291 libspf2<1.2.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20314 nodejs<12.22.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22931 nodejs>=14<14.17.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-22931 nodejs<12.22.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22939 nodejs>=14<14.17.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22939 nodejs<12.22.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22940 nodejs>=14<14.17.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22940 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32808 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32809 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-37695 vault<1.8.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2021-38553 vault<1.8.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38554 wolfssl<4.8.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-38597 firefox<91 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/ tor-browser<10.5.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/ firefox78<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/ mozjs78<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-35/ thunderbird<78.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-36/ firefox<91.01 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/ xmill-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21810 haproxy>=2.2<2.2.16 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242 haproxy>=2.3<2.3.13 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242 haproxy>=2.4<2.4.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2021-39242 haproxy>=2.0<2.0.24 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.2<2.2.16 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.3<2.3.13 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.4<2.4.3 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39241 haproxy>=2.2<2.2.16 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240 haproxy>=2.3<2.3.13 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240 haproxy>=2.4<2.4.3 bypass-protection https://nvd.nist.gov/vuln/detail/CVE-2021-39240 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21861 gpac-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21859 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21860 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21862 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21858 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21857 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21855 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21856 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21854 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21853 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21852 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21851 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21847 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21846 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21845 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21844 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21839 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21843 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21838 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21837 apache-roller<6.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33580 bind>=9.16<9.16.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25218 xmill-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-21825 xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21828 xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21827 xmill-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21826 icinga2<2.12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-37698 ruby{25,26,27}-nexpose<6.6.96 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-31868 apr>=1.7.0<1.7.0nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-35940 exiv2<0.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18899 exiv2<0.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18898 libgda-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39359 libgfbgraph-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39358 grilo<0.3.14 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39365 mbedtls<2.25.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2020-36478 mbedtls<2.24.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2020-36477 mbedtls<2.24.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36476 mbedtls<2.25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36475 mit-krb5<1.18.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-37750 ffmpeg4<4.4.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38171 # not reproducible? https://github.com/Exiv2/exiv2/issues/759 #exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18774 # not reproducible? https://github.com/Exiv2/exiv2/issues/760 #exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18773 exiv2<0.27.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18771 plib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38714 sqlite3<3.36.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36690 knot<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40083 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 diylc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 diylc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 diylc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 diylc-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 clion-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 clion-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 clion-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 clion-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 intellij-ce-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 intellij-ce-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 intellij-ce-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 intellij-ce-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 intellij-ue-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 intellij-ue-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 intellij-ue-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 intellij-ue-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 phpstorm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 phpstorm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 phpstorm-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 phpstorm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 pycharm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 pycharm-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 pycharm-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 pycharm-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 rubymine-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 rubymine-bin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 rubymine-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 rubymine-bin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39154 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39153 aipo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39152 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39151 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39148 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39149 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39147 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39146 aipo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39150 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39145 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39144 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39141 aipo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39140 aipo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39139 openssl>=1.1<1.1.1l buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3711 openssl<1.1.1l denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3712 php{56,73,74,80}-basercms-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39136 qemu<6.2.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3713 openexr<3.0.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3605 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21850 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21849 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21848 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21842 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21841 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21840 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21836 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21835 tcpreplay<4.3.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18976 nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18974 podofo<0.9.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-18972 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21834 podofo<0.9.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18971 squashfs<4.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-40153 cacti<1.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-23226 py{27,34,35,36,37,38,39}-mezzanine-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-19002 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28700 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28700 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28699 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28699 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28698 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28697 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28695 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28696 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28694 fetchmail<6.4.22 side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-39272 tor>=0.4.6<0.4.6.7 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38385 tor<0.4.5.10 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38385 mc<4.8.27 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36370 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35634 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35633 cgal<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35635 git-base<2.30.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40330 mosquitto-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-34434 matrix-synapse<1.41.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39164 matrix-synapse<1.41.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39163 libssh<0.9.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3634 xmill-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-21811 cyrus-imapd<2.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33582 cyrus-imapd>=3.0<3.0.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33582 ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffmpeg2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffmpeg3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffplay2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffplay3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 ffplay4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 inetutils<2.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40491 py{27,34,35,36,37,38,39}-Pillow<8.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-23437 ap{22,24}-auth-openidc<2.4.9.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-39191 pure-ftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40524 weechat<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40516 botan-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40529 consul<1.8.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-37219 consul<1.8.15 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-38698 cryptopp<8.6.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40530 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33285 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33286 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33287 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33289 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35266 fuse-ntfs-3g<2021.8.22 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35267 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35268 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-35269 fuse-ntfs-3g<2021.8.22 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39251 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39252 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39253 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39254 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39255 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39256 fuse-ntfs-3g<2021.8.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39257 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39258 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39259 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39260 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39261 fuse-ntfs-3g<2021.8.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-39262 fuse-ntfs-3g<2021.8.22 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39263 libgcrypt<1.9.4 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40528 php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35947 php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35949 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19131 vim<8.2.3402 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3770 php{56,72,73,74,80}-owncloud<10.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35946 php{56,72,73,74,80}-owncloud<10.8.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-35948 php{56,72,73,74,80}-nextcloud<22.1.0 remote-security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32802 php{56,72,73,74,80}-nextcloud<22.1.0 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-32801 php{56,72,73,74,80}-nextcloud<22.1.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-32800 gifsicle<1.93 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-19752 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19751 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19750 salt<3003.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22004 salt<3003.3 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21996 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19144 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19143 wordpress>=5.0<5.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39201 wordpress>=5.2<5.8.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39200 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33366 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33364 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33362 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32137 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32136 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32135 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32134 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32132 squashfs-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-41072 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33365 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33363 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32138 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-32139 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33361 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21050 libsixel<1.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21049 libsixel<1.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21048 gd<2.3.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40812 ImageMagick<7.1.0.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-39212 glpi>=9.2<9.5.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-39211 glpi>=9.1<9.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39213 glpi<9.5.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39210 glpi<9.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-39209 vim<8.2.3428 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3796 vim<8.2.3409 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3778 elasticsearch<7.14.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22147 fig2dev<3.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21535 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21534 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21533 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21532 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21531 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21530 fig2dev<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21529 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21606 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21605 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21602 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21604 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21603 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21601 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21600 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21597 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21599 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21598 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21596 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21595 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21594 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701 xenkernel415<4.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28701 apache-tomcat>=8.5<8.5.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41079 apache-tomcat>=9.0<9.0.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41079 apache<2.4.49 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-40438 apache<2.4.49 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39275 mitmproxy<7.0.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-39214 apache<2.4.49 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-34798 apache>=2.4.30<2.4.49 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36160 libsixel<1.8.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21548 libsixel<1.8.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21547 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39598 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39597 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39595 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39596 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39594 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39593 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39592 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39591 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39585 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39588 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39590 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39583 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39589 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39579 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39587 swftools-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39582 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39584 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39577 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39574 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39575 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39569 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39562 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39564 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39561 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39563 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39553 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39559 swftools-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-39558 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39557 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39555 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39556 swftools-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39554 ncurses<6.2nb4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39537 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39530 libredwg<0.10.1.3768 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-39528 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39527 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39525 libredwg<0.10.1.3768 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-39522 libredwg<0.10.1.3768 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39523 libredwg<0.10.1.3773 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39521 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38094 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38093 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38092 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38091 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38089 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-38090 libgig-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32294 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32278 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32277 fig2dev<3.2.7b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32280 faad2<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32276 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32273 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32274 faad2<2.10.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32272 gpac-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32271 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32270 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32269 gpac-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-32268 icu<67.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-21913 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20901 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20900 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20899 ffmpeg4-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-20902 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20897 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20898 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20896 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20895 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20894 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20893 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20891 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20892 #redis-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21468 Disputed, see https://github.com/redis/redis/issues/6633 #openssh-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2016-20012 Documented configuration setting tcpreplay<4.3.3 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23273 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23269 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23266 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23267 php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22953 php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-22950 php{56,73,74,80}-concrete5<8.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22949 elvish<0.14.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-41088 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40100 php{56,73,74,80}-concrete5<8.5.6 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2021-40102 php{56,73,74,80}-concrete5<8.5.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40099 php{56,73,74,80}-concrete5<8.5.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40109 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40108 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40106 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40105 php{56,73,74,80}-concrete5<8.5.6 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-40103 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40104 php{56,73,74,80}-concrete5<8.5.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40098 php{56,73,74,80}-concrete5<8.5.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40097 py{27,34,35,36,37,38,39}-nltk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3828 py{27,34,35,36,37,38,39}-inflect-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3820 ruby{25,26,27}-nokogiri<1.12.5 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2021-41098 ansible-base<2.12.0nb1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2021-3583 curl>=7.73.0<7.79.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-22945 libressl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41581 #tor-browser-[0-9]* excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246 The logging is by tor, not tor-browser tor<0.4.6.10 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246 openssh>=6.2<8.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-41617 apache>=2.4.49<2.4.50 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41524 apache>=2.4.49<2.4.50 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-41773 apache>=2.4.49<2.4.51 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-42013 ardour<6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-22617 curl<7.79.0 protocol-downgrade https://nvd.nist.gov/vuln/detail/CVE-2021-22946 curl<7.79.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-22947 grafana<8.1.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-39226 hiredis<1.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32765 mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42040 mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-42041 mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-42043 nodejs<12.22.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22930 nodejs>=14<14.17.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-22930 gajim<1.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41055 libreoffice<7.1.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25633 mediawiki<1.36.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41798 mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41799 mediawiki<1.36.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41800 php>=7.3<7.3.31 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705 php>=7.4<7.4.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705 php>=8.0<8.0.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-21705 php{56,73,74,80}-concrete5<8.5.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-22958 php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41461 php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41462 php{56,73,74,80}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41465 postgresql96-server<9.6.22 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql10-server<10.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql11-server<11.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql12-server<12.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql13-server<13.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32028 postgresql11-server<11.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029 postgresql12-server<12.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029 postgresql13-server<13.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32029 py{36,37,38,39,310}-scrapy<2.5.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41125 redis<6.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32626 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32627 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32628 redis<6.2.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32672 redis<6.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32675 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32687 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32762 redis<6.2.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41099 vault<1.8.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-41802 vault<1.8.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42135 tinyxml-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42260 ruby{25,26,27,30}-redmine41<4.1.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42326 ruby{25,26,27,30}-redmine42<4.2.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42326 ruby{25,26,27,30}-puma<4.3.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-41136 ruby{25,26,27,30}-puma>=5<5.5.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2021-41136 heimdal<7.7.0nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3671 libreoffice>=7.0<7.0.6 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25634 libreoffice>=7.1<7.1.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25634 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22679 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22678 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22677 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22675 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22673 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22674 apache-tomcat>=9.0.40<9.0.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-42340 apache-tomcat>=8.5.60<8.5.71 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-42340 couchdb<3.1.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-38295 vim<8.2.3489 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3875 rt4<4.2.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-38562 freeswitch<1.10.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-36513 go116<1.16.9 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38297 go117<1.17.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-38297 ruby{25,26,27,30}-actionpack60<6.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22942 ruby{25,26,27,30}-actionpack61<6.1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-22942 mysql-client>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL mysql-cluster>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL mysql-server>=5.7<5.7.36 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL mysql-server>=8.0<8.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2021.html#AppendixMSQL openjdk8<1.8.302 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-35550 openjdk11<1.11.0.13 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2021-35550 freerdp<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-41159 freerdp<2.4.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-41160 mailman<2.1.35 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42096 mailman<2.1.35 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-42097 php56-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php71-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php72-fpm-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php73-fpm<7.3.31 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php74-fpm<7.4.25 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 php80-fpm<8.0.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-21703 py{27,36,37,38,39}-babel<2.9.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-42771 qutebrowser<2.4.0 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-41146 vim<8.2.3487 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3872 php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179 php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179 php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41179 php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178 php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178 php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41178 php{56,71,72,73,74,80}-nextcloud>=20<20.0.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177 php{56,71,72,73,74,80}-nextcloud>=21<21.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177 php{56,71,72,73,74,80}-nextcloud>=22<22.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41177 websvn-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-2195 libmysofa<1.2.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3756 calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4126 calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4124 calibre<2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2011-4125 vim<8.2.3564 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3903 firefox<92 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-38/ firefox78<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/ tor-browser<10.5.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/ mozjs78<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-39/ firefox91<91.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-40/ thunderbird<78.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-42/ firefox<93 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/ tor-browser<10.5.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/ firefox78<78.15 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/ mozjs78<78.15 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/ firefox91<91.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/ jenkins<2.303.2 multiple-vulnerabilities https://www.jenkins.io/security/advisory/2021-11-04/ bind>=9.16<9.16.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-25219 htmldoc<1.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40985 grafana>=8.0.0<8.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41174 libxls-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27836 libheif<1.7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23109 #cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-43398 vim<8.2.3581 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3928 vim<8.2.3582 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3927 go116<1.16.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41772 go117<1.17.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41772 go116<1.16.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-41771 go117<1.17.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-41771 speex<1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23903 belle-sip<5.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43611 belle-sip<5.0.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43610 mailman<2.1.36 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43331 mailman<2.1.36 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-43332 cacti<1.2.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14424 grafana>=8<8.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41244 puppet<7.12.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-27025 puppet<7.12.1 possible-data-leak https://nvd.nist.gov/vuln/detail/CVE-2021-27023 wireshark>=3.4<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39920 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39928 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39929 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39926 wireshark<3.4.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-39925 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39924 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39923 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39922 wireshark<3.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39921 py{27,36,37,38,39}-pip<21.1 data-manipulation https://nvd.nist.gov/vuln/detail/CVE-2021-3572 gocr-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33481 gocr-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33480 gocr-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33479 php{56,72,73,74,80}-roundcube<1.4.12 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-44026 php{56,72,73,74,80}-roundcube<1.4.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44025 vim<8.2.3612 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3974 vim<8.2.3611 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3973 vim<8.2.3611 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3968 gmp<6.2.1nb1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43618 ImageMagick<7.1.0.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3962 quagga<1.2.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-44038 librecad-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21900 librecad-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-21899 librecad-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-21898 pgbouncer<1.16.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-3935 isync-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44143 ffmpeg4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23906 json-schema<0.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3918 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41165 py{27,36,37,38,39}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-41164 gerbv-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-40391 npm-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43616 moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43559 moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43559 moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43560 moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43560 moodle<3.9.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3943 moodle>=3.10<3.10.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3943 moodle<3.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43558 moodle>=3.10<3.10.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43558 #lua51-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 #lua52-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 lua53<5.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 lua54<5.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 matrix-synapse<1.47.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-41281 libcares<1.17.2 dns-hijacking https://nvd.nist.gov/vuln/detail/CVE-2021-3672 wordpress<5.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44223 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28704 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28707 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28705 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28706 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28709 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28708 php{56,73,74,80}-basercms<4.5.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-41279 php{56,73,74,80}-basercms<4.5.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-41243 flif<0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14232 libaom<3.2.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36129 libaom<2.1.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36130 libaom<2.1.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36131 libaom<3.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36133 libaom<2.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36134 libaom<2.1.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-36135 mailman<2.1.38 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-44227 mosquitto<2.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41039 php{56,73,74,80}-concrete5<8.5.7 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40101 vault<1.8.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43998 vim<8.2.3625 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3984 vim<8.2.3669 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4019 binutils<2.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-37322 php>=7.3<7.3.33 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707 php>=7.4<7.4.26 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707 php>=8.0<8.0.13 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-21707 grafana>=8.0<8.0.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 grafana>=8.1<8.1.8 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 grafana>=8.2<8.2.7 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 grafana>=8.3<8.3.1 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43798 php-7.3.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal-8.[0-9]* eol https://www.drupal.org/psa-2021-11-30 thunderbird<91.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/ firefox<94 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/ firefox91<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-48/ firefox<94 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/ firefox91<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-49/ thunderbird<91.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-50/ firefox<95 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-52/ firefox91<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-52/ firefox91<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-53/ thunderbird<91.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2021-54/ ruby{25,26,27,30}-bundler<2.2.33 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43809 php{56,73,74,80}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-40313 calibre<5.32.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44686 tmate-[0-9]* session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-44513 tmate-[0-9]* session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-44512 grafana<7.5.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43813 grafana>=8.3<8.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43813 vim<8.2.3741 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4069 grafana<7.5.12 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43815 grafana>=8.3<8.3.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2021-43815 nss<3.73 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-43527 py{36,37,38,39,310}-django>=2.2<2.2.25 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{36,37,38,39,310}-django>=3.1<3.1.14 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{36,37,38,39,310}-django>=3.2<3.2.10 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{27,36,37,38,39,310}-lxml<4.6.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43818 webkit-gtk<2.32.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0005.html webkit-gtk<2.34.1 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0006.html webkit-gtk<2.34.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2021-0007.html teeworlds-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43518 php{56,73,74,80}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40882 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45088 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45086 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45087 epiphany<41.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45085 vault>=1.4.0<1.9.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45042 p5-CPAN-Checksums-[0-9]* incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16155 p5-App-cpanminus-[0-9]* incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16154 perl<5.35.7 incorrect-signature-verification https://nvd.nist.gov/vuln/detail/CVE-2020-16156 binutils<2.37nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45078 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45038 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44857 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44858 py{27,34,35,36,37,38,39,310}-numpy<1.23.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41496 py{27,34,35,36,37,38,39,310}-numpy<1.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34141 py{27,34,35,36,37,38,39,310}-numpy<1.22.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41495 py{27,34,35,36,37,38,39,310}-numpy<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33430 vim<8.2.3847 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4136 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45038 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44857 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44858 vim<8.2.3847 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4136 mbedtls>=2<2.28.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-44732 apache<2.4.52 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44790 apache>=2.4.7<2.4.52 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44224 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4011 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4010 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4009 modular-xorg-server<1.20.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4008 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45292 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45289 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45288 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45291 binaryen<104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45293 binaryen<104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45290 mbedtls<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45451 mbedtls<2.28.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45450 assimp<5.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45948 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45951 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45952 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45953 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45954 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45955 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45956 dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45957 e2guardian-[0-9]* man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-44273 expat<2.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45960 gdallib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45943 gegl<0.4.34 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-45463 gerbv<2.8.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-40393 gerbv<2.8.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40394 ghostscript-agpl<9.54 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-45944 ghostscript-agpl<9.55.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45949 giftrans-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45972 gnuplot-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44917 go116<1.16.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44716 go117<1.17.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44716 go116<1.16.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-44717 go117<1.17.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-44717 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44918 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44919 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44920 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44921 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44922 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44923 gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-44924 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44925 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44926 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44927 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45258 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45259 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45260 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45262 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45263 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45266 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45267 gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-45297 harfbuzz<2.9.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45931 libredwg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45950 mongodb<4.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20330 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45256 nasm-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-45257 openexr<3.1.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45942 patch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45261 py{27,36,37,38,39,310}-celery<5.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-23727 py{27,36,37,38,39,310}-nltk<3.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43854 py{27,36,37,38,39,310}-ujson-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45958 qt5-qtsvg<5.12.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930 qt6-qtsvg<6.2.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930 ruby26-base<2.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817 ruby27-base<2.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817 ruby30-base<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41817 ruby26-base<2.6.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819 ruby27-base<2.7.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819 ruby30-base<3.0.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41819 unicorn<2.0.0rc5 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-44078 vim<8.2.3884 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4166 vim<8.2.3902 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4173 vim<8.2.3923 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4187 vim<8.2.3949 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-4192 vim<8.2.3950 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4193 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4181 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4182 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4183 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4184 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4185 wireshark<3.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4186 wireshark<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4190 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45829 py{27,36,37,38,39,310}-nltk<3.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3842 tcpslice<1.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41043 php{56,72,73,74,80}-roundcube<1.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46144 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46143 uriparser<0.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46142 uriparser<0.9.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46141 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46038 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45832 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45833 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-45831 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45830 lighttpd>=1.4.46<1.4.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22707 vim<8.2.4009 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0128 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44591 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44590 wordpress<5.8.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21664 wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21662 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46044 wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21663 wordpress<5.8.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-21661 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46043 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46042 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46041 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46040 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46039 kubectl<1.26.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25743 py{36,37,38,39,310}-django>=2.2<2.2.26 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{36,37,38,39,310}-django>=3.2<3.2.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{36,37,38,39,310}-django>=4<4.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{36,37,38,39,310}-django>=2.2<2.2.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{36,37,38,39,310}-django>=3.2<3.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{36,37,38,39,310}-django>=4<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{36,37,38,39,310}-django>=2.2<2.2.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 py{36,37,38,39,310}-django>=3.2<3.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 py{36,37,38,39,310}-django>=4<4.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 tiff<4.3.0nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-22844 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22827 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22826 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22825 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22824 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22823 expat<2.4.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22822 py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22817 py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22816 py{27,34,35,36,37,38,39,310}-Pillow<9.0.0 uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2022-22815 vim<8.2.4049 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0158 vim<8.2.4040 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0156 mediawiki<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46150 mediawiki<1.36.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46149 mediawiki<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46147 mediawiki<1.36.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-46148 mediawikit<1.36.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46146 vim<8.2.3883 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46059 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46051 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46049 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-46047 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46045 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46046 htmldoc<1.9.14 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-43579 ruby{25,26,27,30}-actionpack60<6.0.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-44528 ruby{25,26,27,30}-actionpack61<6.1.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-44528 phoronix-test-suite-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0157 clamav<0.103.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20698 fig2dev<3.2.8b double-free https://nvd.nist.gov/vuln/detail/CVE-2021-37529 fig2dev<3.2.8b denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37530 gdk-pixbuf2<2.42.9 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44648 gpac<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-25427 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36412 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36414 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36417 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40559 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40562 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40563 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40564 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40565 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40566 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40567 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40568 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40569 gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40570 gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40571 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40572 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40573 gpac-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-40574 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40575 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40576 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45760 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45762 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45763 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45764 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45767 guacamole-server<1.4.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41767 guacamole-server<1.4.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-43999 jenkins<2.330 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-20612 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-35452 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36408 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36409 libde265<1.0.9 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36410 libde265<1.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36411 lua54<5.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44647 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46048 binaryen-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46050 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46052 binaryen-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46053 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46054 binaryen<105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46055 phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0196 phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0197 phoronix-test-suite-[0-9]* cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0238 radare2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0173 samba<4.13.16 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2021-43566 spin-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-46168 vim<8.2.4074 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0213 wpa_supplicant<2.10 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23303 wpa_supplicant<2.10 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23304 zabbix<5.4.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23131 zabbix<5.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23132 zabbix<5.4.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23133 zabbix<5.4.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23134 webkit-gtk<2.34.4 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0001.html polkit<0.120nb2 local-privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-4034 mysql-cluster>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL mysql-server>=5.7<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL mysql-server>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2022.html#AppendixMSQL openjdk8<1.8.313 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA openjdk11<1.11.0.14 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA apache-tomcat<8.5.75 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23181 apache-tomcat>=9<9.0.58 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-23181 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-23225 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-26247 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-3816 duktape-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46322 expat<2.4.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23852 expat<2.4.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23990 gcc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46195 go116<1.16.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39293 go117<1.17.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-39293 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46234 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46236 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46237 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46238 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46239 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46240 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46311 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46313 grafana<8.3.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-21673 hdf5-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46242 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46243 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46244 ldns<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-19860 ldns<1.8.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-19861 librecad-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45341 librecad-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45342 librecad-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45343 libsixel<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45340 libspf2<1.2.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-33912 mariadb-server>=10.4<10.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server>=10.5<10.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server>=10.6<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server>=10.4<10.4.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server>=10.5<10.5.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server>=10.6<10.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 mariadb-server>=10.6<10.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 moodle<3.11.5 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0332 moodle<3.11.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-0333 moodle<3.11.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0334 moodle<3.11.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-0335 py{36,37,38,39,310}-wagtail<2.15.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21683 vim<8.2.4120 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0261 wolfssl>=5<5.1.1 side-channel https://nvd.nist.gov/vuln/detail/CVE-2022-23408 py{36,37,38,39,310}-loguru<0.6.0 remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0329 vim<8.2.4151 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0318 php{56,70,71,72,73,74,80}-phpmyadmin<4.9.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23807 xerces-j<2.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23437 vim<8.2.4206 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-0351 vim<8.2.4217 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0368 vim<8.2.4215 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0361 vim<8.2.4214 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0359 vim<8.2.4233 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0393 vim<8.2.4218 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0392 vim<8.2.4253 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0413 vim<8.2.4247 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0408 vim<8.2.4219 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0407 vim<8.2.4245 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0417 rust>=1<1.58.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-21658 p5-Image-ExifTool<12.38 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23935 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034 xenkernel411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23035 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23034 xenkernel415<4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23033 varnish>=6.0<6.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23959 varnish>=7.0<7.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23959 qemu<6.2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4145 protobuf<3.15.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-22570 tightvnc-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23967 glpi<9.5.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-21720 glpi<9.5.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21719 php{56,73,74,80}-piwigo<2.8.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-3735 xterm<370 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24130 py{27,34,35,36,37,38,39,310}-treq<22.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23607 h2o-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-43848 zabbix-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-46088 minetest<5.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24301 minetest<5.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24300 jhead-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26208 vim<8.2.4281 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0443 py{36,37,38,39,310}-django>=2.2<2.2.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{36,37,38,39,310}-django>=3.2<3.2.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{36,37,38,39,310}-django>=4.0<4.0.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{36,37,38,39,310}-django>=2.2<2.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{36,37,38,39,310}-django>=3.2<3.2.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{36,37,38,39,310}-django>=4.0<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{27,36,37,38,39,310}-ipython>=6.0.0<7.16.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699 py{27,36,37,38,39,310}-ipython>=7.17.0<7.31.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699 py{27,36,37,38,39,310}-ipython>=8.0.0<8.0.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21699 mariadb-server>=10.6<10.6.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server>=10.5<10.5.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server>=10.4<10.4.25 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server>=10.6<10.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 mariadb-server>=10.5<10.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 mariadb-server>=10.4<10.4.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 openssl>=1.1.1<1.1.1m unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2021-4160 mariadb-server<10.4.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667 mariadb-server>=10.5.0<10.5.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667 mariadb-server>=10.6.0<10.6.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46667 mariadb-server<10.4.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666 mariadb-server>=10.5.0<10.5.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666 mariadb-server>=10.6.0<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46666 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24249 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4043 gerbv-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40403 gerbv-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-40401 mongodb<4.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32036 apache-cassandra<3.0.26 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-44521 atheme<7.2.12 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24976 drupal<9.0.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13668 drupal<9.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13669 drupal<9.0.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-13670 drupal<9.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13672 drupal<9.2.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13675 drupal<9.2.6 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-13677 gitea<1.7.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-45325 gitea<1.5.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-45326 gitea<1.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45327 gitea<1.4.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-45328 gitea<1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45329 gitea<1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45330 gitea<1.5.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45331 go116<1.16.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23772 go117<1.17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23772 go116<1.16.14 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-23773 go117<1.17.7 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-23773 go116<1.16.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23806 go117<1.17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23806 gradle<7.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-23630 grafana<8.3.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-21702 grafana<8.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-21703 grafana<8.3.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-21713 htmldoc<1.9.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0534 jenkins<2.334 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0538 kate<21.12.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23853 # "can't be fixed" according to https://bugzilla.redhat.com/show_bug.cgi?id=2054686 #git-base-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24975 php{56,73,74,80,81}-concrete5<9.0 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-22954 php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-45357 py{27,36,37,38,39,310}-twisted<22.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-21712 python36<3.6.14 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python37<3.7.11 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python38<3.8.11 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python39<3.9.5 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 python310<3.10.0 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-0391 radare2<5.6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0139 radare2<5.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0519 radare2<5.6.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0521 ruby{25,26,27,30,31}-actionpack60<6.0.4.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633 ruby{25,26,27,30,31}-actionpack61<6.1.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633 ruby{25,26,27,30,31}-actionpack70<7.0.2.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23633 ruby27-base<2.7.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41816 ruby30-base<3.0.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-41816 ruby{25,26,27,30,31}-puma<5.2.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23634 tcpreplay<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45386 tcpreplay<4.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45387 tiff<4.3.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0561 tiff<4.3.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0562 unzip<6.0nb10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-0529 unzip<6.0nb10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0530 vim<8.2.4327 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0554 ImageMagick<7.0.10.31 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3596 ImageMagick<7.0.11.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3610 blender<2.83.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0544 blender>=2.93<2.93.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0544 blender<2.83.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0545 blender>=2.93<2.93.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0545 blender<3.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0546 consul<1.9.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24687 cyrus-sasl<2.1.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24407 drupal<9.2.16 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25271 expat<2.4.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25235 expat<2.4.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25236 expat<2.4.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25313 expat<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-25314 expat<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-25315 ghostscript-agpl<9.55.0 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3781 htmldoc<1.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-26252 isync<1.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3578 isync<1.4.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-3657 kcron<21.12.3 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2022-24986 vim<8.2.4359 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0572 phoronix-test-suite<10.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0571 zsh<5.8.1 archive-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45444 wireshark<3.6.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-0586 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0583 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0582 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0581 radare2<5.6.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0559 qt5>=5.9<5.15.9 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-25255 pcf2bdf<1.07 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23319 pcf2bdf<1.07 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-23318 vim<8.2.4397 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0629 wireshark<3.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0585 swtpm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-23645 libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2021-46700 vim<8.2.4418 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0685 vim<8.2.4428 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-0696 radare2<5.6.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-0712 vim<8.2.4436 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0714 radare2<5.6.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0713 vim<8.2.4440 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0729 radare2<5.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0476 wolfssl<5.2.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25640 wolfssl<5.2.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25638 radare2<5.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0695 radare2<5.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4021 libxml2<2.9.13 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-23308 lepton-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26181 polkit<0.119 local-root-exploit https://nvd.nist.gov/vuln/detail/CVE-2021-3560 qemu<6.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3947 qemu<6.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3930 polkit<121 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4115 php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24620 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3608 qemu<6.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3607 qt5<5.15.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-25634 webmin<1.990 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0829 webmin<1.990 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0824 haproxy-[0-9]* http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-0711 htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23206 htmldoc<1.9.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-23191 htmldoc<1.9.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-23180 htmldoc<1.9.11 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-26948 htmldoc<1.9.12 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-26259 liquibase<4.8.0 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2022-0839 radare2<5.6.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0849 cmark-gfm<0.29.0.gfm.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24724 cacti-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0730 py{27,36,37,38,39,310}-twisted<22.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-21716 qemu<7.2.0 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3638 openjpeg<2.5.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3575 openexr<2.5.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20303 openexr<2.5.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20300 openexr<2.5.4 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-20302 samba>=4.0<4.13.14 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722 samba>=4.14<4.14.10 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722 samba>=4.15<4.15.2 local-system-compromise https://nvd.nist.gov/vuln/detail/CVE-2020-25722 samba>=4.0<4.13.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718 samba>=4.14<4.14.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718 samba>=4.15<4.15.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-25718 samba>=4.0<4.13.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717 samba>=4.14<4.14.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717 samba>=4.15<4.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-25717 samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719 samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719 samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25719 samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124 samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124 samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2016-2124 samba<4.13.17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142 samba>=4.14<4.14.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142 samba>=4.15<4.15.5 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-44142 samba<4.15.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-44141 samba>=4.0<4.13.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738 samba>=4.14<4.14.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738 samba>=4.15<4.15.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3738 samba>=4.10<4.13.14 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192 samba>=4.14<4.14.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192 samba>=4.15<4.15.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23192 go116<1.16.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24921 go117<1.17.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24921 mediawiki<1.23.16 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-0371 libreoffice>=7.2<7.2.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-25636 py{36,37,38,39,310}-scrapy<2.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0577 libtpms<0.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3623 ansible-base<2.9.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3620 python36<3.6.14 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 python37<3.7.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 python38<3.8.11 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 python39<3.9.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-3737 sqlite3>=3.35.1<3.38.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-45346 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052 mariadb-server>=10.5<10.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24052 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051 mariadb-server>=10.5<10.5.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24051 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050 mariadb-server>=10.5<10.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24050 mariadb-server<10.4.23 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048 mariadb-server>=10.5<10.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048 mariadb-server>=10.6<10.6.6 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-24048 nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44533 nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44533 nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44532 nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44532 nodejs<12.22.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44531 nodejs>=14<14.18.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-44531 php>=7.4<7.4.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708 php>=8.0<8.0.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708 php>=8.1<8.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-21708 postgresql11-server<11.13 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677 postgresql12-server<12.8 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677 postgresql13-server<13.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-3677 postgresql96-server<9.6.24 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql10-server<10.19 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql11-server<11.14 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql12-server<12.9 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql13-server<13.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 postgresql14-server<14.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-23214 nginx<1.20.2nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139 nginx>=1.21<1.21.6nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139 njs<0.7.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-25139 nginx<1.20.2nb2 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463 nginx>=1.21<1.21.6nb1 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463 njs<0.7.2 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2021-46463 nginx<1.20.2nb2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462 nginx>=1.21<1.21.6nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462 njs<0.7.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-46462 nginx<1.20.2nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461 nginx>=1.21<1.21.6nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461 njs<0.7.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-46461 mupdf<1.20.0nb2 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-45005 bareos<20.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24756 bareos<20.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24755 py{27,34,35,36,37,38,39,310}-httpie<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0430 openssl<1.1.1n denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0778 gitea<1.13.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-29134 vim<8.2.4563 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0943 qemu<7.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26354 qemu<7.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26353 htmldoc<1.9.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-23158 openexr<3.0.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-20299 ansible-base<2.9.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20180 qemu<6.0.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2021-20257 samba>=4.0<4.13.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721 samba>=4.14<4.14.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721 samba>=4.15<4.15.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-25721 minidlna<1.3.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26505 py{27,34,35,36,37,38,39,310}-httpie<3.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24737 php{56,71,72,73,74,80}-nextcloud>=20<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239 php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239 php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41239 icingaweb2<2.9.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24716 icingaweb2<2.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24714 icingaweb2<2.8.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24715 zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24919 zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24917 zabbix-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24918 zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24349 gitea<1.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0905 libcaca-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0856 php{56,70,71,72,73,74,80}-phpmyadmin<4.9.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-0813 keepass<2.59 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0725 ming-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-34342 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34341 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34340 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34339 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34338 libpano13-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-33293 #libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2020-36123 # rejected gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26967 gpac<2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24578 gpac<2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24577 gpac<2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24576 gpac<2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24575 gpac<2.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24574 apache<2.4.53 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-23943 apache<2.4.53 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-22720 apache<2.4.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-22721 apache<2.4.53 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22719 mutt<2.2.3 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2022-1328 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32162 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32161 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32160 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32159 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32158 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32157 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32156 vim<8.2.4647 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1160 vim<8.2.4646 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1154 tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27942 tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27941 tcpreplay-[0-9]* arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2022-27939 tcpreplay-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27940 tcpreplay<4.4.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-27416 tcpreplay<4.4.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27418 salt<3004.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-22941 salt<3004.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-22936 salt<3004.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-22935 salt<3004.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-22934 moodle<3.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32478 moodle<3.10.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32476 moodle<3.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-32475 moodle<3.10.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-32474 moodle<3.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32473 moodle<3.10.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-32472 moodle<3.10.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-32477 radare2<5.6.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1031 radare2<5.6.8 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1061 radare2<5.6.6 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1052 radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1207 radare2<5.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1244 radare2<5.6.8 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1238 radare2<5.8.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1240 radare2<5.6.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1237 radare2<5.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1284 radare2<5.6.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1283 radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1296 radare2<5.6.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1297 libsixel<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27938 libsixel<1.8.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27046 libsixel<1.8.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27044 libsixel<1.8.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41715 libsixel<1.8.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40656 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1035 gpac-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-1222 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27148 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27147 gpac-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27146 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27145 php{56,72,73,74,80}-orangehrm<4.10.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-27107 php{56,72,73,74,80}-orangehrm<4.10.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27108 jhead<3.06.0.1 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28278 jhead<3.06.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28277 jhead<3.06.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28276 jhead<3.06.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-28275 abcm2ps<8.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32436 abcm2ps<8.14.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32435 abcm2ps<8.14.12 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32434 mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28209 mediawiki<1.37.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-28202 tiff<4.4.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0891 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0865 tiff<4.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0924 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0908 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0909 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0907 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1056 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1210 gerbv-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40402 gerbv-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-40400 openexr<3.1.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3941 openexr<3.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3933 py{27,34,35,36,37,38,39,310}-tryton<6.2.6 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-26661 wavpack<5.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44269 grub2-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3981 horde<2.2.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26874 fish<3.4.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-20001 lua54<5.4.4 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2021-44964 py{27,34,35,36,37,38,39,310}-paramiko<2.10.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24302 openvpn<2.5.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0547 mitmproxy<8.0.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-24766 bind>=9.16.11<9.16.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0396 libsndfile<1.1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-4156 qemu<6.2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3748 gitea<1.16.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-1058 mbedtls-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43666 libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0897 libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4147 qemu<2.17.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3582 caribou<0.4.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3567 zlib<1.2.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2018-25032 py{27,34,35,36,37,38,39,310}-Pillow<9.0.1 local-file-delete https://nvd.nist.gov/vuln/detail/CVE-2022-24303 lrzip<0.650 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-26291 re2c<3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23901 openjpeg<2.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1122 mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28205 mediawiki<1.37.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28206 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1172 ruby{25,26,27,30,31}-puma<5.6.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24790 py{27,36,37,38,39,310}-notebook<6.4.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24758 SDL2<2.0.20 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33657 weechat<3.4 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-28352 py{27,36,37,38,39,310}-twisted<22.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-24801 htmldoc<1.9.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24191 py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24729 py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24728 mantis<2.25.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26144 mantis<2.25.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-43257 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1253 sox-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40426 njs<0.7.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27008 njs<0.7.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27007 mutt<2.2.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1328 subversion-base<1.14.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28544 ap24-subversion<1.14.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28544 lua54<5.4.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28805 e2fsprogs-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1304 go116-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27191 go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27191 mariadb-server>=10.6<10.6.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server>=10.5<10.5.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server>=10.4<10.4.25 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server>=10.6<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 mariadb-server>=10.5<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 mariadb-server>=10.4<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 subversion-base<1.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24070 ap24-subversion<1.14.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-24070 mongodb<4.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32040 asterisk16<16.25.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499 asterisk18<18.11.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499 asterisk19<19.3.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-26499 asterisk16<16.25.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498 asterisk18<18.11.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498 asterisk19<19.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26498 asterisk16<16.25.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651 asterisk18<18.11.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651 asterisk18<19.3.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26651 php{56,71,72,73,74,80}-nextcloud<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241 php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241 php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41241 php{56,71,72,73,74,80}-nextcloud<21.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741 php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741 php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24741 php{56,71,72,73,74,80}-nextcloud<20.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233 php{56,71,72,73,74,80}-nextcloud>=21<21.0.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233 php{56,71,72,73,74,80}-nextcloud>=22<22.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-41233 ImageMagick<6.9.12.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4219 ImageMagick>=7.1<7.1.0.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4219 php{56,72,73,74,80}-composer<2.2.12 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24828 xenkernel411-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356 xenkernel413-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356 xenkernel415<4.15.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-26356 njs<0.7.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-28049 php{56,73,74,80,81}-piwigo-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26267 php{56,73,74,80,81}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-26266 powerdns<4.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27227 powerdns-recursor<4.4.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27227 ruby{25,26,27,30,31}-nokogiri<1.13.4 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2022-24836 # affects ghostpcl, not part of standard ghostscript, see e.g. https://ubuntu.com/security/CVE-2022-1350 #ghostscript-agpl-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-1350 neomutt<20220415 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1328 php{56,73,74,80,81}-memcached<2.1.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-26635 grafana<8.4.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24812 grafana<7.3.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26148 libarchive<3.6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-26280 py{36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 py{36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 py{36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 ruby{25,26,27,30,31}-yajl<1.4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24795 bind>=9.11<9.11.37 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-25220 bind>=9.16<9.16.27 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-25220 python37<3.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733 python39<3.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733 python39<3.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3733 python37<3.7.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 python38<3.8.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 python39<3.9.16 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 python310<3.10.8 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-20107 radare2<5.6.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1382 radare2<5.6.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1383 vim<8.2.4763 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1381 bwm-ng<0.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1341 py{27,36,37,38,39,310}-PDF2<1.27.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24859 opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42782 opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42781 opensc<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-42780 opensc<0.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42779 opensc<0.22.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-42778 dcraw-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3624 freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27406 freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27405 freetype2<2.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27404 radare2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1437 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1444 radare2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1452 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1451 glpi<10.0.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24869 glpi<10.0.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24868 glpi<10.0.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-24867 zoneminder-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29806 vim<8.2.4774 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1420 pam-tacplus<1.4.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2016-20014 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29537 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1441 epiphany<41.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29536 xpdf-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27135 giflib<5.2.1nb5 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28506 mysql-cluster<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server<5.7.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-cluster>=7.0<7.4.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server>=7.0<7.4.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-cluster>=7.6<7.6.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server>=7.6<7.6.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-cluster>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL mysql-server>=8.0<8.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixMSQL openjdk8<1.8.322 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA openjdk11<11.0.15 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2022.html#AppendixJAVA freerdp2<2.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24883 freerdp2<2.7.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24882 couchdb<3.2.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24706 htmldoc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28085 consul<1.9.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-29153 go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28327 go117<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28327 go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27536 go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675 go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675 ncurses<6.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29458 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059 ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059 redis<6.2.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24736 redis<6.2.7 code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24735 php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24889 php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-24889 php{56,71,72,73,74,80}-nextcloud>=22<22.2.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24888 php{56,71,72,73,74,80}-nextcloud>=23<23.0.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24888 pycharm-bin<2022.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29820 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29819 intellij-ue-bin<2022.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29818 intellij-ue-bin<2022.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-29817 intellij-ue-bin<2022.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29816 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29815 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29814 intellij-ue-bin<2022.1 local-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-29813 intellij-ue-bin<2022.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29812 py{27,36,37,38,39,310}-httpx-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-41945 podman<3.4.7 code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1227 ImageMagick>=7.1<7.1.0.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1114 moodle-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0985 moodle-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-0984 qemu<7.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4207 qemu<7.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-4206 mediawiki<1.36.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-28323 prosody<0.11.12 denial-of-service https://prosody.im/security/advisory_20220113/ radare2-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1649 vim<8.2.4925 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1629 vim<8.2.4919 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1621 libsixel<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29977 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1623 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1622 qemu<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3611 mp3gain-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-34085 njs<0.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29369 vim<8.2.4938 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1674 radare2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1714 webmin-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-30708 unrar<6.1.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-30333 janet<1.22.0 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30763 gitea<1.6.7 command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-30781 xpdf-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-30775 u-boot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30767 apache-tomcat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29885 apache-tomcat>=9.0<9.0.21 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-25762 apache-tomcat>=8.5<8.5.76 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-25762 gitea<1.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27313 gtk+-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gtk2+-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt4-libs-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick6<6.9.12.44 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28463 ImageMagick<7.1.0.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28463 ImageMagick6<6.9.12.43 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32545 ImageMagick<7.1.0.28 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32545 ImageMagick6<6.9.12.44 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32546 ImageMagick<7.1.0.29 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32546 ImageMagick<7.1.0.30 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32547 ImageMagick6<6.9.12.45 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32547 SDL2_ttf<2.20.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27470 admesh<0.98.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-25033 apache-maven<3.8.3 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29599 apache-tomcat>=8.5<8.5.82 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34305 apache-tomcat>=9.0<9.0.65 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34305 apache<2.4.54 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-26377 apache<2.4.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28614 apache<2.4.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28615 apache<2.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29404 apache<2.4.54 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30522 apache<2.4.54 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30556 apache<2.4.54 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31813 caddy<2.5.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-29718 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20770 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20771 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20785 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20796 curl<7.83.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-22576 curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27774 curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27775 curl<7.83.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27776 curl<7.83.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-27778 curl<7.83.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27779 curl<7.83.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-27780 curl<7.83.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27781 curl<7.83.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-27782 curl<7.83.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30115 dpkg<1.21.8 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-1664 elasticsearch<7.17.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23712 electrum<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31246 ezxml-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-30045 webkit-gtk<2.34.5 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0002.html webkit-gtk<2.34.6 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0003.html webkit-gtk<2.36.0 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0004.html webkit-gtk<2.36.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2022-0005.html ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125002 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125003 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125004 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125005 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125006 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125007 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125008 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125009 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125010 ffmpeg2<2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-125011 ffmpeg2<2.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2014-125012 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125013 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125014 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125015 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125016 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125017 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125018 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125019 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125020 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125021 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125022 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125023 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125024 ffmpeg2<2.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2014-125025 ffmpeg4<4.4.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1475 ffmpeg5<5.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1475 ghostscript-agpl<9.56.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2085 giflib-util-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40633 gimp<2.10.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30067 gimp<2.10.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32990 gitea<1.16.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1928 gitea<1.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27313 go117<1.17.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-29526 go118<1.18.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-29526 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40592 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-41458 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1795 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29339 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29340 gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-30976 halibut<1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42612 halibut<1.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2021-42613 halibut<1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-42614 harfbuzz<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33068 htmldoc<1.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27114 inkscape<1.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-42700 inkscape<1.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42702 inkscape<1.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-42704 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34170 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34171 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34172 jenkins<2.346.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34173 jenkins<2.346.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2022-34174 jenkins<2.346.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34175 knot<5.5.1 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-32983 libdwarf<0.4.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-32200 libdwarf<0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34299 libjpeg-turbo<2.1.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46822 libntfs<2022.5.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30783 libntfs<2022.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30784 libntfs<2022.5.17 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-30785 libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30786 libntfs<2022.5.17 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-30787 libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30788 libntfs<2022.5.17 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30789 libredwg-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33034 libxml2<2.9.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29824 lighttpd<1.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30780 lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33067 mantis<2.25.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-33910 mariadb-server>=10.4<10.4.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server>=10.5<10.5.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server>=10.6<10.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server>=10.6<10.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server>=10.6<10.6.66 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server>=10.4<10.4.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 mariadb-server>=10.5<10.5.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 mariadb-server>=10.6<10.6.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 matio<1.5.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1515 moodle<4.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30596 moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30597 moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30598 moodle<4.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30600 mupdf<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30974 mupdf<1.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-30975 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29779 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29780 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30503 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31306 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31307 njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32414 nuitka<0.9 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2054 openldap<2.6.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29155 openssl<1.1.1o shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-1292 openssl>=3.0.0<3.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-1343 openssl>=3.0.0<3.0.3 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-1434 openssl>=3.0.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1473 openssl<1.1.1p shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2068 pcre2<10.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1586 pcre2<10.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1587 php{56,73,74,80,81}-concrete5<9.1.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21829 php{56,73,74,80,81}-concrete5<9.1.0 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2022-30117 glpi<10.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-24876 glpi<10.0.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29250 php74-mysql<7.4.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626 php80-mysql<8.0.20 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626 php81-mysql<8.1.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31626 php{56,74,80,81}-nextcloud<23.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-29163 php{56,74,80,81}-nextcloud<23.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29243 php{56,74,80,81}-owncloud<10.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31649 php74-pgsql<7.4.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625 php80-pgsql<8.0.20 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625 php81-pgsql<8.1.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-31625 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19212 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19213 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-19215 php{56,74,80,81}-piwigo<2.10.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-40317 php{56,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-40678 pidgin<2.14.9 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-26491 poppler<22.04.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27337 protobuf-c<=1.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33070 py{27,36,37,38,39,310}-JWT<2.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-29217 py{27,36,37,38,39,310}-Pillow<9.1.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30595 py{27,36,37,38,39,310}-aiohttp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33124 py{27,36,37,38,39,310}-bottle<0.12.20 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-31799 py{27,36,37,38,39,310}-cookiecutter<2.1.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-24065 py{27,36,37,38,39,310}-flower-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30034 py{27,36,37,38,39,310}-ldap3<3.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46823 py{27,36,37,38,39,310}-notebook<6.4.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29238 py{27,36,37,38,39,310}-octoprint<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1430 py{27,36,37,38,39,310}-octoprint<1.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-1432 py{27,36,37,38,39,310}-waitress>=2.1.0<2.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31015 qemu<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3750 radare2<5.5.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44974 radare2<5.5.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-44975 radare2<5.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1809 radare2<5.7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1899 redis<7.0.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-33105 rsyslog<8.2204.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24903 ruby{26,27,30,31}-actionpack52-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577 ruby{26,27,30,31}-actionpack60<6.0.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577 ruby{26,27,30,31}-actionpack61<6.1.5.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22577 ruby{26,27,30,31}-activestorage52<5.2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831 ruby{26,27,30,31}-activestorage60<6.0.4.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831 ruby{26,27,30,31}-activestorage61<6.1.4.7 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21831 ruby30-base<3.0.4 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-28738 ruby31-base<3.0.4 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-28738 ruby26-base<2.6.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby27-base<2.7.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby30-base<3.0.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby31-base<3.1.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby{26,27,30,31}-jmespath<1.6.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-32511 ruby{26,27,30,31}-mechanize<2.8.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31033 ruby{26,27,30,31}-nokogiri<1.13.6 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-29181 ruby{26,27,30,31}-octokit>=4.23.0<4.25.0 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2022-31072 ruby{26,27,30,31}-rails<1.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-32209 ruby{26,27,30,31}-sinatra<2.2.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-29970 salt<3004.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-22967 slurm-wlm<20.11.9.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-29500 slurm-wlm<20.11.9.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-29501 slurm-wlm>=21<21.08.8.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-29502 sofia-sip<1.13.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31001 sofia-sip<1.13.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31002 sofia-sip<1.13.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-31003 sox-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3643 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-31650 sox-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31651 tcpreplay-[0-9]* format-string https://nvd.nist.gov/vuln/detail/CVE-2022-28487 totd<1.5.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-34295 php{56,73,74,80,81}-typo3<7.6.57 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31046 php{56,73,74,80,81}-typo3<7.6.57 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31047 php{56,73,74,80,81}-typo3<8.7.47 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31048 php{56,73,74,80,81}-typo3<9.5.34 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-31049 php{56,73,74,80,81}-typo3<9.5.34 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31050 u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30552 u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-30790 unicorn-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-29692 unicorn<2.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-29693 unicorn<2.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-29694 unicorn<2.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-29695 vault>=1.10.0<1.10.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30689 vim<8.2.4895 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1616 vim<8.2.4899 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1619 vim<8.2.4901 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1620 vim<8.2.4956 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1720 vim<8.2.4968 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1733 vim<8.2.4969 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1735 vim<8.2.4974 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1769 vim<8.2.4975 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1771 vim<8.2.4977 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1785 vim<8.2.4979 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1796 vim<8.2.5013 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1851 vim<8.2.5016 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1886 vim<8.2.5023 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-1897 vim<8.2.5024 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1898 vim<8.2.5037 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-1927 vim<8.2.5043 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1942 vim<8.2.5050 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-1968 vim<8.2.5063 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2000 vim<8.2.5072 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2042 vim<8.2.5120 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2124 vim<8.2.5122 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2125 vim<8.2.5123 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2126 vim<8.2.5126 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2129 vim<8.2.5148 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2175 vim<8.2.5150 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2182 vim<8.2.5151 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2183 xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26362 xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26362 xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26363 xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26363 xenkernel413<4.13.4nb1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26364 xenkernel415<4.15.2nb2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-26364 xfce4-exo<4.16.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-32278 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30524 nodejs>=14<14.19.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 nodejs>=14<14.20.1 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212 nodejs>=14<14.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213 nodejs>=14<14.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214 nodejs>=14<14.19.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215 nodejs>=14<14.19.0 dll-hijacking https://nvd.nist.gov/vuln/detail/CVE-2022-32223 nodejs>=16<16.16.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 nodejs>=16<16.16.0 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212 nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213 nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214 nodejs>=16<16.16.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215 nodejs>=16<16.16.0 dll-hijacking https://nvd.nist.gov/vuln/detail/CVE-2022-32223 nodejs>=18<18.5.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 nodejs>=18<18.9.1 dns-rebinding https://nvd.nist.gov/vuln/detail/CVE-2022-32212 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32213 nodejs>=18<18.5.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32214 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32215 nodejs>=18<18.9.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-32222 vim<8.2.5160 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2206 vim<8.2.5164 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2210 vim<8.2.5163 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2208 vim<8.2.5162 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2207 vim<8.2.5169 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2231 vim<9.0.0009 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2257 vim<9.0.0011 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2264 vim<9.0.0020 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2286 vim<9.0.0018 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2285 vim<9.0.0017 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2284 vim<9.0.0021 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2287 vim<9.0.0025 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2288 vim<9.0.0026 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2289 vim<9.0.0035 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2304 vim<9.0.0046 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2344 vim<9.0.0045 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2343 vim<9.0.0047 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2345 libredwg-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-33033 libredwg-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-33027 libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33026 libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33032 libredwg-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33028 libredwg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33024 libredwg-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-33025 gpac<2.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40942 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40607 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40944 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40608 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40609 gpac<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-40606 curl<7.84.0 insecure-temp-file https://nvd.nist.gov/vuln/detail/CVE-2022-32207 curl<7.84.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-32208 curl<7.84.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32206 curl<7.84.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32205 glpi<10.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31061 glpi<10.0.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31068 glpi<10.0.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-31056 mediawiki<1.39.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34750 mediawiki<1.38.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-34912 mediawiki<1.38.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-34911 salt<3004.2. authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2282 jetty<9.4.47 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2048 jetty<9.4.47 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2022-2047 webmin<1.997 escape-sequence-injection https://nvd.nist.gov/vuln/detail/CVE-2022-36446 webmin<1.995 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36880 vim<9.0.0060 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2522 vim<9.0.0100 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-2598 vim<9.0.0104 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2581 vim<9.0.0102 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2580 vim<9.0.0101 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2571 unbound<1.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30699 unbound<1.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30698 lrzip-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33451 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33453 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33468 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33465 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33466 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33459 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33456 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33467 yasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33464 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33462 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33463 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-33461 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33460 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33458 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33457 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33454 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-33455 u-boot<2022.07 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34835 u-boot<2022.07 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-33103 u-boot<2022.07 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33967 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33108 radare2-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-34520 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34502 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2454 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2453 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2549 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34032 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34031 njs<0.7.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-34029 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34030 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34028 njs<0.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34027 nasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33450 nasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-33452 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2122 gstreamer1<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1924 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1923 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1921 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1922 gstreamer1<1.20.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1920 gstreamer1<1.20.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1925 opa<0.42.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33082 dovecot<2.3.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30550 caddy<2.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34037 autotrace-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-32323 picoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-34556 qpdf<10.3.2 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34503 libxml2<2.9.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2016-3709 py{27,36,37,38,39,310}-lxml<4.9.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2309 libxml2<2.10.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2309 htmldoc<1.9.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34035 htmldoc<1.9.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34033 p5-HTTP-Daemon<6.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-31081 mplayer-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32317 grub2<2.12 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2021-3697 grub2<2.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3696 grub2<2.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-3695 vault<1.11.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-36129 wavpack<5.5.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2476 tor>=0.4.7<0.4.7.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33903 moodle<4.0.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35650 moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35653 moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35652 moodle<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-35651 moodle<4.0.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35649 mbedtls<2.28.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-35409 gdk-pixbuf2<2.42.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46829 gradle<7.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31156 py{27,36,37,38,39,310}-ujson<5.4.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-31116 py{27,36,37,38,39,310}-ujson<5.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-31117 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2056 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2058 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2057 tiff<4.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34266 mysql-server>=8.0<8.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-server>=7.6<7.6.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-server>=7.0<7.4.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-server<5.7.39 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-cluster>=8.0<8.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-cluster>=7.6<7.6.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL mysql-cluster>=7.0<7.4.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL matrix-synapse<1.61.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31052 ruby{26,27,30,31}-mysql<2.10.0 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2021-3779 php{56,73,74,80,81}-piwigo-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-40553 jpegoptim-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-32325 libreoffice<7.3.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-26305 libreoffice<7.3.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26307 libreoffice<7.3.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-26306 qemu<7.1.0 uninitialized-buffer https://nvd.nist.gov/vuln/detail/CVE-2022-35414 grafana>=9.0.0<9.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31097 grafana<8.5.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31097 grafana>=9.0.0<9.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31107 grafana<8.5.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31107 gnutls<3.7.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2509 gsasl<2.0.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2469 py{36,37,38,39,310}-django>=3.2<3.2.14 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265 py{36,37,38,39,310}-django>=4.0<4.0.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265 php{56,74,80,81}-nextcloud<23.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31014 rt4-[0-9]* open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-25803 rt4<4.4.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-25802 php{56,73,74,80,81}-piwigo-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32297 ruby{26,27,30,31}-tzinfo<1.2.10 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-31163 py{27,36,37,38,39,310}-mistune<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34749 php>=8.1<8.1.8 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31627 SDL<1.2.15nb46 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-34568 packagekit-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0987 squid4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46784 py{27,36,37,38,39,310}-sanic<22.6.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-35920 lua54<5.4.5 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33099 mariadb-server<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32089 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32089 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32087 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32085 mariadb-server<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32082 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32082 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32086 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32084 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32083 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32088 mariadb-server<10.4.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081 mariadb-server>=10.5.0<10.5.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081 mariadb-server>=10.6.0<10.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32081 gnupg2<2.2.36 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2022-34903 openssl<1.1.1q weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2022-2097 rsync<3.2.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-29154 frr-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-37035 milkytracker-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-34927 sqlite3<3.39.2 array-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35737 moodle<3.8.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1754 py{36,37,38,39,310}-django>=3.2<3.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359 py{36,37,38,39,310}-django>=4.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359 py{27,36,37,38,39,310}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-31175 php{56,74,80,81}-nextcloud<22.2.7 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2022-31120 php{56,74,80,81}-nextcloud>=23.0<23.0.4 excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2022-31120 php{56,74,80,81}-nextcloud<22.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118 php{56,74,80,81}-nextcloud>=23.0<23.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118 php{56,74,80,81}-nextcloud>=24.0<24.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31118 zlib<1.2.13 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37434 libmpeg2-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-37416 exim4<4.96 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-37451 exim4<4.95 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37452 openjdk7<1.7.344 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA openjdk8<1.8.334 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA openjdk11<1.11.0.15.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixJAVA libxslt<1.1.34nb10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-30560 expat<2.4.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-40674 routinator<0.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3029 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38178 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38177 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3080 bind916<9.16.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2795 unbound<1.16.3 denial-of-service https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt redis>7<7.0.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35951 ruby25-* eol https://www.ruby-lang.org/en/downloads/branches/ ruby26-* eol https://www.ruby-lang.org/en/downloads/branches/ nodejs>=14<14.20.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32256 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32255 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-32256 php>=7.4<7.4.32 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628 php>=8.0<8.0.24 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628 php>=8.0<8.0.24 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31629 php>=8.1<8.1.11 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31628 php>=8.1<8.1.11 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-31629 drupal<9.3.22 multiple-vulnerabilities https://www.drupal.org/sa-core-2022-016 sqlite3<3.39.4 integer-overflow https://sqlite.org/news.html#2022_09_29 go118<1.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2879 go119<1.19.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2879 isc-dhcpd<4.4.3p1 integer-overflow https://kb.isc.org/docs/cve-2022-2928 isc-dhcpd<4.4.3p1 memory-leak https://kb.isc.org/docs/cve-2022-2929 isc-dhcp4-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhcpd4-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhclient4-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhcrelay4-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xterm<375 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45063 postgresql10-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,36,37,38,39,310}-sip<5 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages emacs20-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs21-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs21-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs25-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs25-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs26-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs26-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs27-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs27-nox11-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs28<28.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 emacs28-nox11<28.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45939 rust<1.66.1 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-46176 libXpm<3.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46285 libXpm<3.5.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44617 libXpm<3.5.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-4883 motif-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46285 motif-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44617 motif-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-4883 heimdal<7.8.0nb2 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2022-45142 py{36,37,38,39,310,311}-django>=3.2<3.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23969 py{36,37,38,39,310,311}-django>=3.2<3.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24580 gnutls<3.7.9 side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-0361 git-base<2.39.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41903 git-base<2.39.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23521 git-base<2.39.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-22490 git-base<2.39.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-23946 curl>=7.57.0<7.88.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23916 haproxy<2.7.3 http-response-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-25725 webkit-gtk<2.38.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-23529 vim<9.0.0224 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2874 vim<9.0.0211 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2819 vim<9.0.0213 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2817 vim<9.0.0212 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2816 vim<9.0.0218 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2845 vim<9.0.0220 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2849 vim<9.0.0221 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2862 vim<9.0.0225 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2889 vim<9.0.0240 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2923 vim<9.0.0246 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2946 vim<9.0.0260 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-2982 vim<9.0.0259 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2980 vim<9.0.0286 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3016 vim<9.0.0322 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3037 vim<9.0.0360 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3099 vim<9.0.0389 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3134 vim<9.0.0404 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3153 vim<9.0.0483 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3234 vim<9.0.0490 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3235 vim<9.0.0530 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3256 vim<9.0.0552 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3278 vim<9.0.0577 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3296 vim<9.0.0598 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3324 vim<9.0.0579 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3297 vim<8.2.4959 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-1725 vim<9.0.0614 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3352 vim<9.0.0805 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3705 vim<9.0.0946 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4141 vim<9.0.0789 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3591 vim<9.0.0765 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3520 vim<9.0.0742 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3491 vim<9.0.0882 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4292 vim<9.0.0804 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-4293 vim<9.0.1144 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0051 vim<9.0.1143 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0049 vim<9.0.1145 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0054 vim<9.0.1189 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0288 vim>=8.1.2269<9.0.0339 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-47024 vim<9.0.1225 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0433 vim<9.0.1247 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-0512 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44321 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44320 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44319 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44318 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44317 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44315 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44316 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44314 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44313 picoc-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44312 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39290 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39291 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39289 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39285 zoneminder<1.37.24 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2022-30769 zoneminder<1.37.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30768 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597 openimageio<2.5.0.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43598 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41999 openimageio<2.5.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603 openimageio<2.5.0.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41838 openimageio<2.5.0.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592 openimageio<2.5.0.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601 openimageio<2.5.0.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602 openimageio<2.5.0.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41837 openimageio<2.5.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593 openimageio<2.5.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43594 openimageio<2.5.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43595 openimageio<2.5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354 openimageio<2.5.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143 openimageio<2.4.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649 openimageio<2.5.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977 openimageio<2.5.0.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41988 redis>=7<7.0.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35951 redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22458 redis>=6.0<6.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977 redis>=6.2<6.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/cve-2022-35977 redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977 advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35020 advancecomp<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35019 advancecomp<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35018 advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35017 advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35016 advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35015 advancecomp<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35014 nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41420 nasm<2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46457 nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46456 tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37049 tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37048 tcpreplay-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37047 binwalk<2.3.3 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-4287 binwalk>=2.2<2.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4510 upx<3.96 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2020-27790 upx<3.96 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27787 upx<3.96 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-27788 upx-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23457 upx-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23456 ampache<5.5.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0606 ampache<5.5.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-0771 bind>=9.18.0<9.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2906 bind>=9.19.0<9.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2906 bind>=9.18.0<9.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2881 bind>=9.19.0<9.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2881 bind>=9.16.12<9.16.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924 bind>=9.18.0<9.18.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924 bind>=9.19.0<9.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3924 bind>=9.16.12<9.16.37 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736 bind>=9.18.0<9.18.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736 bind>=9.19.0<9.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3736 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38238 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38237 xpdf-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38236 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38235 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38233 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38234 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38231 xpdf-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-38230 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38229 xpdf-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38228 xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38227 xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38171 xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24107 xpdf<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-24106 xpdf<4.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-36561 xpdf<4.04 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38334 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38928 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38222 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41842 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41844 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41843 xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40226 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43295 xpdf<4.05 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43071 xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36493 grafana<9.1.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35957 grafana<9.1.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36062 grafana<9.1.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39201 grafana<9.1.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-39229 grafana<9.1.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31130 grafana<9.1.8 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-31123 grafana>=9.2.0<9.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39328 grafana<9.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39307 grafana<9.2.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39306 grafana<9.2.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39324 grafana<9.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-23552 grafana<9.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23498 libde265<1.0.10 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43253 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43252 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43250 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43249 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43248 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43245 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43244 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43243 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43242 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43241 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43240 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43238 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43237 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43239 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43236 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43235 libde265<1.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47655 heimdal<7.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41916 heimdal<7.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-44640 heimdal<7.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-44758 curl<7.85.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-35252 curl>=7.77.0<7.86.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42916 curl>=7.77.0<7.86.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-42915 curl>=7.84.0<7.86.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35260 curl<7.86.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-32221 curl>=7.77.0<7.87.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43551 curl<7.87.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43552 freeradius-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-41860 freeradius-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41861 freeradius-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41859 freerdp2<2.8.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-39283 freerdp2<2.8.1 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-39282 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-41877 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39347 freerdp2<2.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-39320 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39319 freerdp2<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39318 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39316 freerdp2<2.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-39317 fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25310 fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25309 fribidi<1.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-25308 glpi>=0.65<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39376 glpi<10.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39375 glpi>=10.0.0<10.0.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-39373 glpi>=0.70<10.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39372 glpi>=10.0.0<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39371 glpi<10.0.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39370 glpi<10.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-39323 glpi>=0.60<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39277 glpi<10.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39262 glpi<10.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39276 glpi<10.0.4 access-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39234 glpi<10.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35947 glpi<10.0.3 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2022-31187 glpi<10.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36112 glpi<10.0.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-35946 glpi<10.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31143 glpi<10.0.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-35945 glpi-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39181 glpi<10.0.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23610 glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22725 glpi<10.0.6 access-validation-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-22500 glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22724 glpi<10.0.6 url-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22722 glpi<10.0.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41941 wordpress<6.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43500 wordpress<6.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-43504 wordpress<6.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-43497 wordpress-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-3590 wordpress-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-22622 radare2<4.4.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2020-27794 radare2<4.4.0 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2020-27793 radare2<4.4.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-27795 radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4398 radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4843 radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-0302 exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3559 exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3620 sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-33844 sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-23210 sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23172 sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23159 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2869 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2868 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2867 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2953 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2521 tiff<4.5.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2519 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2520 tiff<4.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1355 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1354 tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3599 tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3598 tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3627 tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3626 tiff<4.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3570 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3970 tiff<4.5.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48281 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35535 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35533 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35531 libraw<0.21.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-35534 libraw<0.21.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35530 libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35532 libredwg<0.12.4.4608 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-35164 libredwg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45332 blender<3.3.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-2833 blender<3.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2832 blender<3.3.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2831 consul<1.11.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41803 consul<1.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-40716 consul<1.24.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-3920 rpm<4.17.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-3521 rpm<4.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-35938 rpm<4.18.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-35937 rpm<4.18.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2021-35939 typo3<8 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wireshark<3.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3725 wireshark<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4345 wireshark<4.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4344 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0417 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0416 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0415 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0414 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0413 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0412 wireshark<4.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0411 wolfssl<5.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-34293 wolfssl>=5.3.0<5.5.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-38153 wolfssl<5.5.0 unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2022-38152 wolfssl<5.1.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2021-44718 wolfssl<5.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39173 wolfssl<5.5.0 privacy-leak https://nvd.nist.gov/vuln/detail/CVE-2022-42961 wolfssl<5.5.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-42905 wkhtmltopdf<0.12.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-21365 wkhtmltopdf-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-35583 moodle<3.8.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2020-1756 moodle<3.8.2 url-spoofing https://nvd.nist.gov/vuln/detail/CVE-2020-1755 moodle<3.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14322 moodle<3.8.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-14321 moodle<3.9.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-14320 moodle<4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36568 moodle<3.11.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-40695 moodle<3.11.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2021-40694 moodle<3.11.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40693 moodle<3.11.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-40692 moodle<3.11.3 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2021-40691 moodle<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-40315 moodle<4.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-40316 moodle<4.0.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-40314 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-40313 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45151 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45150 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45149 moodle<4.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-45152 py{36,37,38,39,310,311}-octoprint<1.8.3 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-2930 py{36,37,38,39,310,311}-octoprint<1.8.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-3068 py{36,37,38,39,310,311}-octoprint<1.8.3 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2888 py{36,37,38,39,310,311}-octoprint<1.8.3 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-2872 py{36,37,38,39,310,311}-octoprint<1.8.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3607 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43967 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43692 php{56,73,74,80,81}-concrete5<8.5.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43691 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43968 php{56,73,74,80,81}-concrete5<8.5.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43695 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43694 php{56,73,74,80,81}-concrete5<8.5.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43690 php{56,73,74,80,81}-concrete5<8.5.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-43689 php{56,73,74,80,81}-concrete5<8.5.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43686 php{56,73,74,80,81}-concrete5<8.5.10 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43687 php{56,73,74,80,81}-concrete5<8.5.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-43556 lighttpd<1.4.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37797 lighttpd>=1.4.56<1.4.67 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41556 varnish<7.1.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-38150 varnish<7.2.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-45059 mediawiki<1.38.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39194 mediawiki<1.37.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28203 mediawiki<1.37.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28204 mediawiki<1.37.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-28201 mediawiki<1.38.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42049 mediawiki<1.37.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44855 mediawiki<1.37.1 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2021-44854 mediawiki<1.38.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41767 mediawiki<1.38.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41765 mediawiki<1.37.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-44856 mediawiki<1.38.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22911 mediawiki<1.39.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22909 mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22945 mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-47927 mediawiki<1.39.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22912 mediawiki<1.39.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22910 mediawiki-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39193 mbedtls<2.28.2 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46393 mbedtls>=3<3.3.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46393 mbedtls<2.28.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-46392 mbedtls>=3<3.3.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-46392 mbedtls<2.16.11 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647 mbedtls>=2.17<2.27 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647 mbedtls>=2.28.0<3.0.0 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-36647 gitea<1.16.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-38183 gitea<1.17.3 command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42968 squid<5.7 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-41318 squid>=4.9<4.17 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41317 squid>=5.0.6<5.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41317 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0804 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0803 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0802 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0801 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0800 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0799 tiff<4.5.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0798 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0797 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0796 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0795 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45587 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45586 py{36,37,38,39,310,311}-werkzeug<2.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25577 py{36,37,38,39,310,311}-werkzeug<2.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-23934 php{56,73,74,80,81}-nextcloud<24.0.8 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-25162 php{56,73,74,80,81}-nextcloud<25.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-25161 py{27,36,37,38,39,310,311}-djangocms-text-ckeditor-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-48110 postgresql-timescaledb<2.9.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-25149 cmark-gfm<0.29.0.gfm.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39209 cmark-gfm<0.29.0.gfm.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22485 cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22484 cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22483 cmark-gfm<0.29.0.gfm.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22486 ap-modsecurity2<2.9.7 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24021 ap-modsecurity2<2.9.6 filtering-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48279 apache>=2.4.0<2.4.55 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-36760 apache<2.4.55 remote-memory-read https://nvd.nist.gov/vuln/detail/CVE-2006-20001 apache<2.4.55 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-37436 nginx<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41742 nginx<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41741 zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-40626 zabbix-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-43515 xfig<3.2.8 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40241 webmin<2.003 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-3844 wayland<1.20.91 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3782 w3m<0.5.3.0.20230121 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38223 viewvc<1.1.29 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-22456 viewvc>=1.2.0<1.2.2 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-22456 viewvc<1.1.30 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-22464 viewvc>=1.2.0<1.2.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-22464 jasper<4.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40755 net-snmp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44793 net-snmp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44792 pspp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39831 pspp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39832 samba<4.14.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-3670 samba>=4.15<4.15.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-3670 samba<4.15.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-20316 samba>=4.13.14<4.14.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745 samba>=4.15.2<4.15.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745 samba>=4.16.0<4.16.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32745 samba>=4.3.0<4.14.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744 samba>=4.15.0<4.15.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744 samba>=4.16.0<4.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-32744 samba<4.14.14 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742 samba>=4.15.0<4.15.9 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742 samba>=4.16.0<4.16.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-32742 samba<4.14.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031 samba>=4.15.0<4.15.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031 samba>=4.16.0<4.16.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2031 samba>=4.0.0<4.13.17 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336 samba>=4.14.0<4.14.12 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336 samba>=4.15.0<4.15.4 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-0336 samba<4.17.1 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-32743 samba<4.17.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-1615 samba>=4.0.0<4.15.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437 samba>=4.16.0<4.16.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437 samba>=4.17.0<4.17.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3437 samba>=4.17.0<4.17.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2022-3592 samba-[0-9]* sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 ffmpeg4<4.4.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3964 ffmpeg5<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3964 ffmpeg5<5.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3965 ffmpeg3<3.4.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3109 ffmpeg5<5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3341 ffmpeg5<5.1.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2566 sqlite3<3.40.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46908 sqlite3<3.32.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35527 sqlite3<3.32.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35525 powerdns-recursor>=4.5.0<4.5.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428 powerdns-recursor>=4.6.0<4.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428 powerdns-recursor>=4.7.0<4.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37428 powerdns-recursor>=4.8.0<4.8.1 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2023-22617 open-vm-tools-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2009-1143 open-vm-tools-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2009-1142 dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012 dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012 dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42012 dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011 dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011 dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42011 dbus<1.12.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010 dbus>=1.13.0<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010 dbus>=1.15.0<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42010 apr<1.7.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-24963 apr-util<1.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-25147 p5-libapreq2<2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-22728 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0819 gpac-[0-9]* off-by-one https://nvd.nist.gov/vuln/detail/CVE-2023-0818 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0817 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0841 php>=8.0<8.0.28 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568 php>=8.1<8.1.16 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568 php>=8.2<8.2.3 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-0568 php>=8.0<8.0.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662 php>=8.1<8.1.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662 php>=8.2<8.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0662 apache-tomcat>=8.5.0<8.5.78 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-43980 apache-tomcat>=9<9.0.61 unspecified https://nvd.nist.gov/vuln/detail/CVE-2021-43980 apache-tomcat>=8.5.0<8.5.83 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-42252 apache-tomcat>=9.0.0<9.0.68 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-42252 apache-tomcat>=9.0.40<9.0.69 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45143 hdf5-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-26061 hdf5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-25972 hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-25942 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-37501 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-36190 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-36186 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38530 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3178 gpac<2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3222 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43045 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43044 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43043 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43042 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43039 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43040 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-43255 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-43254 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3957 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-45204 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45202 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45343 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4202 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45283 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47663 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47662 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47661 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47659 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47658 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47657 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47660 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47656 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47654 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47653 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47095 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-47094 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-47093 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47092 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47091 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47089 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47088 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47087 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47086 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-46490 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-46489 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0358 gpac-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-23145 gpac-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23144 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23143 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0760 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0770 htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33235 htmldoc<1.9.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33236 htmldoc<1.9.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0137 go117<1.17.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32189 go118<1.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32189 go117<1.17.12 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32148 go118<1.18.4 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32148 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30635 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30635 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30633 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30633 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30632 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30632 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30631 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30631 go117<1.17.11 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2022-30629 go118<1.18.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2022-30629 go117<1.17.11 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30580 go118<1.18.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30580 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30630 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30630 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28131 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-28131 go117<1.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1962 go118<1.18.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1962 go117<1.17.12 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-1705 go118<1.18.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-1705 go118<1.18.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27664 go119<1.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27664 go118<1.18.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41715 go119<1.19.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41715 go118<1.18.7 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-2880 go119<1.19.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-2880 go118<1.18.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41717 go119<1.19.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41717 go119<1.19.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-32190 php{56,73,74,80,81}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-37183 py{36,37,38,39,310,311}-django>=3.2<3.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{36,37,38,39,310,311}-django>=4.0<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{36,37,38,39,310,311}-django>=4.1<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{27,36,37,38,39,310,311}-django-photologue<3.16 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4526 gpac-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0866 thunderbird<91.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43529 jhead-[0-9]* command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41751 jhead-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34055 rust<1.65.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36113 rust<1.65.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36114 ruby{26,27,30,31}-activerecord60<6.0.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224 ruby{26,27,30,31}-activerecord61<6.1.6.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224 ruby{26,27,30,31}-activerecord70<7.0.3.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-32224 ruby{26,27,30,31}-activerecord60<6.0.6.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794 ruby{26,27,30,31}-activerecord61<6.1.7.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794 ruby{26,27,30,31}-activerecord70<7.0.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-22794 ruby{26,27,30,31}-activerecord61<6.1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44566 ruby{26,27,30,31}-activerecord70<7.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44566 exctags-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4515 expat<2.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43680 openexr<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20304 openexr<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20298 php{56,73,74,80,81}-nextcloud<22.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074 php{56,73,74,80,81}-nextcloud>=23<23.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074 php{56,73,74,80,81}-nextcloud>=24<24.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-36074 php{56,73,74,80,81}-nextcloud<22.2.10.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211 php{56,73,74,80,81}-nextcloud>=23<23.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211 php{56,73,74,80,81}-nextcloud>=24<24.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39211 php{56,73,74,80,81}-nextcloud<23.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39329 php{56,73,74,80,81}-nextcloud>=24<24.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39329 php{56,73,74,80,81}-nextcloud<22.2.10.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364 php{56,73,74,80,81}-nextcloud>=23<23.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364 php{56,73,74,80,81}-nextcloud>=24<24.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39364 php{56,73,74,80,81}-nextcloud<22.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330 php{56,73,74,80,81}-nextcloud>=23<23.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330 php{56,73,74,80,81}-nextcloud>=24<24.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39330 php{56,73,74,80,81}-nextcloud<22.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346 php{56,73,74,80,81}-nextcloud>=23<23.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346 php{56,73,74,80,81}-nextcloud>=24<24.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-39346 php{56,73,74,80,81}-nextcloud>=24<24.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41970 php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41970 php{56,73,74,80,81}-nextcloud>=23<23.0.10 insufficient-input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-41968 php{56,73,74,80,81}-nextcloud>=24<24.0.5 insufficient-input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-41968 php{56,73,74,80,81}-nextcloud>=23<23.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41969 php{56,73,74,80,81}-nextcloud>=24<24.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41969 php{56,73,74,80,81}-nextcloud>=24<24.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25159 php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25159 firefox<96 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-01/ firefox91<91.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-02/ thunderbird<91.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-03/ firefox<97 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-04/ firefox91<91.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-05/ thunderbird<91.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-06/ thunderbird<91.6.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-07/ firefox<97.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-09/ firefox91<91.6.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-09/ firefox<98 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-10/ firefox91<91.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-11/ thunderbird<91.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-12/ firefox<99 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-13/ firefox91<91.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-14/ thunderbird<91.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-15/ firefox<100 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-16/ firefox91<91.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-17/ thunderbird<91.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-18/ firefox<100.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/ firefox91<91.9.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/ thunderbird<91.9.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-19/ firefox<101 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-20/ firefox91<91.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-21/ thunderbird<91.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-22/ firefox<102 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-24/ firefox91<91.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-25/ thunderbird<102 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-26/ firefox<103 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-28/ firefox91<91.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-29/ firefox102<102.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-30/ thunderbird<91.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-31/ thunderbird<102.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-32/ firefox<104 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-33/ thunderbird<102.2.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-38/ thunderbird<91.13.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-39/ firefox<105 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-40/ firefox102<102.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-41/ thunderbird<102.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-42/ firefox<107 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-47/ firefox102<102.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-48/ firefox102<102.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-49/ xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42326 xentools411-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42325 xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42324 xentools411-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323 xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323 xentools415-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42323 xentools413-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42322 xentools415-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-42322 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42321 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42321 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42319 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42319 xentools413-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42320 xentools415-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42320 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42317 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42317 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42318 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42318 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42316 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42316 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42315 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42315 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42314 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42314 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42313 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42313 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42312 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42312 xentools413-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42310 xentools415-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-42310 xentools413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42311 xentools415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42311 xentools413-[0-9]* expired-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-42309 xentools415-[0-9]* expired-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-42309 sudo>=1.8.0<1.9.12 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-43995 sudo>=1.8.0<1.9.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-22809 syslog-ng<3.38.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38725 dompdf<2.0.1 arbitrary-file-access https://nvd.nist.gov/vuln/detail/CVE-2022-41343 mpd<0.23.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46449 tinyproxy<1.11.1nb3 insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-40468 syft<0.70.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24827 sslh-[0-9]* remote-code-injection https://nvd.nist.gov/vuln/detail/CVE-2022-4639 sofia-sip<1.13.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-22741 sleuthkit-[0-9]* arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45639 firefox<79 timing https://nvd.nist.gov/vuln/detail/CVE-2020-12413 python37<3.7.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python38<3.8.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python39<3.9.17 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python310<3.10.12 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 python311<3.11.4 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24329 clamav<0.103.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20803 mpv<0.30 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19824 libraw<0.21.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32142 py{27,36,37,38,39,310,311}-joblib<1.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-21797 glib2<2.63.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3800 libarchive<3.5.2 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-31566 libarchive<3.5.2 acl-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-23177 libarchive>=3.0.0<3.6.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-36227 libdwarf<0.4.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-39170 libetpan-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4121 libgit2<1.4.5 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-22742 libiberty-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3826 libjpeg-turbo<2.0.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-35538 libksba<1.6.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47629 libksba<1.6.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3515 libtasn1<4.19.0 off-by-one https://nvd.nist.gov/vuln/detail/CVE-2021-46848 libvirt<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3975 libxml2<2.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40303 libxml2<2.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40304 py{27,36,37,38,39,310,311}-oauthlib>=3.1.1<3.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36087 shapelib-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-0699 py{27,36,37,38,39,310,311}-Pillow<9.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45199 py{27,36,37,38,39,310,311}-Pillow<9.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45198 py{27,36,37,38,39,310,311}-certifi>=2017.11.05<2022.12.07 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-23491 py{27,36,37,38,39,310,311}-cleo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42966 py{27,36,37,38,39,310,311}-cryptography>=1.8<39.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-23931 py{27,36,37,38,39,310,311}-gitpython<3.1.30 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-24439 py{27,36,37,38,39,310,311}-ipython<8.10.0 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-24816 py{27,36,37,38,39,310,311}-jupyter_core<4.11.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-39286 py{27,36,37,38,39,310,311}-jwt<3.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-39227 py{27,36,37,38,39,310,311}-mako<1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40023 py{27,36,37,38,39,310,311}-mechanize<0.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-32837 py{27,36,37,38,39,310,311}-mod_wsgi<4.9.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2255 py{27,36,37,38,39,310,311}-poetry<1.1.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36069 py{27,36,37,38,39,310,311}-py<1.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-42969 py{27,36,37,38,39,310,311}-setuptools<65.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40897 py{27,36,37,38,39,310,311}-twisted>=0.9.4<22.10.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-39348 py{27,36,37,38,39,310,311}-wheel<0.38.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-40898 xfce4-settings<4.16.4 missing-argument-check https://nvd.nist.gov/vuln/detail/CVE-2022-45062 vtk<9.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-42521 vlc<3.0.18 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41325 unzip<6.0nb11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4217 editorconfig-core<0.12.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-0341 tor<0.4.7.13 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23589 u-boot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-2347 totd-[0-9]* dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-34294 scala>=2.13<2.13.9 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-36944 allegro<5.2.8.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-36489 ruby{26,27,30,31}-activesupport<6.1.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22796 ruby{26,27,30,31}-activesupport>=7.0.0<7.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22796 ruby{26,27,30,31}-globalid>=0.2.1<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22799 ruby{26,27,30,31}-loofah>=2.2.0<2.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23516 ruby{26,27,30,31}-loofah>=2.1.0<2.19.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23515 ruby{26,27,30,31}-loofah<2.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-23514 ruby-nokogiri>=1.13.8<1.13.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-23476 ruby{26,27,30,31}-rack>=1.2<2.0.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122 ruby{26,27,30,31}-rack>=2.2.0<2.2.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30122 ruby{26,27,30,31}-rack<2.0.9.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123 ruby{26,27,30,31}-rack>=2.2.0<2.2.3.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-30123 ruby{26,27,30,31}-rack<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572 ruby{26,27,30,31}-rack>=2.2.0<2.2.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44572 ruby{26,27,30,31}-rack>=2.0.0<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=2.2.0<2.2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=3.0.0.0<3.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44571 ruby{26,27,30,31}-rack>=1.5.0<2.0.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rack>=2.1.0<2.1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rack>=2.2.0<2.2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rack>=3.0.0<3.0.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44570 ruby{26,27,30,31}-rails>=0.2.1<1.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-22797 ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23519 ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23520 ruby{26,27,30,31}-rails-html-sanitizer<1.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-23518 ruby{26,27,30,31}-redmine>=5<5.0.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-44030 ruby{26,27,30,31}-redmine<4.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44637 ruby{26,27,30,31}-redmine>=5<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44637 ruby{26,27,30,31}-redmine<4.2.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44031 ruby{26,27,30,31}-redmine>=5<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-44031 ruby{26,27,30,31}-sanitize>=5<6.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23627 ruby{26,27,30,31}-sinatra>=2.0.0<2.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45442 ruby{26,27,30,31}-sinatra>=3.0.0<3.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-45442 rxvt-unicode<9.29 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4170 rtf2html-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43148 rabbitmq<3.8.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008 rabbitmq>=3.9.0<3.9.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008 rabbitmq>=3.10.0<3.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31008 qt5-qtbase<5.15.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3481 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14394 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0216 qemu-[0-9]* insecure-lock-files https://nvd.nist.gov/vuln/detail/CVE-2021-3735 qemu<6.2.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-0358 qemu<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0148 qemu<1.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0147 qemu<2.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2014-0144 qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3165 qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3872 qemu<7.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4172 qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4144 #png-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4214 # test program only, not installed pngcheck<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35511 py{27,36,37,38,39,310,311}-matrix-nio<0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39254 py{27,36,37,38,39,310,311}-octoprint<1.9.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2822 python36<3.6.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python37<3.7.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python38<3.8.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python39<3.9.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-4189 python37<3.7.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python38<3.8.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python39<3.9.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python310<3.10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-10735 python37<3.7.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python38<3.8.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python39<3.9.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python310<3.10.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42919 python37<3.7.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python38<3.8.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python39<3.9.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python310<3.10.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python311<3.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-45061 python37<3.7.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 python38<3.8.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 python39<3.9.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 python310<3.10.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-28861 protobuf>=3.19.0<3.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941 protobuf>=3.20.0<3.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941 protobuf>=3.21.0<3.21.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1941 podman<4.4.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-2989 poppler<22.08.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38784 php{56,73,74,80,81}-gd>=7.4.0<7.4.33 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630 php{56,73,74,80,81}-gd>=8.0.0<8.0.25 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630 php{56,73,74,80,81}-gd>=8.1.0<8.1.12 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31630 php{73,74,80,81}-phpmyadmin>=5<5.2.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-22452 phppgadmin<6.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4223 php{56,73,74,80,81}-phpmyadmin<4.9.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25727 php{73,74,80,81}-phpmyadmin>=5<5.2.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25727 phppgadmin>=4<6.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-22298 phoronix-test-suite-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-40704 mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38865 mencoder<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38865 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38855 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38855 mplayer<15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38851 mencoder<15.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38851 mplayer<15.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-38600 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38866 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38866 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38864 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38864 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38862 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38862 mplayer<15.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-38861 mencoder<15.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-38861 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38863 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38863 mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38860 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38858 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38858 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38856 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38856 mplayer<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38853 mencoder<15.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-38853 mplayer<15.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2022-38850 matrix-synapse<1.62.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-31152 matrix-synapse<1.52.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41952 pkgconf<1.9.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-24056 pixman<0.42.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-44638 pgpool-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22332 openscad<2022.01.09 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0497 openscad<2022.02.04 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-0496 opusfile<0.12nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47021 openssh<9.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-25136 p5-HTML-StripScripts-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24038 patchelf<0.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-44940 opa>=0.40.0<0.43.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-36085 nautilus<2.26.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-37290 nostromo<2.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48253 netatalk<3.1.14 remote-root-access https://nvd.nist.gov/vuln/detail/CVE-2022-45188 njs<0.7.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-35173 njs<0.7.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38890 njs<0.7.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43286 njs<0.7.8 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-43285 njs<0.7.6 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-43284 nim<1.6.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46872 nss<3.79.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3479 mujs>=1.0.0<1.3.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-44789 mupdf<1.21 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2021-4216 openssl<1.1.1t denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0286 openssl<1.1.1t use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0215 openssl<1.1.1t timing-attack https://nvd.nist.gov/vuln/detail/CVE-2022-4304 openssl<1.1.1t denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4450 man2html-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2021-40648 man2html-[0-9]* arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2021-40647 bash<5.1.8 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3715 minetest-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-35978 less>=566<609 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46663 grub2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2601 grub2-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-3775 memcached<1.6.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37519 leptonica<1.80.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38266 lepton-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-4104 binutils<2.40 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-38533 binutils<2.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4285 awstats>=7<7.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46391 assimp<5.4.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45748 knot<5.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40188 freeciv>=2.6.7<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39047 modular-xorg-server<21.1.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2319 modular-xorg-server<21.1.4 arbitrary-memory-access https://nvd.nist.gov/vuln/detail/CVE-2022-2320 modular-xorg-server<21.1.6 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-3551 modular-xorg-server<21.1.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3550 modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46342 modular-xorg-server<1.20.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-46344 modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-46343 modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46341 modular-xorg-server<1.20.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-46340 modular-xorg-server<1.20.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-4283 git-base<2.38.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-39260 git-base<2.38.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39253 mysql-server<5.7.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-server>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-cluster<5.7.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-cluster>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixMSQL mysql-server<5.7.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-server>=7.6<7.6.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-server>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-cluster<5.7.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-cluster>=7.6<7.6.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL mysql-cluster>=8.0<8.0.32 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixMSQL thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0616 thunderbird<102.8.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-25728 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25730 thunderbird<102.8.0 arbitrary-memory-write https://nvd.nist.gov/vuln/detail/CVE-2023-0767 thunderbird<102.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-25735 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25737 thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25738 thunderbird<102.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-25739 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25729 thunderbird<102.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25732 thunderbird<102.8.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-25734 thunderbird<102.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25742 thunderbird<102.8.0 memory-safety https://nvd.nist.gov/vuln/detail/CVE-2023-25746 thunderbird<102.7.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-0430 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46871 thunderbird<102.7.0 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2023-23598 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23599 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23601 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-23602 thunderbird<102.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-46877 thunderbird<102.7.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23603 thunderbird<102.7.0 memory-safety https://nvd.nist.gov/vuln/detail/CVE-2023-23605 clamav<0.103.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-20792 ImageMagick<7.1.0.30 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2719 ghostscript-agpl<9.51 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-27792 ap{22,24}-auth-mellon<0.18.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2021-3639 gnutls<3.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4209 colord<1.4.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42523 anjuta<3.34.0nb38 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42522 ImageMagick6<6.9.12.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115 ImageMagick<7.1.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115 dnsmasq-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-0934 ImageMagick<7.1.0.20 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-0284 inetutils<2.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-39028 gzip<1.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2022-1271 influxdb<1.8.10 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-36640 confuse-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-40320 frr<8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37032 nodejs>=14<14.21.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 nodejs>=16<16.18.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 nodejs>=18<18.12.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 nodejs<16.17.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-35256 nodejs>=18<18.9.1 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2022-35256 nodejs<16.17.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-35255 nodejs>=18<18.9.1 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2022-35255 SOGo<5.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4558 SOGo<5.8.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-4556 dropbear<2022.82 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36369 dynamips-[0-9]* uninitialized-variables https://nvd.nist.gov/vuln/detail/CVE-2022-47012 gajim<1.5.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-39835 harfbuzz<7.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25193 hs-aeson<2.0.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3433 hyperscan<5.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29486 jasper<4.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-2963 jenkins<2.370 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41224 kitty<0.26.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41322 cacti<1.2.23 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46169 caddy<2.5.0 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-28923 chicken>=5.0.0<5.3.1 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-45145 erlang<23.3.4.15 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026 erlang>=24<24.3.4.2 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026 erlang>=25<25.0.2 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-37026 fcitx5<5.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37311 botan<2.19.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43705 fuse-ntfs-3g<2022.10.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-40284 gtar-base<1.34nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-48303 bind>=9.11<9.11.37 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-3488 bind>=9.16<9.16.36 dns-cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2022-3488 bind>=9.16<9.16.37 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094 bind>=9.18<9.18.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094 bind>=9.19<9.19.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3094 libreoffice>=7.3<7.3.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3140 libreoffice>=7.4<7.4.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-3140 mariadb-server>=10.3<10.3.36 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.4<10.4.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.5<10.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.6<10.6.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.7<10.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.8<10.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38791 mariadb-server>=10.11<10.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mariadb-server>=10.6<10.6.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mariadb-server>=10.5<10.5.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mariadb-server>=10.4<10.4.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 mit-krb5>=1.8<1.19.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-42898 modular-xorg-xquartz-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3553 ImageMagick<7.0.10.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20224 ImageMagick6<6.9.11.57 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-20224 ImageMagick<7.0.11.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3574 ImageMagick6<6.9.12.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-3574 ImageMagick<7.1.0.47 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3213 ImageMagick6<6.9.12.62 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3213 ImageMagick<7.1.0.62 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267 ImageMagick6<6.9.12.76 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267 ImageMagick<7.1.0.52 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44268 ImageMagick6<6.9.12.67 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44268 SDL2>=2.0.4<2.26.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4743 alpine<2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46853 amanda-client<3.3.9nb7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-37703 GraphicsMagick<1.3.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1270 ap{22,24}-auth-openidc<2.4.12.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2022-23527 postgresql-server>=10<10.22 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=11<11.17 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=12<12.12 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=13<13.8 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=14<14.5 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2625 postgresql-server>=10<10.21 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=11<11.16 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=12<12.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=13<13.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 postgresql-server>=14<14.3 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-1552 asterisk>=16<16.16.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837 asterisk>=17<17.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837 asterisk>=18<18.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46837 asterisk>=16<16.16.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706 asterisk>=17<18.15.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706 asterisk>=19<19.7.1 local-file-read https://nvd.nist.gov/vuln/detail/CVE-2022-42706 asterisk>=16<16.29.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705 asterisk>=18.14<18.15.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705 asterisk>=19.6<19.7.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-42705 asterisk>=16<16.29.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 asterisk>=18<18.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 asterisk>=19<19.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 salt-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-33226 xdg-utils-[0-9]* command-execution https://nvd.nist.gov/vuln/detail/CVE-2022-4055 mysql-client>=8<8.0.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL openjdk8<1.8.346 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA openjdk11<1.11.0.16.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA openjdk17<1.17.0.4.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixJAVA openjdk8<1.8.352 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA openjdk11<1.11.0.18 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA openjdk11<1.17.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2023.html#AppendixJAVA nethack>=3.6.2<3.6.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-24809 moodle<4.1.1 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-23923 moodle<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23922 moodle<4.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-23921 samba>=4.3<4.14.14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746 samba>=4.15<4.15.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746 samba>=4.16<4.16.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-32746 xenkernel413-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-33745 xenkernel413-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-33748 xenkernel415-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-33748 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33747 xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33747 xenkernel413-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33746 xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33746 epiphany-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-26081 afl++<4.06c arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26266 glusterfs-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-26253 knot<5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26249 jd-gui-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-26235 jd-gui-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-26234 glusterfs-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-48340 emacs<29.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48339 emacs<29.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48338 emacs<29.1 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-48337 zoneminder<1.36.33 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26039 zoneminder<1.36.33 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2023-26038 zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26037 zoneminder<1.36.33 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2023-26036 zoneminder<1.36.33 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-26035 zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26034 zoneminder<1.36.33 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-25825 zoneminder<1.36.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-26032 curl>=7.57<7.88 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23915 curl>=7.57<7.88 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23914 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-33367 mantis<2.25.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-22476 libheif<1.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-0996 php{56,73,74,80,81}-nextcloud>=23<23.0.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579 php{56,73,74,80,81}-nextcloud>=24<24.0.8 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579 php{56,73,74,80,81}-nextcloud>=25<25.0.2 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25579 php{56,73,74,80,81}-nextcloud>=24<24.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25821 php{56,73,74,80,81}-nextcloud>=25<25.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-25821 php{56,73,74,80,81}-nextcloud>=25<25.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25816 nodejs<14.21.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs>=16<16.19.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs>=18<18.14.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs>=19<19.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-23920 nodejs<14.21.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs>=16<16.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs>=18<18.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs>=19<19.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-23919 nodejs<14.21.3 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 nodejs>=16<16.19.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 nodejs>=18<18.14.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 nodejs>=19<19.6.1 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-23918 apache<2.4.56 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-27522 apache<2.4.56 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-25690 yubico-c-client-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages curl>=7.7<8.00 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27533 curl>=7.18<8.00 improper-path-limitation https://nvd.nist.gov/vuln/detail/CVE-2023-27534 curl>=7.13<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27535 curl>=7.22<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27536 curl>=7.88<8.00 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-27537 curl>=7.16.1<8.00 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-27538 redis>=7.0.8<7.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28425 openssl<1.1.1tnb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0464 modular-xorg-server<21.1.7nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-1393 irssi<1.4.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-29132 pcre-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ghostscript-gpl<10.01.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28879 ghostscript-agpl<10.01.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28879 git-base<2.40.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-25652 git-base<2.40.1 arbitrary-messages https://nvd.nist.gov/vuln/detail/CVE-2023-25815 git-base<2.40.1 configuration-misinterpretation https://nvd.nist.gov/vuln/detail/CVE-2023-29007 perl<5.38.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31484 p5-GitLab-API-v4<0.27 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31485 perl<5.38.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31486 py{36,37,38,39,310,311}-django>=3.2<3.2.19 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 py{36,37,38,39,310,311}-django>=4.1<4.1.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 py{36,37,38,39,310,311}-django>=4.2<4.2.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 libssh<0.105 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1667 libssh<0.105 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2023-2283 curl>=7.81.0<8.1.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-28319 curl>=7.9.8<8.1.0 improper-synchronization https://nvd.nist.gov/vuln/detail/CVE-2023-28320 curl>=7.12.0<8.1.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2023-28321 curl>=7.7<8.1.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-28322 cups-filters<1.28.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-24805 libcares<1.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32067 libcares<1.19.1 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2023-31124 libcares<1.19.1 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2023-31130 libcares<1.19.1 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2023-31147 luatex<1.17 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32700 openssl<1.1.1u denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2650 webkit-gtk<2.40.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28204 webkit-gtk<2.40.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32373 cups-base<2.4.2nb9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32324 libde265<1.0.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-27102 libde265<1.0.12 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-27103 libX11<1.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3138 libtpms<0.9.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1017 libtpms<0.9.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1018 cups-base<2.4.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-34241 webkit-gtk<2.38.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48503 webkit-gtk<2.40.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32435 webkit-gtk<2.40.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32439 ruby27-* eol https://www.ruby-lang.org/en/downloads/branches/ ruby{26,27,30,31}-actionpack52<5.2.8.1nb1 cross-site-scripting https://cve.report/CVE-2023-28362 ruby{26,27,30,31}-actionpack60<6.0.6.1nb1 cross-site-scripting https://cve.report/CVE-2023-28362 ruby{26,27,30,31}-actionpack61<6.1.7.4 cross-site-scripting https://cve.report/CVE-2023-28362 ruby{26,27,30,31}-actionpack70<6.1.7.4 cross-site-scripting https://cve.report/CVE-2023-28362 ruby30-base<3.0.6nb1 denial-of-service https://cve.report/CVE-2023-36617 ruby31-base<3.1.4nb1 denial-of-service https://cve.report/CVE-2023-36617 ruby32-base<3.2.2nb2 denial-of-service https://cve.report/CVE-2023-36617 python36-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python37-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{37,38,39,310,311}-django>=3.2<3.2.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{37,38,39,310,311}-django>=4.1<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{37,38,39,310,311}-django>=4.2<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{27,34,35,36,37,38,39,310,311}-django<3.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{26,27,30,31}-sanitize<6.0.2 cross-site-scripting https://cve.report/CVE-2023-36823 acmesh<3.0.6 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38198 openssh<9.3p2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38408 samba<4.18.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-2127 samba<4.18.5 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2023-3347 samba<4.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34966 samba<4.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34967 samba<4.18.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-34968 samba<4 eol https://wiki.samba.org/index.php/Samba_Release_Planning webkit-gtk<2.40.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-37450 webkit-gtk<2.40.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32393 librsvg<2.46.6 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-38633 librsvg<2.56.3 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-38633 webkit-gtk<2.40.5 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-38133 webkit-gtk<2.40.5 same-origin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-38572 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38592 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38594 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38595 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38597 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38599 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38600 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-38611 rust<1.71.1 permission-problem https://nvd.nist.gov/vuln/detail/CVE-2023-38497 py{27,37,38,39,310,311}-borgbackup<1.2.5 archive-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-36811 ruby[1-2][0-9]-rails42-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby[23][0-9]-rails51-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby[23][0-9]-rails52-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby[23][0-9]-rails61-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{37,38,39,310,311}-django>=3.2<3.2.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 py{37,38,39,310,311}-django>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 py{37,38,39,310,311}-django>=4.2<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 curl>=7.84.0<8.3.0 allocation-of-resources-without-limits-or-throttling https://nvd.nist.gov/vuln/detail/CVE-2023-38039 webkit-gtk<2.40.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-28198 webkit-gtk<2.40.1 content-security-policy-escape https://nvd.nist.gov/vuln/detail/CVE-2023-32370 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40397 libwebp<1.3.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4863 bind>=9.2<9.16.43 denial-of-service https://kb.isc.org/docs/cve-2023-3341 bind>=9.18<9.18.18 denial-of-service https://kb.isc.org/docs/cve-2023-3341 bind>=9.19<9.19.16 denial-of-service https://kb.isc.org/docs/cve-2023-3341 bind>=9.18<9.18.18 denial-of-service https://kb.isc.org/docs/cve-2023-4236 cups-base<2.4.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-4504 zbar<0.23.93 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40890 zbar<0.23.93 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40889 zola<0.18.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-40274 zstd<1.5.4 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2022-4899 z3<4.8.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-19725 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29581 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29580 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29582 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29583 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29579 yasm-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30402 yasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-31975 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31974 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31973 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31972 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31724 yasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31725 yasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31723 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37732 yt-dlp>=2015.01.25<2023.07.06 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2023-35934 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38310 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38308 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38306 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38305 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38311 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38309 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38307 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38304 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-38303 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-41155 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40986 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40985 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40984 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40983 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40982 webmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-43309 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43316 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43317 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43314 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43315 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43311 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43313 upx<4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-43312 upx<4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46179 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23125 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23124 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23123 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23122 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-23121 netatalk3<3.1.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-0194 netatalk3<3.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43634 cacti<1.2.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37543 cacti<1.2.19 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-48547 cacti<1.2.23 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48538 cacti-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-41444 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39515 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39514 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39513 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39516 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39512 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39510 cacti>=1.2.0<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39366 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39365 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39364 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39362 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39361 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39360 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39359 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39358 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39357 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-31132 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-30534 cacti<1.2.25 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39511 radare2<5.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27114 radare2<5.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1605 radare2<5.3.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-32495 radare2<5.3.0 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-32494 radare2<5.9.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4322 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28073 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28072 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28071 radare2<5.5.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-28070 radare2<5.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28069 radare2<5.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28068 vault<1.10.11 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-24999 vault<1.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25000 vault<1.11.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0665 vault<1.11.9 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-0620 vault<1.11.11 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2023-2121 vault<1.13.5 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-3462 vault<1.12.11 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4680 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38854 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38856 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38853 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38852 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38851 libxls-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38855 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27789 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27788 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27787 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27786 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27785 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27784 tcpreplay<4.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27783 salt<3005.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20898 salt<3005.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20897 salt>=3006.0<3006.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20898 salt>=3006.0<3006.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20897 sudo>=1.9.8<1.9.13 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-27320 sudo<1.9.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28487 sudo<1.9.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28486 jetty<9.4.51 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-26049 jetty<9.4.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26048 jetty>=9.0.0<9.4.52 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-40167 jetty>=9.4.21<9.4.52 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-41900 sox-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34318 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-32627 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-26590 sox-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34432 libredwg<0.12.5.5016 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25222 libredwg<0.12.5.5256 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-36274 libredwg<0.12.5.5256 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36273 libredwg<0.12.5.5256 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36272 libredwg<0.12.5.5256 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36271 podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2241 podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31568 podofo<0.10.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31567 podofo<0.10.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-31566 podofo<0.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31555 podofo<0.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31556 openimageio<2.4.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24472 openimageio<2.4.8.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24473 openimageio<2.4.8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22845 openimageio<2.4.13.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36183 ntp<4.2.8p17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26554 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26555 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26553 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26552 ntp<4.2.8p16 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-26551 ntpsec<1.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4012 webkit-gtk<2.42.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39928 webkit-gtk<2.40.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35074 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39434 webkit-gtk<2.40.5 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40451 webkit-gtk<2.42.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41074 webkit-gtk<2.42.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41993 libvpx<1.13.0nb1 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-5217 exim<4.96.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42114 exim<4.96.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42115 exim<4.96.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42116 exim<4.96.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42117 libspf2<1.2.11nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42118 exim<4.96.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42119 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 libX11<1.8.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43785 libX11<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43786 libX11<1.8.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43787 libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43788 libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43789 py{37,38,39,310,311}-django>=3.2<3.2.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 py{37,38,39,310,311}-django>=4.1<4.1.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 py{37,38,39,310,311}-django>=4.2<4.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4692 grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4693 croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43621 croc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43620 croc-[0-9]* remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43619 croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43618 croc-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-43616 croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43617 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44232 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31976 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30085 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30084 ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-30083 ming-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31240 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36239 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40781 amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37705 amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37704 lldpd<1.0.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-43612 lldpd<1.0.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-41910 zabbix<4.0.47 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-29456 zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29457 zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29455 zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29454 freeimage<1.18.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40266 freeimage<1.18.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40265 freeimage<1.18.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-40264 freeimage<1.18.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40262 freeimage-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40263 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24295 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24293 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24294 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-24292 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22524 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21428 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21426 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21427 wireshark<4.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1161 wireshark<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1992 wireshark<4.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1994 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2879 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2858 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2857 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2856 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2855 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2854 wireshark<4.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2952 wireshark<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0667 wireshark>=4<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0666 wireshark<4.0.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-0668 wireshark<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3649 wireshark<4.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3648 wireshark<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4513 wireshark<4.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4512 wireshark<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4511 wireshark<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5371 w3m<0.5.3.0.20230121nb4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38252 w3m-img<0.5.3.0.20230121nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38252 w3m<0.5.3.0.20230121nb4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38253 w3m-img<0.5.3.0.20230121nb2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38253 vsftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-30047 vorbis-tools-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43361 matrix-synapse<1.74.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32323 matrix-synapse>=1.62.0<1.68.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39374 matrix-synapse<1.69.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39335 matrix-synapse<1.85.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32682 matrix-synapse<1.85.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32683 matrix-synapse>=1.66.0<1.93.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-41335 matrix-synapse>=1.34.0<1.93.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-42453 freerdp2<2.11.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40589 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40569 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-40188 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40567 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40186 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40181 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39356 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39354 freerdp2<2.11.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-39353 freerdp2<2.11.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39352 freerdp2<2.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39350 freerdp2<2.11.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-39351 gnupg2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3219 libmicrohttpd<0.9.76 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-27371 libde265<1.0.11 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-25221 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24758 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24757 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24756 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24754 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24755 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24752 libde265<1.0.11 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-24751 nasm<2.16 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44370 nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-44369 nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-44368 nasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31722 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38668 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38667 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38665 nasm<2.15.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29654 nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21687 nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21686 nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21685 nasm<2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21528 nasm<2.15.04 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18780 puppet<7.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1894 openssh>=8.9<9.3 configuration-misinterpretation https://nvd.nist.gov/vuln/detail/CVE-2023-28531 wolfssl<5.6.2 privacy-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3724 catdoc-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31979 catdoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-41633 geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37787 geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-37786 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38469 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38470 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38471 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38472 avahi<0.8nb7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38473 libxml2<2.12.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-45322 libcue<2.2.1nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-43641 mutt<2.2.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4874 mutt<2.2.12 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4875 djvulibre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46312 djvulibre-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46310 grpc<1.53.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32732 grpc>=1.53.0<1.55.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-32731 grpc>=1.51.0<1.53.0 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-1428 grpc<1.55.3 expected-behavior-violation https://nvd.nist.gov/vuln/detail/CVE-2023-4785 podman-[0-9]* unknown-impact https://nvd.nist.gov/vuln/detail/CVE-2023-0778 opensc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2977 opensc<0.23.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34193 jhead<3.08 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-28550 jhead<3.04 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-28840 monit<5.31.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-26563 tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-4645 tiff<4.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-1916 vim<9.0.1367 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-1127 vim<9.0.1376 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1170 vim<9.0.1378 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1175 vim<9.0.1392 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-1264 vim<9.0.1402 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-1355 vim<9.0.1499 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2426 vim<9.0.1531 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2609 vim<9.0.1532 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2610 optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43907 #png-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3857 # false positive jpegoptim<1.5.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-27781 phppgadmin<7.14.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40619 phppgadmin<7.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-5002 phppgadmin<6.19 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-0241 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25363 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25362 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25361 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25360 webkit-gtk<2.36.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25358 libde265<1.0.10 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47664 libcares<1.19.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4904 webkit-gtk<2.26.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2019-8720 qemu>=7.2.0<7.2.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-0330 emacs>=28.1<28.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27986 emacs>=28.1<28.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-27985 consul<1.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-0845 liferea<1.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-1350 opendoas-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-28339 stellarium<23.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-28371 dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28450 pandoc>=1.13<3.1.4 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-35936 pandoc<3.1.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-38745 exempi<2.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18652 exempi<2.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18651 cmark-gfm<0.29.0.gfm.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24824 cmark-gfm<0.29.0.gfm.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26485 cmark-gfm<0.29.0.gfm.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37463 syncthing<1.23.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-46165 memcached<1.6.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48571 memcached>=1.6.0<1.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-22570 mbedtls<2.28.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43615 libheif<1.15.2 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-29659 grafana<9.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0594 grafana<9.3.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-0507 redis<7.0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36021 gradle>=6.2<6.9.4 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-26053 redis<7.0.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-25155 grafana<9.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-22462 libde265<1.0.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-47665 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36398 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36397 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36396 moodle<3.11.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36393 moodle<3.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36395 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36403 samba<4.17.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20251 pev-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-45423 vim<9.0.1969 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-5344 mosquitto<2.0.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3592 gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-5377 tiff<4.5.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3576 ImageMagick<7.1.1.19 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3428 gradle<7.6.3 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2023-44387 webkit-gtk<2.42 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-39928 gifsicle<1.95 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44821 libcue<2.2.1nb1 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43641 py{27,37,38,39,310,311,312}-urllib3<2.0.6 cookie-injection https://nvd.nist.gov/vuln/detail/CVE-2023-43804 tnftpd<20231001 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45198 tiff<4.6.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-41175 tiff<4.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-40745 vim<9.0.1992 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-5441 go120<1.20.9 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39323 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44766 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44765 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44762 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44761 php{56,73,74,80,81,82}-concrete5-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44764 gradle<7.6.3 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2023-42445 py{27,37,38,39,310,311,312}-octoprint<1.9.3 code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-41047 php{56,73,74,80,81,82}-piwigo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-44393 asn1c-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23910 asn1c-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-23911 yajl-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33460 zziplib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18770 xterm<380 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40359 vim<9.0.1847 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-4735 vim<9.0.1846 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4734 vim<9.0.1833 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4736 vim<9.0.1848 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4738 vim<9.0.1331 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4751 vim<9.0.1858 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4752 vim<9.0.1840 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4733 vim<9.0.1857 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4750 vim<9.0.1873 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4781 tightvnc<2.8.75 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-27830 unrar<6.2.3 verification-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-48579 haproxy<2.7.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-0836 haproxy<2.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25950 haproxy<2.8.2 request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-40225 py{27,37,38,39,310,311,312}-MechanicalSoup<1.3.0 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2023-34457 p7zip-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-47069 wordpress<6.1.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-2745 webkit-gtk-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-2203 vault>=0.10.0<1.13.0 permission-problem https://nvd.nist.gov/vuln/detail/CVE-2023-5077 vim<8.1.2136 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-20703 vim<9.0.1664 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-3896 vim<8.2.2354 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3236 poppler<23.06.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34872 poppler<21.01.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36024 poppler<21.01.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2020-36023 poppler<21.01.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-38349 poppler<22.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37052 poppler<22.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37050 poppler<0.76.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-18839 poppler<20.08.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23804 protobuf-c<1.4.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48468 advancecomp<2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2961 opendkim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-48521 grub2>=2.00<2.06.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-28736 grub2>=2.00<2.06.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-28735 grub2>=2.00<2.06.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28733 grub2>=2.00<2.06.3 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-28734 mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1451 mp4v2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1450 mp4v2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-29584 mp4v2-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-29578 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33720 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33718 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33716 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33719 mp4v2-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-33717 njs<0.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19695 njs<0.3.4 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-19692 njs<0.7.11 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-27730 njs<0.7.11 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-27729 njs<0.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27728 njs<0.7.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-27727 nats-server>=2.2.0<2.8.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2022-28357 qpdf<10.1.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-25786 gawk<5.1.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-4156 tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2731 tiff<4.5.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-26965 tiff>=3.9.0<4.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-3316 tiff<4.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3618 tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40090 consul>=1.15.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-2816 consul>=1.13.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-1297 consul<1.16.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3518 faad2<2.11.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38858 faad2<2.11.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38857 bitcoin<24.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-33297 bitcoin-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-37192 gnuplot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25969 screen<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24626 terraform>=1.0.8<1.5.7 overwrite-arbitrary-files https://nvd.nist.gov/vuln/detail/CVE-2023-4782 sniproxy<0.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25076 spice-server<0.13.90 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-23793 routinator<0.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39915 routinator>=0.9.0<0.12.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-39916 sofia-sip<1.13.15 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32307 xpdf-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-26930 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2664 xpdf<4.05 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2663 xpdf<4.05 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-2662 xpdf<4.05 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-3044 xpdf<4.05 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3436 xpdf-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-48545 tcpdump-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-1801 quickjs-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31922 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43358 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43357 libsass-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-26592 nuclei<2.9.9 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2023-37896 powerdns-recursor<4.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26437 go117-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go118-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go119-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go120-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 go121<1.21.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 h2o-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 nghttp2<1.57.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache-tomcat>=9<9.0.81 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache-tomcat>=8<8.5.94 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache-tomcat<8.5 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-36440 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40302 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43681 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40318 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31490 frr<8.4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31489 frr<8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3748 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41361 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41360 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41358 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41359 frr-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38802 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-41909 mupdf<1.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26683 mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21896 binutils<2.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48065 binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48064 binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47696 binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47695 binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47673 binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48063 binutils<2.40 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44840 binutils<2.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46174 binutils<2.34 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35342 binutils<2.34 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21490 binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19724 libdwarf<0.3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27545 libdwarf<0.3.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-28163 kilo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20335 h2o-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-30847 atasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34123 KeePass>=2.00<2.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-32784 curl>=7.69.0<8.4.0 heap-based-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38545 curl>=7.9.1<8.4.0 external-control-of-file-name-or-path https://nvd.nist.gov/vuln/detail/CVE-2023-38546 samba>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961 samba>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961 samba>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669 samba>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669 samba>=4.17<4.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670 samba>=4.18<4.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670 hs-http2<4.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 varnish-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 apache<2.4.58 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-31122 apache<2.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43622 apache<2.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45802 minizip<1.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-45853 py{27,37,38,39,310,311,312}-configobj<5.0.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26112 modular-xorg-server<21.1.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-5367 modular-xorg-server<21.1.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5380 modular-xorg-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5574 py{27,38,39,310,311,312}-pip<23.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-5752 php{56,73,74,80,81,82}-roundcube<1.6.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-5631 exiv2>=0.28<0.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-44398 ltm<1.2.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36328 gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44441 qimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44442 gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44443 gimp<2.10.36 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-44444 tor<0.4.8.8 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE tor<0.4.8.9 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE yt-dlp<2023.11.14 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46121 webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-32919 webkit-gtk<2.38.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32933 webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46705 webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46725 webkit-gtk<2.42 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32359 webkit-gtk<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41983 webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852 gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37328 gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37329 gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0004.html gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0005.html gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-44429 gst-plugins1-bad<1.22.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-44446 vim<9.0.2106 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-48231 vim<9.0.2112 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-48237 gnutls<3.8.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-5981 vim<9.0.2121 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-48706 samba>=4.0<4.18.9 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 samba>=4.19<4.19.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 py{27,38,39,310,311,312}-cryptography>=3.1<41.0.6 NULL-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-49083 perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038 webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916 webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917 go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218 curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219 fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284 modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-6377 modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-6478 opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660 asterisk<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 asterisk>=20<20.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 asterisk>=21<21.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 asterisk<18 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=19<20 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jq<1.7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-50246 jq<1.7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-50268 webkit-gtk<2.42.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42883 webkit-gtk<2.42.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42890 openssh<9.6 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 putty<0.80 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 py{38,39,310,311,321}-asyncssh<2.14.2 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 py{38,39,310,311,321}-asyncssh<2.14.2 extension-negotiation-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46445 py{38,39,310,311,321}-asyncssh<2.14.2 session-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46446 libssh<0.106 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 py{38,39,310,311,321}-paramiko<3.4.0 session-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46446 proftpd<1.3.8b extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 dropbear<2022.83nb1 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 erlang<26.2.1 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 libssh2<1.11.0nb2 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 postfix<3.8.4 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51764 mysqld_exporter<0.15.1 auth-bypass https://pkg.go.dev/vuln/GO-2022-1130 mysqld_exporter<0.15.1 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 postgres_exporter<0.15.0 auth-bypass https://pkg.go.dev/vuln/GO-2022-1130 postgres_exporter<0.15.0 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 git-lfs<3.4.1 denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 exim<4.97.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51766 nuclei<3.1.3 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 glow<1.5.1 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 sendmail<8.18.0.2 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51765 packer<1.9.5 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 ssh-chat-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 influxdb-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 lazygit-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 amfora<1.10.0 infinite-loop https://pkg.go.dev/vuln/GO-2021-0238 hub-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 nats-server-[0-9]* permissions-checking https://pkg.go.dev/vuln/GO-2022-0386 obfs4proxy-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-2153 terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 authelia-[0-9]* path-traversal https://pkg.go.dev/vuln/GO-2022-0355 authelia-[0-9]* out-of-bounds-read https://pkg.go.dev/vuln/GO-2021-0113 apisprout-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 gitea<1.22 man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 gitea<1.22 improper-rendering https://pkg.go.dev/vuln/GO-2023-1988 openssh<9.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51385 libssh<0.10.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-6004 p5-Spreadsheet-ParseExcel<0.6600 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-7101 filezilla<3.66.4 extension-negotiation-downgrade https://nvd.nist.gov/vuln/detail/CVE-2023-48795 libheif<1.17.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49462 libde265<1.0.15 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49468 gst-plugins1-bad<1.22.8 buffer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0011.html modular-xorg-server<21.1.11 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-6816 coreutils<9.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-0684 gnutls<3.8.3 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-0553 py{27,38,39,310,311,312}-Pillow<10.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-50447 postgresql-server>=11<12 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nodejs>=16<18 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,37,38,39,310,311,312}-aiohttp<3.9.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-23334 py{27,37,38,39,310,311,312}-aiohttp<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23829 curl<8.6.0 out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-52071 mbedtls<2.28.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170 mbedtls>=3<3.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170 mbedtls<2.28.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775 mbedtls>=3<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775 opensc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-5992 py{27,37,38,39,310,311,312}-octoprint-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23637 glpi<10.0.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51446 glpi<10.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-23645 graphviz<10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-46045 expat<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52425 expat<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52426 webkit-gtk<2.42.5 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-23222 py{37,38,39,310,311,312}-django>=3.2<3.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{37,38,39,310,311,312}-django>=4.1<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{37,38,39,310,311,312}-django>=4.2<4.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 libuv>=1.24.0<1.48 address-check-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-24806 postgresql-server>=12<12.18 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=13<13.14 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=14<14.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=15<15.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 postgresql-server>=16<16.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 asterisk-13.* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387 unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-4408 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5517 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5679 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50387 bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50868 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-4408 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5517 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5679 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50387 bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50868 dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50387 dnsmasq<2.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50868 powerdns-recursor<4.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50387 powerdns-recursor<4.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50868 nss<3.98.0 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-5388 py{27,37,38,39,310,311,312}-dns<2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29483 py{27,37,38,39,310,311,312}-cryptography<42.0.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-26130 libcares<1.27.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25629 ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25126 ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25126 ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26141 ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26141 ruby{27,30,31}-actionpack71>=7.1<7.1.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26142 ruby{27,30,31,32,33}-actionpack70>=7.0<7.0.8.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-26143 ruby{27,30,31,32,33}-actionpack71>=7.1<7.1.3.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-26143 ruby{27,30,31,32,33}-activestorage61>=6.1<6.1.7.7 information-leak https://nvd.nist.gov/vuln/detail/CVE-2024-26144 ruby{27,30,31,32,33}-activestorage70>=7.0<7.0.8.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2024-26144 ruby{27,30,31}-rack2>=2.0<2.2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26146 ruby{27,30,31}-rack>=3.0<3.0.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26146 py{27,37,38,39,310,311,312}-cbor2<5.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-26134 wolfssl<5.6.6 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-6936 mantis<2.26.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-23830 wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24478 wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24476 wireshark<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24479 routinator<0.13.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-1622 yasm-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2024-25760 fontforge<20230101nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25081 fontforge<20230101nb6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25082 opendmarc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-25768 py{37,38,39,310,311,312}-django>=3<3.2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 py{37,38,39,310,311,312}-django>=4<4.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 py{37,38,39,310,311,312}-django>=5<5.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 go121<1.21.8 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45289 go121<1.21.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24783 go122<1.22.1 information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-45289 go122<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24783 py{37,38,39,310,311,312}-fonttools>4.28.2<4.43.0 xml-external-entity-vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-45139 expat<2.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28757 python38<3.8.19 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python39<3.9.19 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python310<3.10.14 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python311<3.11.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python312<3.12.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 gnutls<3.8.4 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2024-28834 ruby31-base>=3.1<3.1.4nb3 buffer-overread https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/ ruby31-base>=3.1<3.1.4nb3 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ ruby32-base>=3.2<3.2.3nb1 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ ruby33>=3.3<3.3.0nb1 remote-code-execution https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ firefox<124.0.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-29944 emacs<29.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-30205 webkit-gtk<2.44.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42950 curl<8.7.0 improper-validation-of-certificate https://nvd.nist.gov/vuln/detail/CVE-2024-2466 xz>=5.6<5.6.1nb100 backdoor https://www.openwall.com/lists/oss-security/2024/03/29/4 modular-xorg-server<21.1.12 heap-buffer-overread https://nvd.nist.gov/vuln/detail/CVE-2024-31080 modular-xorg-xwayland<23.2.5 heap-buffer-overread https://nvd.nist.gov/vuln/detail/CVE-2024-31080 nodejs>=18<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 nodejs>=20<20.12.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 nodejs>=21<21.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 go121<1.21.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 go122<1.22.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 nghttp2<1.61.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 apache<2.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-2753 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3178 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3179 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3180 php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3181 p5-HTTP-Body<1.23 shell-escape https://nvd.nist.gov/vuln/detail/CVE-2013-4407 php>=8.1<8.1.28 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php>=8.1.11<8.1.28 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php>=8.1<8.1.28 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php>=8.2<8.2.18 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php>=8.2<8.2.18 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php>=8.2<8.2.18 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php>=8.3<8.3.5 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php>=8.3<8.3.5 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php>=8.3<8.3.5 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php>=7.4<8.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>=8.0<8.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages putty<0.81 secret-key-recovery https://nvd.nist.gov/vuln/detail/CVE-2024-31497 filezilla<3.67.0 secret-key-recovery https://nvd.nist.gov/vuln/detail/CVE-2024-31497 ruby31-base>=3.1<3.1.5 arbitrary-memory-read https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ ruby32-base>=3.2<3.2.4 arbitrary-memory-read https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ ruby33>=3.3<3.3.1 arbitrary-memory-read https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/ R<4.4.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-27322 py{27,37,38,39,310,311,312}-aiohttp<3.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-30251 p5-Email-MIME<1.954 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4140 uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34402 uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34403 tinyproxy<1.11.1nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49606 unbound<1.20.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655 phpldapadmin<1.2.6.7 cross-site-scripting https://github.com/leenooks/phpLDAPadmin/commit/d59cbfef5d8a78da55e4c1919862e9e3968b3715 go121<1.21.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 go122<1.22.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 vim<9.1.0404 buffer-overflow https://github.com/vim/vim/commit/67797191e039196128c69 git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32002 git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32004 git-base<2.45.1 insufficient-checks https://nvd.nist.gov/vuln/detail/CVE-2024-32020 git-base<2.45.1 toctou https://nvd.nist.gov/vuln/detail/CVE-2024-32021 git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32465 dino<0.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28686 ghostscript-gpl-[0-9]* unknown https://nvd.nist.gov/vuln/detail/CVE-2023-52722 ghostscript-agpl<10.03.1 unknown https://nvd.nist.gov/vuln/detail/CVE-2023-52722 asterisk<18.23.1 authentication-bypass https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 asterisk>=20<20.8.1 authentication-bypass https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 asterisk>=21<21.3.1 authentication-bypass https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9 keepassxc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-33900 keepassxc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-33901 py{27,37,38,39,310,311,312}-requests<2.32.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-35195 py{37,38,39,310,311,312}-mysql<1.1.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-36039 gst-plugins1-base<1.24.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-4453 lighttpd-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-3708 libarchive<3.7.4 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2024-26256 nginx<1.26.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31079 nginx<1.26.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-34161 php>=8.1<8.1.29 argument-injection https://nvd.nist.gov/vuln/detail/CVE-2024-4577 php>=8.2<8.2.20 argument-injection https://nvd.nist.gov/vuln/detail/CVE-2024-4577 php>=8.3<8.3.8 argument-injection https://nvd.nist.gov/vuln/detail/CVE-2024-4577 vte<0.76.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-37535 vte3<0.76.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-37535 libxml2<2.12.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-25062 libxml2<2.12.7 buffer-overread https://nvd.nist.gov/vuln/detail/CVE-2024-34459 python38<3.8.20 race-condition https://github.com/python/cpython/issues/114572 python39<3.9.20 race-condition https://github.com/python/cpython/issues/114572 python310<3.10.4 race-condition https://github.com/python/cpython/issues/114572 python311<3.11.9 race-condition https://github.com/python/cpython/issues/114572 python312<3.12.3 race-condition https://github.com/python/cpython/issues/114572 python38<3.8.20 ip-range-classification https://github.com/python/cpython/issues/113171 python39<3.9.20 ip-range-classification https://github.com/python/cpython/issues/113171 python310<3.10.15 ip-range-classification https://github.com/python/cpython/issues/113171 python311<3.11.10 ip-range-classification https://github.com/python/cpython/issues/113171 python312<3.12.4 ip-range-classification https://github.com/python/cpython/issues/113171 emacs29<29.4 remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs29-nox11<29.4 remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs28-[0-9]* remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs28-nox11-[0-9]* remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs27-[0-9]* remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs27-nox11-[0-9]* remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs26-[0-9]* remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 emacs26-nox11-[0-9]* remote-user-access https://nvd.nist.gov/vuln/detail/CVE-2024-39331 samba<4.19.7 memory-corruption https://www.openwall.com/lists/oss-security/2024/06/24/3 samba>=4.20<4.20.2 memory-corruption https://www.openwall.com/lists/oss-security/2024/06/24/3 mit-krb5>=1.3<1.21.3 truncate-message https://nvd.nist.gov/vuln/detail/CVE-2024-37370 mit-krb5>=1.3<1.21.3 invalid-memory-read https://nvd.nist.gov/vuln/detail/CVE-2024-37371 apache<2.4.60 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-39573 apache<2.4.60 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38477 apache<2.4.60 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-38476 apache<2.4.60 code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-38475 apache<2.4.60 code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-38474 apache<2.4.60 bypass-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-38473 apache<2.4.60 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-38472 apache<2.4.60 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-36387 apache<2.4.61 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-39884 znc<1.9.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-39844 7-zip<24.01 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-52168 py{37,38,39,310,311,312}-django>=4<4.2.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38875 py{37,38,39,310,311,312}-django>=5<5.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38875 exim<4.98 smtp-smuggling-attack https://nvd.nist.gov/vuln/detail/CVE-2023-51766 py{38,39,310,311,312}-httpie<3.2.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2023-48052 exiv2<0.28.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-39695 apache<2.4.62 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-40725 mit-krb5<1.21.3 truncated-token https://nvd.nist.gov/vuln/detail/CVE-2024-37370 mit-krb5<1.21.3 invalid-memory-reads https://nvd.nist.gov/vuln/detail/CVE-2024-37371 libcurl-gnutls>8.6.0<8.9.0 free-of-memory-not-on-heap https://nvd.nist.gov/vuln/detail/CVE-2024-6197 mysql-client-5.6.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.6.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-client-5.7.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.7.[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages orc<0.4.39 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-40897 curl<8.9.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-7264 vim<9.1.0647 double-free https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4 vim<9.1.0648 double-free https://github.com/vim/vim/security/advisories/GHSA-46pw-v7qw-xc2f py{37,38,39,310,311,312}-django>=4<4.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-41991 py{37,38,39,310,311,312}-django>=5<5.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-41991 php{56,74,80,81,82,83}-roundcube<1.6.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-42009 nodejs>=18<18.20.4 code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-22020 dovecot<2.3.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23184 dovecot<2.3.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23185 unbound<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-43167 webkit-gtk<2.44.3 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-4558 py{38,39,310,311,312}-WebOb<1.8.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2024-42353 vim<9.1.0689 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-v2x2-cjcg-f9jm python38<3.8.20 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python39<3.9.20 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python310<3.10.15 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python311<3.11.10 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python312<3.12.6 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 apr<1.7.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-49582 vim<9.1.0697 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh vim<9.1.0707 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-wxf9-c5gx-qrwr go122<1.22.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34155 go122<1.22.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34156 go122<1.22.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34158 go123<1.23.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34155 go123<1.23.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34156 go123<1.23.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34158 expat<2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-45490 expat<2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-45491 expat<2.6.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-45492 python38<3.8.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python39<3.9.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python310<3.10.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python311<3.11.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python312<3.12.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 openssl<3.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6119 py{38,39,310,311,312}-django>=4<4.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45230 py{38,39,310,311,312}-django>=5<5.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45230 gtk3+<3.24.43 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-6655 libcurl-gnutls<8.10.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2024-8096 webkit-gtk<2.46.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-40857 olm-[0-9]* observable-timing-discrepancy https://nvd.nist.gov/vuln/detail/CVE-2024-45191 olm-[0-9]* use-of-a-broken-or-risky-cryptographic-algorithm https://nvd.nist.gov/vuln/detail/CVE-2024-45193 olm-[0-9]* convert-timing-channel https://nvd.nist.gov/vuln/detail/CVE-2024-45192 olm-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47176 cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47076 cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47175 cups-base<2.4.10nb1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47177 unbound<1.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-8508 powerdns-recursor<4.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25590 libgsf<1.14.53 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-42415 python38-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libarchive<3.7.5 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2024-48957 libarchive<3.7.5 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2024-48958 element-web<1.11.81 expose-access-tokens https://nvd.nist.gov/vuln/detail/CVE-2024-47771 mpg123<1.32.8 heap-buffer-overflow https://mpg123.org/cgi-bin/news.cgi#2024-10-26 modular-xorg-server<21.1.14 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-9632 modular-xorg-xwayland<24.1.4 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-9632 webkit-gtk<2.46.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-44244 curl<8.11.0 comparison-using-wrong-factors https://nvd.nist.gov/vuln/detail/CVE-2024-9681 libsoup3<3.6.0 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2024-52530 libsoup3<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52532 openafs<1.6.25 privilege-escalation http://openafs.org/pages/security/OPENAFS-SA-2024-001.txt openafs>=1.7<1.8.13 privilege-escalation http://openafs.org/pages/security/OPENAFS-SA-2024-001.txt openafs<1.6.25 denial-of-service http://openafs.org/pages/security/OPENAFS-SA-2024-002.txt openafs>=1.7<1.8.13 denial-of-service http://openafs.org/pages/security/OPENAFS-SA-2024-002.txt openafs<1.6.25 buffer-overflow http://openafs.org/pages/security/OPENAFS-SA-2024-003.txt openafs>=1.7<1.8.13 buffer-overflow http://openafs.org/pages/security/OPENAFS-SA-2024-003.txt postgresql-server>=12<13 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wget<1.25.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-10524 webkit-gtk<2.46.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-44308 py{38,39,310,311,312}-django>=4<4.2.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-53907 py{38,39,310,311,312}-django>=5<5.1.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-53907 curl<8.11.1 credential-leak https://nvd.nist.gov/vuln/detail/CVE-2024-11053 gstreamer-1.24.10 multiple-vulnerabilities https://discourse.gstreamer.org/t/gstreamer-1-24-10-stable-bug-fix-release/3683 firefox<131.0.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 firefox128<128.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 firefox115<115.16.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 liboqs<0.12.0 incorrect-decapsulation https://nvd.nist.gov/vuln/detail/CVE-2024-54137 webkit-gtk<2.46.5 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-54505 vim<9.1.1003 heap-buffer-overflow https://github.com/vim/vim/security/advisories/GHSA-5rgf-26wj-48v8 rsync<3.4.0 file-leak https://nvd.nist.gov/vuln/detail/CVE-2024-12086 rsync<3.4.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-12087 git-base<2.48.1 missing-url-sanitizing https://nvd.nist.gov/vuln/detail/CVE-2024-50349 pam-u2f<1.3.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-23013 vim<9.1.1043 out-of-bounds-write https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955 bind>=9.16<9.18 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages drupal>=9<10 eol https://www.drupal.org/psa-2023-11-01 drupal>=7<8 eol https://www.drupal.org/psa-2025-01-06 libtasn1<4.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-12133 openssl>=3.3<3.3.3 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2024-12797 openssl>=3.4<3.4.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2024-12797 postgresql-server>=13<13.19 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1094 postgresql-server>=14<14.16 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1094 postgresql-server>=15<15.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1094 postgresql-server>=16<16.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1094 postgresql-server>=17<17.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1094 vim<9.1.1115 use-after-free https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v libxml2<2.12.10 stack-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-24928 libxml2<2.12.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-56171 openssh<9.9p2 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2025-26465 openssh<9.9p2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-26466 exim<4.98.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-26794 openh264<2.6.0 remote-heap-overflow https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x drupal>=11.1.0<11.1.3 cross-site-scripting https://www.drupal.org/sa-core-2025-001 drupal>=11.1.0<11.1.3 access-bypass https://www.drupal.org/sa-core-2025-002 drupal>=11.1.0<11.1.3 php-object-injection https://www.drupal.org/sa-core-2025-003 exiv2>0.28<0.28.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-26623 modular-xorg-server<21.1.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-26601 modular-xorg-xwayland<24.1.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-26601 vim<9.1.1164 arbitrary-code-execution https://github.com/vim/vim/security/advisories/GHSA-wfmf-8626-q3r3 firefox115<115.21 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-43097 firefox128<128.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-43097 firefox<136 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-1931 thunderbird<128.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-1931 tinyxml2<10.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-50615 freetype2<2.13.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-27363 php81<8.1.32 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-11235 php82<8.2.28 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-11235 php83<8.3.19 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-11235 php84<8.4.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-11235 expat<2.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-8176 vim<9.1.1198 argument-injection https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf webkit-gtk<2.48.0 out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2025-24201 py{39,310,311,312,313}-mercurial<6.9.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-2361 exim<4.98.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-30232 matrix-synapse<1.127.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-30355 redlib<0.36.0 denial-of-service https://github.com/redlib-org/redlib/security/advisories/GHSA-g8vq-v3mg-7mrg py{39,310,311,312,313}-django>=5<5.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27556 openvpn>=2.6.1<2.6.14 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-2704 yelp-[0-9]* arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2025-3155 powerdns-recursor<5.2.0 illegal-memory-access https://nvd.nist.gov/vuln/detail/CVE-2025-30195 webkit-gtk<2.48.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-54551 giflib<5.2.2nb1 heap-buffer-overflow https://www.openwall.com/lists/oss-security/2025/04/07/3 libcares<1.34.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-31498 perl<5.40.2 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-56406 libxml2<2.14.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-32414 erlang<27.3.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-32433 libsoup-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-32049 libsoup3-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-32049 libsoup-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-32906 libsoup3<3.6.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-32906 libarchive<3.7.8 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-1632 mailman<2.1.39 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-43920 fcgi<2.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-23016 py{39,310,311,312,313}-h11<0.16.0 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-43859 dnsdist<1.9.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-30194 liboqs<0.13.0 information-disclosure https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/Wiu4ZQo3fP8 py{39,310,311,312,313}-django<4.2.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-32873 py{39,310,311,312,313}-django>=5<5.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-32873 postgresql-server>=13<13.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4207 postgresql-server>=14<14.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4207 postgresql-server>=15<15.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4207 postgresql-server>=16<16.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4207 postgresql-server>=17<17.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4207 dropbear<2025.88 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-47203 screen<4.9.1nb2 multiple-vulnerabilities https://security.opensuse.org/2025/05/12/screen-security-issues.html screen>=5<5.0.0nb3 multiple-vulnerabilities https://security.opensuse.org/2025/05/12/screen-security-issues.html open-vm-tools<12.5.2 insecure-file-handling https://nvd.nist.gov/vuln/detail/CVE-2025-22247 varnish<7.7.1 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-47905 py{39,310,311,312,313}-flask>=3.1.0<3.1.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-47278 nodejs>=20<20.19.2 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-23166 nodejs>=22<22.15.1 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-23166 nodejs>=24<24.0.2 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-23166 webkit-gtk<2.48.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31206 chromium<136.0.7103.113 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-0291 python310<3.10.18 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 python311<3.11.13 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 python312<3.12.11 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 python313<3.13.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 ruby30-* eol https://www.ruby-lang.org/en/downloads/branches/ ruby31-* eol https://www.ruby-lang.org/en/downloads/branches/ perl<5.40.2nb1 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-40909 ghostscript-gpl-[0-9]* passphrase-leakage https://nvd.nist.gov/vuln/detail/CVE-2025-48708 ghostscript-agpl<10.05.1 passphrase-leakage https://nvd.nist.gov/vuln/detail/CVE-2025-48708 libxslt<1.1.43 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-24855 coreutils<9.6nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-5278 openssl>=3.5<3.5.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-4575 asterisk<18.26.2 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-47779 asterisk>=20<20.14.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-47779 asterisk>=21<21.9.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-47779 asterisk>=22<22.4.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-47779 asterisk<18.26.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-47780 asterisk>=20<20.14.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-47780 asterisk>=21<21.9.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-47780 asterisk>=22<22.4.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-47780 grafana<11.2.10 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-3580 cJSON<1.7.18 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-53154 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5165 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5166 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5167 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5168 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5169 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5200 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5201 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5202 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5203 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5204 binutils<2.45 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5244 binutils<2.45 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5245 gimp<3.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48796 gimp<3.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48797 gimp<3.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-48798 icu<77.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-5222 icinga2<2.14.6 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-48057 p5-Net-CIDR-Set<0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-40911 kea<2.6.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-32801 kea<2.6.3 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-32802 kea<2.6.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-32803 rt5<5.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-31500 rt5<5.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-31501 firefox<139 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-42/ firefox115<115.25 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-43/ firefox128<128.11 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-44/ thunderbird<139 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-45/ chromium<137.0.7151.55 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-5063 chromium<137.0.7151.55 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-5064 chromium<137.0.7151.55 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-5065 chromium<137.0.7151.55 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-5066 chromium<137.0.7151.55 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-5067 chromium<137.0.7151.55 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5280 chromium<137.0.7151.55 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-5281 chromium<137.0.7151.55 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5283 rt4<4.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-30087 rt5<5.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-30087 redis<8.0.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27151 yasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-22653 tcpreplay<4.5.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-22654 apache-tomcat>=9<9.0.15 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-46701 apache-tomcat>=10<10.1.41 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-46701 apache-tomcat>=11<11.0.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-46701 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-44904 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-44905 jhead-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-44906 liboqs<0.13.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2025-48946 clamav<0.103.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-20032 clamav<0.103.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-20052 go119<1.19.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41723 go120<1.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41723 go119<1.19.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41724 go120<1.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41724 go119<1.19.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41725 go120<1.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41725 go120<1.19.7 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2023-24532 go120<1.20.2 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2023-24532 jq<1.8.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-23337 jq<1.8.0 type-confusion https://nvd.nist.gov/vuln/detail/CVE-2024-53427 jq<1.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48060 php{56,74,80,81,82,83}-roundcube<1.6.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-49113 p5-YAML-LibYAML<0.903.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-40908 ap{22,24}-modsecurity<2.9.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48866 catdoc-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-48877 catdoc-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-52035 catdoc-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-54028 chromium<137.0.7151.68 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5068 chromium<137.0.7151.68 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5419 grafana>=11.6.0<11.6.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3260 grafana<11.6.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3454 qt5-qtbase<5.15.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5455 qt6-qtbase<6.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5455 sslh<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46806 sslh<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46807 python39<3.9.23 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-12718 python310<3.10.18 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-12718 python311<3.11.13 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-12718 python312<3.12.11 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-12718 python313<3.13.4 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-12718 python39<3.9.23 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4138 python310<3.10.18 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4138 python311<3.11.13 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4138 python312<3.12.11 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4138 python313<3.13.4 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4138 python39<3.9.23 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4330 python310<3.10.18 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4330 python311<3.11.13 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4330 python312<3.12.11 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4330 python313<3.13.4 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4330 python39<3.9.23 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-4435 python310<3.10.18 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-4435 python311<3.11.13 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-4435 python312<3.12.11 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-4435 python313<3.13.4 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-4435 python39<3.9.23 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4517 python310<3.10.18 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4517 python311<3.11.13 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4517 python312<3.12.11 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4517 python313<3.13.4 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-4517 samba<4.21.6 information-loss https://nvd.nist.gov/vuln/detail/CVE-2025-0620 py{39,310,311,312}-requests<2.32.4 credential-leak https://nvd.nist.gov/vuln/detail/CVE-2024-47081 curl<8.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5399 py{39,310,311,312,313}-django>=4<4.2.23 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-48432 py{39,310,311,312,313}-django>=5.1<5.1.11 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-48432 py{39,310,311,312,313}-django>=5.2<5.2.3 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-48432 wireshark<4.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5601 ruby{31,32,33,34}-rack>=3.1.0<3.1.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49007 aerc<0.21.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-49466 qt6-qtimageformats<6.8.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5683 radare2-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5641 radare2-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2025-5642 radare2-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2025-5643 radare2-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-5644 radare2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5645 radare2-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2025-5646 radare2-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5647 radare2-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5648 p5-File-Find-Rule<0.34nb10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2011-10007 mariadb-client<10.5.29 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30722 mariadb-client>=10.6<10.6.22 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30722 mariadb-client>=10.11<10.11.13 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30722 mariadb-client>=11.4<11.4.7 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30722 mariadb-server<10.5.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52969 mariadb-server>=10.6<10.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52969 mariadb-server>=10.11<10.11.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52969 mariadb-server>=11.4<11.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52969 mariadb-server<10.5.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52970 mariadb-server>=10.6<10.6.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52970 mariadb-server>=10.11<10.11.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52970 mariadb-server>=11.4<11.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52970 mariadb-server>=10.11<10.11.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52971 mariadb-server>=11.4<11.4.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52971 mariadb-server<10.5.29 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30693 mariadb-server>=10.6<10.6.22 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30693 mariadb-server>=10.11<10.11.13 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30693 mariadb-server>=11.4<11.4.7 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30693 mysql-client<8.0.42 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2025.html mysql-cluster<8.0.42 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2025.html mysql-server<8.0.42 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2025.html libxml2<2.12.9 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2025-40896 openssl<3.4.1 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-4575 py{39,310,311,312,313}-mysql-connector<9.3.0 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2025-30714 gimp<3.0.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-5473 go124<1.24.4 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2025-4673 go123<1.23.10 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2025-4673 go124<1.24.4 insecure-key-validation https://nvd.nist.gov/vuln/detail/CVE-2025-22874 go123<1.23.10 insecure-key-validation https://nvd.nist.gov/vuln/detail/CVE-2025-22874 assimp<6.0.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-2750 assimp<6.0.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-2751 assimp<6.0.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2757 assimp<6.0.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-3158 p5-CryptX<0.087 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-40914 erlang<27.3.4.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-4748 libxml2<2.14.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-49794 libxml2<2.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49795 libxml2<2.14.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49796 libxml2<2.14.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6021 libxml2<2.14.5 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6170 libxslt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-7424 libxslt-[0-9]* heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-7425 libxslt-[0-9]* unknown https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt apache-tomcat>=9<9.0.106 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48988 apache-tomcat>=10<10.1.42 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48988 apache-tomcat>=11<11.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48988 apache-tomcat>=9<9.0.106 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-49125 apache-tomcat>=10<10.1.42 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-49125 apache-tomcat>=11<11.0.8 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-49125 assimp-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-6119 assimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6120 chromium<137.0.7151.103 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-5958 chromium<137.0.7151.103 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-5959 firefox<139.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-47/ thunderbird<139.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-50/ gimp<3.0.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6035 glib2<2.84.3 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-6052 kafka<3.9.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-27817 kafka<3.9.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-27818 kafka<3.9.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-27819 konsole<23.08.4nb10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-49091 libarchive<3.8.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-5914 libarchive<3.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5915 libarchive<3.8.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-5916 libarchive<3.8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-5917 libarchive<3.8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5918 libtpms<0.10.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-49133 metabase<0.54.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5895 ncurses<6.5nb1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6141 openssl<3.5.0 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-27587 p5-CryptX<0.065 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40912 pspp-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-5898 pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5899 py{39,310,311,312,313}-octoprint<1.11.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-48067 py{39,310,311,312,313}-octoprint<1.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48879 py{39,310,311,312,313}-protobuf<6.31.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4565 qt6-qtbase>=6.9.0<6.9.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-5991 salt<3007.4 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-38822 salt<3007.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2024-38823 salt<3007.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-38824 salt<3007.4 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-38825 salt<3007.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-22236 salt<3007.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-22237 salt<3007.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-22238 salt<3007.4 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-22239 salt<3007.4 arbitrary-file-deletion https://nvd.nist.gov/vuln/detail/CVE-2025-22240 salt<3007.4 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2025-22241 salt<3007.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22242 spdlog<1.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6140 modular-xorg-server<21.1.17 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-49175 modular-xorg-xwayland<24.1.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-49175 modular-xorg-server<21.1.18 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-49176 modular-xorg-xwayland<24.1.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-49176 clamav<1.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-20260 chromium<137.0.7151.119 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-6191 chromium<137.0.7151.119 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-6192 clamav<1.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-20234 gdk-pixbuf2<2.43.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-6199 grafana<11.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1088 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6269 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6270 jq>=1.8.0<1.8.0nb1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-49014 modular-xorg-server<21.1.17 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-49177 modular-xorg-server<21.1.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49178 modular-xorg-server<21.1.17 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-49179 modular-xorg-server<21.1.17 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-49180 modular-xorg-xwayland<24.1.7 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-49177 modular-xorg-xwayland<24.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49178 modular-xorg-xwayland<24.1.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-49179 modular-xorg-xwayland<24.1.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-49180 poco<1.14.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-6375 py{39,310,311,312,313}-cares<4.9.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-48945 py{39,310,311,312,313}-mezzanine<6.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-6050 py{39,310,311,312,313}-urllib3<2.5.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-50181 py{39,310,311,312,313}-urllib3<2.5.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-50182 python39-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6069 python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6069 python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6069 python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6069 python313<3.13.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6069 rabbitmq<4.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-50200 wabt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6273 wabt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6274 wabt-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-6275 firefox<106 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2022-44/ firefox<109 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-01/ firefox<110 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-05/ firefox102<102.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-06/ firefox<111 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-09/ firefox102<102.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-10/ thunderbird<102.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-11/ firefox<112 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-13/ firefox102<102.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-14/ thunderbird<102.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-15/ firefox<113 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-16/ firefox102<102.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-17/ thunderbird<102.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-18/ firefox102<102.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-19/ firefox<114 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-20/ thunderbird<102.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-21/ firefox<115 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-22/ firefox102<102.13 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-23/ thunderbird<102.13 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-24/ firefox115<115.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-26/ firefox<115.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-26/ thunderbird115<115.0.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-27/ thunderbird<115.0.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-27/ thunderbird<102.13.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-28/ firefox<116 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-29/ firefox102<102.14 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-30/ firefox115<115.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-31/ thunderbird115<115.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-33/ thunderbird<115.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-33/ firefox<117 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-34/ firefox102<102.15 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-35/ firefox115<115.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-36/ thunderbird<102.15 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-37/ thunderbird115<115.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-38/ thunderbird<115.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-38/ firefox<118 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-41/ firefox115<115.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-42/ thunderbird<115.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-43/ firefox<119 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-45/ firefox115<115.4 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-46/ thunderbird115<115.4.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-47/ thunderbird<115.4.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-47/ firefox<120 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-49/ firefox115<115.5.0 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-50/ thunderbird115<115.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-52/ thunderbird<115.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-52/ firefox115<115.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-54/ thunderbird115<115.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-55/ thunderbird<115.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-55/ firefox<121 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2023-56/ firefox<122 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-01/ firefox115<115.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-02/ thunderbird115<115.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-04/ thunderbird<115.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-04/ firefox<123 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-05/ firefox115<115.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-06/ thunderbird115<115.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-07/ thunderbird<115.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-07/ thunderbird115<115.8.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-11/ thunderbird<115.8.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-11/ firefox<124 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-12/ firefox115<115.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-13/ thunderbird115<115.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-14/ thunderbird<115.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-14/ firefox<124.0.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-15/ firefox<125 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-18/ firefox115<115.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-19/ thunderbird115<115.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-20/ thunderbird<115.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-20/ firefox<126 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-21/ firefox115<115.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-22/ thunderbird<115.11 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-23/ firefox<127 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-25/ firefox115<115.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-26/ thunderbird115<115.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-28/ thunderbird<115.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-28/ firefox<128 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-29/ firefox115<115.13 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-30/ thunderbird115<115.13 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-31/ thunderbird<115.13 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-31/ thunderbird<128 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-32/ firefox<129 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-33/ firefox115<115.14 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-34/ firefox128<128.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-35/ thunderbird<128.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-37/ thunderbird115<115.14 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-38/ thunderbird<115.14 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-38/ firefox<130 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-39/ firefox128<128.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-40/ firefox115<115.15 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-41/ thunderbird<128.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-43/ thunderbird115<115.15 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-44/ thunderbird<115.15 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-44/ firefox<131 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-46/ firefox128<128.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-47/ firefox115<115.16 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-48/ thunderbird<128.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-49/ thunderbird<131 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-50/ firefox<131.0.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-53/ firefox<132 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-55/ firefox128<128.4 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-56/ firefox115<115.17 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-57/ thunderbird<128.4 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-58/ thunderbird<132 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-59/ thunderbird<128.4.3 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-61/ thunderbird<132.0.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-62/ firefox<133 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-63/ firefox128<128.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-64/ firefox115<115.18 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-65/ thunderbird<133 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-67/ thunderbird<128.5 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-68/ thunderbird115<115.18 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-70/ thunderbird<115.18 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2024-70/ firefox<134 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-01/ firefox128<128.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-02/ firefox115<115.19 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-03/ thunderbird<134 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-04/ thunderbird<128.6 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-05/ firefox<135 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-07/ firefox115<115.20 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-08/ firefox128<128.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-09/ thunderbird<128.7 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-10/ thunderbird<135 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-11/ firefox<135.0.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-12/ firefox<136 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-14/ firefox115<115.21 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-15/ firefox128<128.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-16/ thunderbird<136 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-17/ thunderbird<128.8 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-18/ firefox<137 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-20/ firefox115<115.22 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-21/ firefox128<128.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-22/ thunderbird<137 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-23/ thunderbird<128.9 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-24/ firefox<137.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-25/ thunderbird<137.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-26/ thunderbird<128.9.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-27/ firefox<138 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-28/ firefox128<128.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-29/ firefox115<115.23 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-30/ thunderbird<138 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-31/ thunderbird<128.10 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-32/ thunderbird<128.10.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-34/ thunderbird<138.0.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-35/ firefox<138.0.4 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-36/ firefox128<128.10.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-37/ firefox115<115.23.1 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-38/ thunderbird<128.10.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-40/ thunderbird<138.0.2 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-41/ mysql-server<8.0.33 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2023.html openjdk11<11.0.19 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2023.html openjdk17<17.0.7 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2023.html mysql-server<8.0.34 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2023.html openjdk11<11.0.20 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2023.html openjdk17<17.0.8 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2023.html mysql-server<8.0.35 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2023.html openjdk11<11.0.21 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2023.html openjdk17<17.0.9 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2023.html openjdk21<21.0.1 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2023.html mysql-server<8.0.36 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2024.html openjdk11<11.0.22 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2024.html openjdk17<17.0.10 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2024.html openjdk21<21.0.2 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2024.html mysql-server<8.0.37 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2024.html openjdk11<11.0.23 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2024.html openjdk17<17.0.11 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2024.html openjdk21<21.0.3 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2024.html mysql-server<8.0.38 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2024.html openjdk11<11.0.24 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2024.html openjdk17<17.0.12 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2024.html openjdk21<21.0.4 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2024.html mysql-server<8.0.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2024.html mysql-client<8.0.40 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2024.html openjdk11<11.0.25 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2024.html openjdk17<17.0.13 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2024.html openjdk21<21.0.5 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2024.html mysql-server<8.0.41 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2025.html openjdk11<11.0.26 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2025.html openjdk17<17.0.14 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2025.html openjdk21<21.0.6 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2025.html openjdk11<11.0.27 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2025.html openjdk17<17.0.15 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2025.html openjdk21<21.0.7 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuapr2025.html py{39,310,311,312,313}-mysql-connector<9.2.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-21548 chromium<133.0.6943.98 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-0995 chromium<133.0.6943.98 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-0996 chromium<133.0.6943.98 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-0997 chromium<133.0.6943.126 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0999 chromium<133.0.6943.126 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-1006 chromium<133.0.6943.126 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-1426 chromium<134.0.6998.35 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-1914 chromium<134.0.6998.35 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-1915 chromium<134.0.6998.35 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-1916 chromium<134.0.6998.35 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-1918 chromium<134.0.6998.35 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-1919 chromium<134.0.6998.35 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-1921 chromium<134.0.6998.35 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-1923 chromium<134.0.6998.88 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-1920 chromium<134.0.6998.88 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-2135 chromium<134.0.6998.88 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-2136 chromium<134.0.6998.88 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-2137 chromium<134.0.6998.117 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-2476 chromium<135.0.7049.84 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-3066 chromium<135.0.7049.52 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-3069 chromium<135.0.7049.52 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-3070 chromium<135.0.7049.52 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-3071 chromium<135.0.7049.52 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-3072 chromium<135.0.7049.52 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-3073 chromium<135.0.7049.52 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-3074 chromium<135.0.7049.95 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-3620 chromium<136.0.7103.59 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-4050 chromium<136.0.7103.59 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-4051 chromium<136.0.7103.59 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-4096 chromium<136.0.7103.59 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-4052 chromium<136.0.7103.92 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4372 chromium<136.0.7103.113 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-4664 php{56,73,74,80,81,82,83,84}-typo3<9.5.42 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-38499 php{56,73,74,80,81,82,83,84}-typo3<12.4.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-47126 php{56,73,74,80,81,82,83,84}-typo3<9.5.44 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-47127 php{56,73,74,80,81,82,83,84}-typo3<9.5.46 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-30451 php{56,73,74,80,81,82,83,84}-typo3<9.5.46 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-25118 php{56,73,74,80,81,82,83,84}-typo3<9.5.46 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-25119 php{56,73,74,80,81,82,83,84}-typo3<9.5.46 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-25120 php{56,73,74,80,81,82,83,84}-typo3<9.5.46 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-25121 php{56,73,74,80,81,82,83,84}-typo3<13.0.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-22188 php{56,73,74,80,81,82,83,84}-typo3<13.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-34355 php{56,73,74,80,81,82,83,84}-typo3<13.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-34357 php{56,73,74,80,81,82,83,84}-typo3<13.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34358 php{56,73,74,80,81,82,83,84}-typo3<13.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-34356 php{56,73,74,80,81,82,83,84}-typo3<13.3.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-47780 php{56,73,74,80,81,82,83,84}-typo3<13.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34537 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-55891 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55892 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55893 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55894 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55920 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55921 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55922 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55923 php{56,73,74,80,81,82,83,84}-typo3<13.4.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55924 php{56,73,74,80,81,82,83,84}-typo3<11.5.42 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-55945 php{56,73,74,80,81,82,83,84}-typo3<13.4.12 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-47936 php{56,73,74,80,81,82,83,84}-typo3<13.4.12 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-47938 php{56,73,74,80,81,82,83,84}-typo3<13.4.12 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-47937 php{56,73,74,80,81,82,83,84}-typo3<13.4.12 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-47939 php{56,73,74,80,81,82,83,84}-typo3<13.4.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-47940 php{56,73,74,80,81,82,83,84}-typo3<13.4.12 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-47941 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36401 moodle<3.11.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-36400 moodle<3.11.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-36394 moodle<3.11.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-36399 moodle<3.11.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2021-36392 moodle<3.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-36402 moodle<4.1.2 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2023-28334 moodle<4.0.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-40208 moodle<4.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-30944 moodle<4.1.3 arbitrary-file-creation https://nvd.nist.gov/vuln/detail/CVE-2023-30943 moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-27131 moodle<4.1.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-35133 moodle<4.1.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-35131 moodle<4.1.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35132 moodle-[0-9]* improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-1439 moodle<4.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25978 moodle<4.3.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-25979 moodle<4.3.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-25980 moodle<4.3.3 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-25982 moodle<4.3.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-25983 moodle<4.3.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-25981 moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-29374 moodle-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28593 moodle<4.3.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-33996 moodle<4.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-33997 moodle<4.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-33998 moodle<4.3.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-33999 moodle<4.3.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-34000 moodle<4.3.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-34001 moodle<4.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-34002 moodle<4.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-34003 moodle<4.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-34004 moodle<4.3.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-34005 moodle<4.3.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-34006 moodle<4.3.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-34007 moodle<4.3.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-34008 moodle<4.3.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-34009 moodle<4.3.5 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-38273 moodle<4.4.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-38274 moodle<4.4.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-38275 moodle<4.3.5 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-38276 moodle<4.4.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-38277 moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-37674 moodle<4.4.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-43425 moodle<4.4.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2024-43426 moodle<4.4.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-43428 moodle<4.4.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-43431 moodle<4.4.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-43436 moodle<4.4.2 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-43434 moodle<4.4.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-43438 moodle<4.4.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-43440 moodle<4.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-43427 moodle<4.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-43429 moodle<4.4.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-43430 moodle<4.4.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-43432 moodle<4.4.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-43433 moodle<4.4.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-43435 moodle<4.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43437 moodle<4.4.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43439 moodle<4.4.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-48900 moodle<4.4.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-48896 moodle<4.4.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-48897 moodle<4.4.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-48898 moodle<4.4.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-48901 moodle<4.4.3 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-45689 moodle<4.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-45690 moodle<4.4.3 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-45691 moodle<4.4.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-48899 moodle<4.5.2 arbitrary-file-reading https://nvd.nist.gov/vuln/detail/CVE-2025-26525 moodle<4.5.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-26526 moodle<4.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-26527 moodle<4.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-26528 moodle<4.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-26529 moodle<4.5.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-26530 moodle<4.5.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-26531 moodle<4.5.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-26532 moodle<4.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-26533 moodle<4.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3634 moodle<4.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-32044 moodle<4.5.3 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-32045 moodle<4.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3625 moodle<4.5.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3627 moodle<4.5.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-3628 moodle<4.5.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-3635 moodle<4.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3636 moodle<4.5.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-3638 moodle<4.5.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-3637 moodle<4.5.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-3640 moodle<4.5.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-3641 moodle<4.5.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-3643 moodle<4.5.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-3642 moodle<4.5.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-3645 moodle<4.5.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-3644 moodle<4.5.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-3647 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32650 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-34087 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-34436 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35004 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35057 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35128 gtkwave<3.3.118 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35702 gtkwave<3.3.118 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35703 gtkwave<3.3.118 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35704 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35955 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35956 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35957 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35958 gtkwave<3.3.118 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35959 gtkwave<3.3.118 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35960 gtkwave<3.3.118 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35961 gtkwave<3.3.118 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35962 gtkwave<3.3.118 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35963 gtkwave<3.3.118 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35964 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35969 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35970 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35989 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-35992 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35994 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35995 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35996 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-35997 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36746 gtkwave<3.3.118 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36747 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-36861 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36864 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36915 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36916 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-37282 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-37416 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-37417 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-37418 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-37419 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-37420 gtkwave<3.3.118 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-37442 gtkwave<3.3.118 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-37443 gtkwave<3.3.118 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-37444 gtkwave<3.3.118 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-37445 gtkwave<3.3.118 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-37446 gtkwave<3.3.118 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-37447 gtkwave<3.3.118 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-37573 gtkwave<3.3.118 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-37574 gtkwave<3.3.118 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-37575 gtkwave<3.3.118 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-37576 gtkwave<3.3.118 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-37577 gtkwave<3.3.118 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-37578 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-37921 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-37922 gtkwave<3.3.118 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-37923 gtkwave<3.3.118 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38583 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38618 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38619 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38620 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38621 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38622 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38623 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-38648 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-38649 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38650 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38651 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38652 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38653 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-38657 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39234 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39235 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39270 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39271 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39272 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39273 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39274 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39275 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39316 gtkwave<3.3.118 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39317 gtkwave<3.3.118 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2023-39413 gtkwave<3.3.118 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2023-39414 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39443 gtkwave<3.3.118 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-39444 php{56,72,73,74,80}-composer<1.0.0 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2015-8371 bitcoin<0.12 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-20111 miniupnpc<2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-20111 miniupnpd<2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2015-20111 gpac<2.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1452 gpac<2.2.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2023-1449 gpac<2.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1448 gpac<2.2.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1655 gpac<2.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1654 gpac<2.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2840 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-2838 gpac<2.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2837 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2839 gpac<2.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-3012 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3013 gpac<2.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3291 gpac<2.2.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-3523 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37767 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37766 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37765 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-37174 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39562 gpac<2.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4683 gpac<2.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4682 gpac<2.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-4681 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4678 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4720 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-4721 gpac<2.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4722 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-4758 gpac<2.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-4756 gpac<2.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-4754 gpac<2.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4755 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-4778 gpac<2.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-41000 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-5520 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42298 gpac<2.4 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-5586 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5595 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46930 gpac<2.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-46931 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46928 gpac<2.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-46927 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-47384 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-48013 gpac<2.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-48014 gpac<2.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-48011 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-48090 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-48039 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46871 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-47465 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46932 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46929 gpac<2.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-0321 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-0322 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50120 gpac<2.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-22749 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24265 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-24266 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24267 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46426 gpac<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46427 gpac<2.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-28318 gpac<2.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-28319 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6061 gpac-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-6062 gpac-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-6064 gpac-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-6063 gpac<2.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-4679 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-50664 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-50665 gpac<2.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022.490 gpac<0.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-57184 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-25723 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-25820 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-25818 php{56,73,74,80,81,82,83,84}-nextcloud<24.0.9 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-25817 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-28835 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-28833 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28644 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.3 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-28643 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26482 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-28844 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28834 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.5 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-30539 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.5 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-28847 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.6 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-32318 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.5 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-32319 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32320 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.7 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-35172 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.7 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-35928 php{56,73,74,80,81,82,83,84}-nextcloud<25.0.7 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-35927 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.2 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2023-35171 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-39963 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-39962 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-39961 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-39959 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-39958 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-39952 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2023-39960 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45148 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-45151 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.8 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2023-48239 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-48301 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-48302 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.8 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-48303 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.8 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-48304 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-48305 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.6 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-48306 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.9 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-49791 php{56,73,74,80,81,82,83,84}-nextcloud<26.0.9 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-49792 php{56,73,74,80,81,82,83,84}-nextcloud<28.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-22403 php{56,73,74,80,81,82,83,84}-nextcloud<28.0.4 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-37313 php{56,73,74,80,81,82,83,84}-nextcloud<28.0.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-37882 php{56,73,74,80,81,82,83,84}-nextcloud<28.0.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-37884 php{56,73,74,80,81,82,83,84}-nextcloud<28.0.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-37315 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-37887 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-52515 php{56,73,74,80,81,82,83,84}-nextcloud<24.0.6 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-52516 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52517 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52517 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52519 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.9 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-52518 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.2 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-52518 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-52520 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.7 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2024-52521 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.9 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-52523 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-52523 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52525 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52525 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52513 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52513 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-52514 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.15 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-47790 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.9 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-47790 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.13 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-47794 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.7 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-47794 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-47793 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-47793 php{56,73,74,80,81,82,83,84}-nextcloud<29.0.10 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-47791 php{56,73,74,80,81,82,83,84}-nextcloud>=30<30.0.3 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-47791 nextcloud-client<3.14.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2024-52510 ruby{31,32,33,34}-nokogiri-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6490 ruby{31,32,33,34}-nokogiri-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6494 tidy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6496 tidy-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6497 tidy-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-6498 sslh<2.2.3 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-52936 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6516 firefox<140 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/ firefox115<115.25 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-52/ firefox128<128.12 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/ libssh<0.112 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5318 podman<5.5.2 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2025-6032 moodle<3.11.19 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2025-53021 chromium<138.0.7204.49 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-6555 chromium<138.0.7204.49 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6556 chromium<138.0.7204.49 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-6557 vault<1.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4656 ruby{31,32,33,34}-webrick<1.8.2 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-6442 mongodb<6.0.21 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-6706 mongodb<6.0.24 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-6707 mongodb<6.0.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6709 mongodb<6.0.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6710 cpp-httplib<0.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52887 py{39,310,311,312,313}-matplotlib<1.5.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2013-1424 git-annex<5.20140919 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2014-6274 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6750 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6816 hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6817 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6818 sudo<1.9.17p1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-32462 sudo<1.9.17p1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-32463 hdf5-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-6856 hdf5-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6857 hdf5-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-6858 xz<5.8.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-31115 php81<8.1.33 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php81-pgsql<8.1.33 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php81-soap<8.1.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 php82<8.2.29 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php82-pgsql<8.2.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php82-soap<8.2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 php83<8.3.23 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php83-pgsql<8.3.23 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php83-soap<8.3.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 php84<8.4.10 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php84-pgsql<8.4.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php84-soap<8.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 SOPE<2.4.3nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53603 SOPE5<5.11.2nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53603 py{27,39,310,311,312,313}-Pillow>=11.2.0<11.3.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48379 git-gitk<2.50.1 remote-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-27613 git-gitk<2.50.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-27614 git-base>=2.50<2.50.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.50<2.50.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.49<2.49.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.49<2.49.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.48<2.48.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.48<2.48.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.47<2.47.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.47<2.47.3 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.46<2.46.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.46<2.46.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.45<2.45.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.45<2.45.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.44<2.44.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.44<2.44.4 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 git-base>=2.43<2.43.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base>=2.43<2.43.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 gnutls<3.8.10 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-32988 apache<2.4.64 access-control-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-23048 apache<2.4.64 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2025-49812 apache-tomcat>=9<9.0.107 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52434 apache-tomcat>=9<9.0.107 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52520 apache-tomcat>=10<10.1.42 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52520 apache-tomcat>=11<11.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52520 apache-tomcat>=9<9.0.107 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53506 apache-tomcat>=10<10.1.42 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53506 apache-tomcat>=11<11.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53506 poppler<25.06.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-52886 ap{22,24}-modsecurity<2.9.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52891 apache<2.4.64 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-42516 apache<2.4.64 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-43204 apache<2.4.64 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-43394 apache<2.4.64 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-47252 apache<2.4.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49630 apache<2.4.64 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53020 chromium<138.0.7204.96 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-6554 cpp-httplib<0.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53628 cpp-httplib<0.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53629 djvulibre<3.5.29 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-53367 dpkg<1.22.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6297 gdk-pixbuf2<2.42.12nb3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-7345 git-base>=2.50<2.50.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.49<2.49.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.48<2.48.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.47<2.47.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.46<2.46.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.45<2.45.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.44<2.44.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 git-base>=2.43<2.43.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 gnutls<3.8.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-32989 gnutls<3.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-32990 gnutls<3.8.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6395 gstreamer<1.26.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6663 gtar-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-45582 guacamole-server<1.6.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-35164 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7067 hdf5-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-7068 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7069 liboqs<0.14.0 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2025-52473 libsoup-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-7370 libssh<0.112 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-5351 libssh<0.112 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-5372 libssh<0.112 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-5987 LuaJIT2<2.1.1713773202 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-25176 LuaJIT2<2.1.1713773202 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25177 LuaJIT2<2.1.1713773202 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-25178 mbedtls<3.6.4 signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-49600 mbedtls<3.6.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-49601 mbedtls<3.6.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-52496 mbedtls<3.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52497 mediawiki<1.43.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-53495 mediawiki<1.43.2 insufficient-logging https://nvd.nist.gov/vuln/detail/CVE-2025-53498 mediawiki<1.43.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-53499 mongodb<6.0.21 insufficient-logging https://nvd.nist.gov/vuln/detail/CVE-2025-6711 mongodb>=8.0<8.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6712 mongodb<6.0.22 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6713 mongodb<6.0.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6714 mongodb>=8.1<8.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-7259 #mtr<0.96 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-49809 pandoc<3.6.4 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-51591 plan9port<20250422 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7208 plan9port<20250422 null-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-7209 qt6-qtbase<6.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5992 redis<8.0.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-32023 redis<8.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48367 ruby32-base<3.2.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 ruby33<3.3.8nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 ruby34<3.3.4nb2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 libvpx<1.15.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-5283 ImageMagick6<6.9.13.26 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53014 ImageMagick<7.1.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53014 ImageMagick<7.1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53015 ImageMagick6<6.9.13.26 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-53019 ImageMagick<7.1.2.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-53019 ImageMagick6<6.9.13.26 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53101 ImageMagick<7.1.2.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53101 binutils<2.45 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7545 binutils<2.45 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-7546 php81<8.1.33 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php82<8.2.29 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php83<8.3.23 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php84<8.4.10 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-1220 php81-pgsql<8.1.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php82-pgsql<8.2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php83-pgsql<8.3.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php84-pgsql<8.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1735 php81-soap<8.1.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 php82-soap<8.2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 php83-soap<8.3.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 php84-soap<8.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6491 polkit-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-7519 py{27,39,310,311,312,313}-aiohttp<3.12.14 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-53643 roundup<2.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-53865 p5-Plack-Middleware-Session<0.35 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2025-40923 p5-Authen-SASL<2.1800nb2 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2025-40918 bind>=9.20<9.20.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40777 chromium<138.0.7204.157 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-6558 chromium<138.0.7204.157 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-7656 chromium<138.0.7204.157 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-7657 mysql-client<8.0.43 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL mysql-cluster<8.0.43 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL mysql-server<8.0.43 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL openjdk11<11.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA openjdk17<17.0.16 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA openjdk21<21.0.8 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA php{56,73,74,80,81,82,83,84}-tiki6<14.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-34113 sqlite3<3.50.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-6965 unbound<1.23.1 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-5994 vim<9.1.1552 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-53905 vim<9.1.1551 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-53906 xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27465 xenkernel418<20250701 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27465 7-zip<25.00 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-53816 7-zip<25.00 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53817 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-7797 grafana<12.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-3415 grafana<12.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-6023 grafana<12.0.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-6197 nodejs24<24.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27209 opencv<4.12.0 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53644 p5-Catalyst-Plugin-Session<0.44 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2025-40924 qbittorrent<5.1.2 local-file-inclusion https://nvd.nist.gov/vuln/detail/CVE-2025-54310 wolfssl<5.8.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2025-7394 wolfssl<5.8.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-7395 wolfssl<5.8.2 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-7396 xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1713 xenkernel418<20250701 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1713 ruby{31,32,33,34}-thor<1.4.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-54314 mbedtls<3.6.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-47917 mbedtls<3.6.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-48965 mbedtls>=3.6.1<3.6.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-49087 powerdns-recursor<5.0.12 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-30192 py{27,39,310,311,312,313}-starlette<0.47.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54121 libssh<0.112 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-4878 viewvc<1.2.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-54141 chromium<138.0.7204.168 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8010 chromium<138.0.7204.168 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8011 php{56,73,74,80,81,82,83,84}-xdebug-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-10141 apache<2.4.65 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-54090 py{27,39,310,311,312,313}-mezzanine<6.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-50481 # disputed because abuse of the commands network protocol is not a violation of the Redis Security Model #redis-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-46686 thunderbird<140 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-54/ thunderbird<128.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-55/ firefox<141 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/ firefox115<115.26 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-57/ firefox128<128.13 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/ firefox140<140.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-59/ thunderbird<141 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-61/ thunderbird<128.13 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-62/ thunderbird<140.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-63/ python39-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8194 python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8194 python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8194 python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8194 python313<3.13.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8194 anubis<1.21.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-54414 asterisk<18.26.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49832 asterisk>=20<20.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49832 asterisk>=21<21.10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49832 asterisk>=22<22.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49832 binutils<2.44 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8224 binutils<2.45 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-8225 chromium<138.0.7204.183 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8292 glpi<10.0.19 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-27514 glpi<10.0.19 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-52567 glpi<10.0.19 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-52897 glpi<10.0.19 weak-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-53008 glpi<10.0.19 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-53111 glpi<10.0.19 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-53112 glpi<10.0.19 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-53113 glpi<10.0.19 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-53357 go123<1.23.11 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-4674 go124<1.24.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-4674 libsoup-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8197 libssh<0.112 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5449 libssh<0.113 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8114 openexr<3.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48071 openexr<3.3.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48072 openexr<3.3.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-48073 openexr<3.3.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48074 php{56,74,81,82,83,84}-piwigo<15.0.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-43018 # https://github.com/jpadilla/pyjwt/issues/1080 #py{27,39,310,311,312,313}-JWT-[0-9]* weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2025-45768 qemu>=10.0.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-54566 qemu>=10.0.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-54567 sqlite3<3.42.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7458 squid<6.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-54574 tiff<4.7.0nb2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-13978 tiff<4.7.0nb2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-8176 tiff<4.7.0nb2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8177 vault<1.20.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-5999 vault<1.20.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-6000 vault<1.20.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6004 vault<1.20.1 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2025-6011 vault<1.20.1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6014 vault<1.20.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6015 vault<1.20.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-6037 yarn-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8262 iperf3<3.19.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-54349 iperf3<3.19.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54350 iperf3<3.19.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-54351 p5-Crypt-CBC<3.07 lack-of-entropy https://nvd.nist.gov/vuln/detail/CVE-2025-2814 poppler-utils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-50420 cairo<1.18.4nb1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-50422 mupdf<1.26.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46206 SOGo-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-50340 7-zip<25.01 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-55188 vim>=9.1.1231<9.1.1400 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-55157 vim>=9.1.1231<9.1.1406 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-55158 ImageMagick<7.1.2.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-55004 ImageMagick<7.1.2.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-55005 ImageMagick6<6.9.13.27 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-55154 ImageMagick<7.1.2.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-55154 ImageMagick6<6.9.13.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55160 ImageMagick<7.1.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55160 ap{22,24}-modsecurity<2.9.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-54571 apache-tomcat>=9<9.0.108 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48989 apache-tomcat>=10<10.1.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48989 apache-tomcat>=11<11.0.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48989 apache-tomcat>=9<9.0.108 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2025-55668 apache-tomcat>=10<10.1.42 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2025-55668 apache-tomcat>=11<11.0.8 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2025-55668 bison-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8733 bison-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2025-8734 cflow-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8735 cflow-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8736 chromium<139.0.7258.66 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-8576 chromium<139.0.7258.66 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-8577 chromium<139.0.7258.66 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8578 chromium<139.0.7258.66 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-8579 chromium<139.0.7258.66 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-8580 chromium<139.0.7258.66 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8581 chromium<139.0.7258.66 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-8582 chromium<139.0.7258.66 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-8583 chromium<139.0.7258.127 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8879 chromium<139.0.7258.127 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-8880 chromium<139.0.7258.127 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8881 chromium<139.0.7258.127 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8882 chromium<139.0.7258.127 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-8901 go123-[0-9]* access-control-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-8244 go124-[0-9]* access-control-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-8244 go123<1.23.12 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-47907 go124<1.24.6 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-47907 gst-plugins1-good<1.26.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-47183 gst-plugins1-good<1.26.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-47219 gst-plugins1-base<1.26.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-47806 gst-plugins1-base<1.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-47807 gst-plugins1-base<1.26.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-47808 h2o-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8671 varnish<6.0.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8671 varnish>=7<7.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8671 jasper<4.2.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8835 jasper<4.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8836 jasper<4.2.8 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-8837 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8732 nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-8842 nasm-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8843 nasm-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8844 nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8845 nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8846 openjpeg<2.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-50952 openjpeg>=2.5.1<2.5.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-54874 p5-Catalyst-Authentication-Credential-HTTP<1.019 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2025-40920 php{56,74,81,82,83,84}-adodb<5.22.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-54119 php{56,74,81,82,83,84}-concrete-cms<9.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-8571 php{56,74,81,82,83,84}-concrete-cms<9.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-8573 poco-[0-9]* weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2025-45766 tiff>=4.7.0<4.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8534 tiff<4.7.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8851 u-boot-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-45512 uv<0.8.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-54368 vault<1.20.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6013 aide<0.19.2 improper-output-neutralization https://nvd.nist.gov/vuln/detail/CVE-2025-54389 aide>=0.13<0.19.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-54409 nginx-devel>=0.7.22<1.29.1 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2025-53859 nginx>=0.7.22<1.28.0nb5 sensitive-information-exposure https://nvd.nist.gov/vuln/detail/CVE-2025-53859 firefox<142 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-64/ firefox115<115.27 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-65/ firefox128<128.14 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-66/ firefox140<140.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-67/ thunderbird<142 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-70/ chromium<139.0.7258.138 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-9132 cmake<4.1.0nb1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9301 intellij-ce-bin<2025.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-57727 intellij-ce-bin<2025.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-57728 intellij-ce-bin<2025.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-57729 intellij-ce-bin<2025.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-57730 jetty<9.4.58 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5115 libsixel<1.8.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-9300 libsndfile-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-52194 libssh<0.112 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-4877 postgresql-server>=13<13.22 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8713 postgresql-server>=14<14.19 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8713 postgresql-server>=15<15.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8713 postgresql-server>=16<16.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8713 postgresql-server>=17<17.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8713 postgresql-server>=13<13.22 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8714 postgresql-server>=14<14.19 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8714 postgresql-server>=15<15.14 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8714 postgresql-server>=16<16.10 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8714 postgresql-server>=17<17.6 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8714 postgresql-server>=13<13.22 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8715 postgresql-server>=14<14.19 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8715 postgresql-server>=15<15.14 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8715 postgresql-server>=16<16.10 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8715 postgresql-server>=17<17.6 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-8715 proftpd<1.3.3d backdoor https://nvd.nist.gov/vuln/detail/CVE-2010-20103 # disputed, this is how Python's import works #py{27,39,310,311,312,313}-future-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-50817 py{27,39,310,311,312,313}-pdf<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55197 retroarch<1.21.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-9136 ruby{31,32,33,34}-rails71<7.1.5.2 improper-output-neutralization https://nvd.nist.gov/vuln/detail/CVE-2025-55193 ruby{31,32,33,34}-rails72<7.2.2.2 improper-output-neutralization https://nvd.nist.gov/vuln/detail/CVE-2025-55193 ruby{31,32,33,34}-rails80<8.0.2.1 improper-output-neutralization https://nvd.nist.gov/vuln/detail/CVE-2025-55193 tcpreplay<4.5.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-9019 tcpreplay<4.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-9157 tiff>=4.7.0<4.7.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8961 tiff>=4.7.0<4.7.1 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-9165 yarn-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9308 xenkernel415-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ufoai<2.3.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2009-10006 7-zip-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-47111 7-zip-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2022-47112 7-zip<23.00 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2023-31102 7-zip<23.00 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40481 7-zip<24.01 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-52169 7-zip<24.07 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2024-11477 7-zip<24.08 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-11612 7-zip<24.09 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-0411 GraphicsMagick<1.3.34 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21679 GraphicsMagick<1.3.42nb14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-32460 ImageMagick6<6.9.12.43 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-40211 ImageMagick<7.1.0.5 division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-40211 ImageMagick6<6.9.11.46 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48541 ImageMagick<7.0.10.46 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48541 ImageMagick6<6.9.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1289 ImageMagick<7.1.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1289 ImageMagick6<6.9.12.84 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1906 ImageMagick<7.1.1.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1906 ImageMagick6<6.9.12.85 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2157 ImageMagick<7.1.1.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2157 ImageMagick6<6.9.12.26 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3195 ImageMagick<7.1.0.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3195 ImageMagick6<6.9.13.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-34151 ImageMagick<7.1.1.10 unspecified https://nvd.nist.gov/vuln/detail/CVE-2023-34151 ImageMagick<7.1.1.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-34474 ImageMagick<7.1.1.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-34475 ImageMagick6<6.9.11.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3745 ImageMagick<7.0.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3745 ImageMagick6<6.9.12.91 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39978 ImageMagick6<6.9.12.97 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5341 ImageMagick<7.1.1.19 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-5341 ImageMagick<7.1.1.36 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-41817 ImageMagick6<6.9.13.22 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-43965 ImageMagick<7.1.1.44 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-43965 ImageMagick<7.1.1.44 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-46393 apache-cassandra<4.0.17 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-26467 #jq-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9403 # test only lrzip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-9396 podofo-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-9394 py{27,39,310,311,312,313}-h2<4.3.0 request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-57804 tcpreplay<4.5.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-9384 tcpreplay<4.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-9385 tcpreplay<4.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-9386 vim>=9.1.1459<9.1.1683 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-9389 vim-share<9.1.1616 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-9390 abseil<20250127 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0838 php{56,74,81,82,83,84}-adodb<5.22.9 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-46337 amavisd-new<2.12.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-28054 ampache<6.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-28852 ampache<6.3.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-28853 ampache<6.6.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-41665 ampache<6.6.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-47184 ampache<6.6.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-47828 ampache<7.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-51484 ampache<7.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-51485 ampache<7.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-51486 ampache<7.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-51487 ampache<7.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-51488 ampache<7.0.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-51489 ampache<7.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-51490 anope<2.0.15 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-30187 helm<3.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55198 helm<3.18.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55199 ImageMagick6<6.9.13.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55212 ImageMagick<7.1.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55212 ImageMagick6<6.9.13.28 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-55298 ImageMagick<7.1.2.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-55298 ImageMagick6<6.9.13.28 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-57803 ImageMagick<7.1.2.2 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-57803 ImageMagick6<6.9.13.29 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-57807 ImageMagick<7.1.2.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-57807 asterisk>=18<18.26.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54995 asterisk>=20<20.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-57767 asterisk>=21<21.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-57767 asterisk>=22<22.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-57767 cJSON<1.7.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-26819 cJSON<1.7.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-57052 cacti<0.8.7 command-injection https://nvd.nist.gov/vuln/detail/CVE-2005-10004 chromium<139.0.7258.154 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-9478 chromium<140.0.7339.80 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-9864 chromium<140.0.7339.80 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-9865 chromium<140.0.7339.80 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-9866 chromium<140.0.7339.80 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-9867 exiv2<0.28.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-54080 exiv2<0.28.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55304 glib2<2.84.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7039 glpi<10.0.19 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-53105 kea>=3.0.0<3.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40779 kea>=3.1.0<3.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40779 libsoup-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-9901 linenoise-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-9810 mongodb<6.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10060 mongodb>=7.0<7.0.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10060 mongodb>=8.0<8.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10060 mongodb<6.0.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10061 mongodb>=7.0<7.0.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10061 mongodb>=8.0<8.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10061 p5-CGI-Simple<1.282 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2025-40927 p5-Cpanel-JSON-XS<4.40 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-40929 p5-JSON-XS<4.04 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-40928 pcre2<10.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-58050 php{56,74,81,82,83,84}-phppgadmin<9.8 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-9636 podman>=4.0.0<5.6.1 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-9566 py{27,39,310,311,312,313}-deepdiff<8.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-58367 py{27,39,310,311,312,313}-django<4.2.24 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-57833 py{27,39,310,311,312,313}-django>=5.1<5.1.12 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-57833 py{27,39,310,311,312,313}-django>=5.2<5.2.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-57833 py{27,39,310,311,312,313}-xmltodict<0.15.1 xml-injection https://nvd.nist.gov/vuln/detail/CVE-2025-9375 sqlite3<3.50.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-7709 tcpreplay<4.5.3 divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2025-9649 vault<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6203 wireshark<4.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9817 ffmpeg6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9951 ffmpeg7-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9951 ffmpeg8-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9951 libssh<0.113 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8277 py{27,39,310,311,312,313}-installer<6.0.0 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-59042 py{27,39,310,311,312,313}-octoprint<1.11.3 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-58180 shibboleth-sp<3.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-9943 php{56,74,81,82,83,84}-typo3<13.4.18 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-59013 php{56,74,81,82,83,84}-typo3<13.4.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59014 php{56,74,81,82,83,84}-typo3<13.4.18 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2025-59015 php{56,74,81,82,83,84}-typo3<13.4.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-59016 php{56,74,81,82,83,84}-typo3<13.4.18 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-59017 php{56,74,81,82,83,84}-typo3<13.4.18 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-59018 php{56,74,81,82,83,84}-typo3<13.4.18 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-59019 chromium<140.0.7339.127 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10200 chromium<140.0.7339.127 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-10201 libxml2<2.10.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-9714 cups-base<2.4.13 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58060 cups-base<2.4.13 remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58364 curl<8.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-9086 curl<8.16.0 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-10148 erlang<27.3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48038 erlang<27.3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48039 erlang<27.3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48040 erlang<27.3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-48041 xenkernel418<20260317 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-27466 xenkernel418<20260317 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-58142 xenkernel418<20260317 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-58143 xenkernel420<20251113 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-27466 xenkernel420<20251113 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-58142 xenkernel420<20251113 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-58143 # xenkernel for ARM, not packaged in pkgsrc #xenkernel-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-58144 #xenkernel-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-58145 zabbix-server-{mysql,postgresql}>=7.0<7.0.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-27238 zabbix-server-{mysql,postgresql}<6.0.34 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-27240 zabbix-agent<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix-frontend<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix-java<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix-proxy<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix-server-{mysql,postgresql}<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix-frontend<6.0.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-32721 zabbix-server-{mysql,postgresql}<6.0.21 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32722 zabbix-server-{mysql,postgresql}<6.0.22 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-32725 zabbix-agent<6.0.24 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-32726 zabbix-server-{mysql,postgresql}<6.0.23 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-32727 zabbix-agent<6.0.24 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-32728 zabbix-server-{mysql,postgresql}<6.0.30 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-22114 zabbix-server-{mysql,postgresql}>=7.0<7.0.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-22116 zabbix-frontend<6.0.34 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-22117 zabbix-frontend<6.0.24 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-22119 zabbix-server-{mysql,postgresql}<6.0.31 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-22122 zabbix-server-{mysql,postgresql}<6.0.31 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2024-22123 zabbix-frontend<6.0.31 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-36460 zabbix-server-{mysql,postgresql}<6.0.31 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-36461 zabbix-server-{mysql,postgresql}>=7.0<7.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-36462 zabbix-server-{mysql,postgresql}<6.0.33 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-36463 zabbix-proxy<6.0.33 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-36463 zabbix-frontend<6.0.30 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-36464 zabbix-frontend>=7.0<7.0.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-36465 zabbix-frontend<6.0.32 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-36466 zabbix-frontend<6.0.33 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-36467 zabbix-server-{mysql,postgresql}>=7.0<7.0.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36468 zabbix-proxy>=7.0<7.0.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36468 zabbix-frontend<6.0.38 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2024-36469 zabbix-frontend<6.0.38 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-42325 zabbix-server-{mysql,postgresql}>=7.0<7.0.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-42326 zabbix-frontend<6.0.32 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-42327 zabbix-server-{mysql,postgresql}>=7.0<7.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-42328 zabbix-server-{mysql,postgresql}>=7.0<7.0.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-42329 zabbix-server-{mysql,postgresql}<6.0.34 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-42330 zabbix-server-{mysql,postgresql}>=7.0<7.0.4 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-42331 zabbix-server-{mysql,postgresql}<6.0.35 log-injection https://nvd.nist.gov/vuln/detail/CVE-2024-42332 zabbix-server-{mysql,postgresql}<6.0.34 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-42333 zabbix-frontend<6.0.37 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-45699 zabbix-server-{mysql,postgresql}<6.0.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45700 zabbix-proxy<6.0.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45700 webkit-gtk<2.48.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-43272 tiff<4.7.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-9900 botan-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages got<0.118 directory-traversal https://gameoftrees.org/releases/changes.html#2025-09-09 py{27,39,310,311,312,313}-django<4.2.25 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-59681 py{27,39,310,311,312,313}-django>=5.1<5.1.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-59681 py{27,39,310,311,312,313}-django>=5.2<5.2.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-59681 thunderbird<140.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-72/ firefox<143 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/ firefox115<115.28 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-74/ firefox140<140.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/ thunderbird<143 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-77/ thunderbird<140.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/ firefox<143.0.3 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-80/ asterisk<18.26.3 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2025-1131 asterisk>=20<20.15.1 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2025-1131 asterisk>=21<21.10.1 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2025-1131 asterisk>=22<22.5.1 privilege-elevation https://nvd.nist.gov/vuln/detail/CVE-2025-1131 binutils<2.46 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11081 binutils<2.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11082 binutils<2.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11083 chromium<140.0.7339.185 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10500 chromium<140.0.7339.185 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10501 chromium<140.0.7339.185 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10502 chromium<140.0.7339.185 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10585 chromium<140.0.7339.207 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-10890 chromium<140.0.7339.207 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10891 chromium<140.0.7339.207 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-10892 dnsdist<2.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-30187 element-web<1.11.112 spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-59161 expat<2.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59375 ghostscript-gpl-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59798 ghostscript-agpl<10.06.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59798 ghostscript-gpl-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59799 ghostscript-agpl<10.06.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59799 ghostscript-gpl-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59800 ghostscript-agpl<10.06.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59800 glib-networking-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-60018 glib-networking-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-60019 go123<1.23.12 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-47906 go124<1.24.6 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-47906 go123<1.23.12 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-47910 go124<1.24.6 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-47910 jenkins<2.516.2 access-control-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-59474 jenkins<2.516.2 access-control-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-59475 jenkins<2.516.2 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-59476 libsoup-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11021 libvips<8.17.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59933 libxslt-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-10911 mapserver<8.4.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-59431 mupdf<1.27.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-55780 openbabel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-10994 openbabel-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-10995 openbabel-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10996 openbabel-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10997 openbabel-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10998 openbabel-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10999 openbabel-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-11000 opengrok<1.14.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-30755 openssl<3.5.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-9230 openssl<3.5.4 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-9231 openssl<3.5.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-9232 podman-[0-9]* file-permissions https://nvd.nist.gov/vuln/detail/CVE-2025-4953 py{27,39,310,311,312,313}-authlib<1.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-59420 py27-pip-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-8869 py{27,39,310,311,312,313}-jupyterlab<4.4.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-59842 py{27,39,310,311,312,313}-torch<2.8.0 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-46148 py{27,39,310,311,312,313}-torch<2.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46149 py{27,39,310,311,312,313}-torch<2.7.0 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-46150 py{27,39,310,311,312,313}-torch<2.7.0 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-46152 py{27,39,310,311,312,313}-torch<2.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-46153 py{27,39,310,311,312,313}-torch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55551 py{27,39,310,311,312,313}-torch-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-55552 py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55553 py{27,39,310,311,312,313}-torch-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-55554 py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55557 py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55558 py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55560 ruby{31,32,33,34}-rexml<3.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58767 ruby{31,32,33,34}-rack2<2.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59830 squid<7.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59362 tcpreplay<4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-51005 tcpreplay<4.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-51006 tor<0.4.8.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-4444 zookeeper<3.9.4 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58457 poppler<25.04.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-43718 podofo-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-46205 py{27,39,310,311,312,313}-django<4.2.25 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-59682 py{27,39,310,311,312,313}-django>=5.1<5.1.13 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-59682 py{27,39,310,311,312,313}-django>=5.2<5.2.7 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-59682 matrix-synapse<1.136.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-49090 matrix-synapse<1.136.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-54315 ansible-core<2.17.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-5115 ansible-core<2.14.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-5764 ansible-core<2.14.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-0690 ansible-core<2.14.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-8775 ansible-core<2.17.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-9902 ansible-core<2.16.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-11079 wireshark<4.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-6174 wireshark<4.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-6175 wireshark<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-0207 wireshark<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-0208 wireshark<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-0209 wireshark<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-0210 wireshark<4.2.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-0211 wireshark<4.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-11595 wireshark<4.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-11596 wireshark<4.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-2955 wireshark<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4853 wireshark<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4854 wireshark<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4855 wireshark<4.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-8250 wireshark<4.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-8645 wireshark<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-9780 wireshark<4.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-9781 fetchmail<6.5.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61962 assimp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11274 assimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11275 assimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11277 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11234 qt6-qtsvg<6.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-10728 qt6-qtsvg<6.9.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-10729 redis<8.2.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-46817 redis<8.2.2 access-control-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-46818 redis<8.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46819 redis<8.2.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-49844 zabbix-frontend<6.0.41 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-27231 zabbix-frontend<6.0.41 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-27236 zabbix-frontend<6.0.41 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-49641 ap24-auth-openidc<2.4.13.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28625 ap24-auth-openidc<2.4.15.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24814 ap24-auth-openidc<2.4.16.11 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-31492 ap24-auth-openidc<2.4.13.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-3891 # disputed by upstream, see https://modsecurity.org/20241011/about-cve-2024-46292-2024-october/ #ap24-modsecurity-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-46292 ap24-modsecurity<2.9.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-47947 ffmpeg5<5.1.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg6<6.1.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg7<7.1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg8<8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg6-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg7-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg8<8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg6-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg7-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg8<8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg5<5.1.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg6<6.1.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg7<7.1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg8<8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg5<5.1.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg6<6.1.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg7<7.1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg8<8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg5<5.1.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg6<6.1.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg7<7.1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg8<8.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg5-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-59734 ffmpeg6-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-59734 ffmpeg7-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-59734 ffmpeg8<8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-59734 openssh<10.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-61984 openssh<10.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-61985 python39<3.9.24 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python310<3.10.19 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python311<3.11.14 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python312<3.12.12 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python313<3.13.8nb1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python314<3.14.0nb2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 ruby{31,32,33,34}-rack2<2.2.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61770 ruby{31,32,33,34}-rack>=3<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61770 ruby{31,32,33,34}-rack2<2.2.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61771 ruby{31,32,33,34}-rack>=3<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61771 ruby{31,32,33,34}-rack2<2.2.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61772 ruby{31,32,33,34}-rack>=3<3.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61772 binutils<2.46 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11412 binutils<2.46 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11413 binutils<2.46 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11414 matrix-synapse<1.139.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61672 binutils<2.46 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11494 binutils<2.46 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11495 python39-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages apache-cassandra>=4<4.0.15 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2024-27137 apache-cassandra<3.11.18 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-23015 apache-cassandra>=4<4.0. improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-24860 apache-roller<6.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-25090 apache-roller<6.1.4 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-46911 apache-roller<6.1.5 improper-session-handling https://nvd.nist.gov/vuln/detail/CVE-2025-24859 apache-tomcat<8.5.88 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28709 apache-tomcat>=9<9.0.74 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28709 apache-tomcat>=10<10.1.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28709 apache-tomcat<8.5.86 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-34981 apache-tomcat>=9<9.0.75 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-34981 apache-tomcat>=10<10.1.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-34981 apache-tomcat<8.5.94 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42795 apache-tomcat>=9<9.0.81 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42795 apache-tomcat>=10<10.1.14 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42795 apache-tomcat<8.5.94 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-45648 apache-tomcat>=9<9.0.81 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-45648 apache-tomcat>=10<10.1.14 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-45648 apache-tomcat<8.5.96 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-46589 apache-tomcat>=9<9.0.83 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-46589 apache-tomcat>=10<10.1.16 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-46589 apache-tomcat<8.5.99 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23672 apache-tomcat>=9<9.0.86 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23672 apache-tomcat>=10<10.1.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23672 apache-tomcat<8.5.99 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24549 apache-tomcat>=9<9.0.86 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24549 apache-tomcat>=10<10.1.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24549 apache-tomcat<9.0.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34750 apache-tomcat>=10<10.1.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34750 apache-tomcat<9.0.90 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38286 apache-tomcat>=10<10.1.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-38286 apache-tomcat<9.0.98 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-50379 apache-tomcat>=10<10.1.34 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-50379 apache-tomcat<9.0.96 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52317 apache-tomcat>=10<10.1.31 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52317 apache-tomcat<9.0.97 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-52318 apache-tomcat>=10<10.1.32 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-52318 apache-tomcat<9.0.98 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-54677 apache-tomcat>=10<10.1.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-54677 apache-tomcat<9.0.99 race-condition https://nvd.nist.gov/vuln/detail/CVE-2024-56337 apache-tomcat>=10<10.1.35 race-condition https://nvd.nist.gov/vuln/detail/CVE-2024-56337 apache-tomcat<9.0.99 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-24813 apache-tomcat>=10<10.1.35 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-24813 apache-tomcat<9.0.104 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31650 apache-tomcat>=10<10.1.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31650 apache<2.4.59 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2023-38709 apache<2.4.59 http-response-splitting https://nvd.nist.gov/vuln/detail/CVE-2024-24795 apache<2.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27316 ark<24.12.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2024-57966 arti<1.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-35312 arti<1.2.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-35313 asio<1.13.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2019-25219 assimp<5.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-40724 assimp<5.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-45679 assimp-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-46632 assimp<6.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-48423 assimp<6.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-48424 assimp<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-48425 assimp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-48426 assimp<6.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2151 assimp<6.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2152 assimp<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-2591 assimp<6.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2592 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-2752 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-2753 assimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2754 assimp-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-2755 assimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2756 assimp<6.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-3015 assimp<6.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-3016 assimp<6.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-3159 assimp<6.0.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-3160 assimp<6.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-3196 assimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-3549 asterisk<18.20.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-37457 asterisk>=20<20.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-37457 asterisk>=21<21.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-37457 asterisk<18.20.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-49294 asterisk>=20<20.5.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-49294 asterisk>=21<21.0.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-49294 asterisk<18.23.1 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-35190 asterisk>=20<20.8.1 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-35190 asterisk>=21<21.3.1 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2024-35190 asterisk<18.24.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-42365 asterisk>=20<20.9.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-42365 asterisk>=21<21.4.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-42365 asterisk<18.24.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-42491 asterisk>=20<20.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-42491 asterisk>=21<21.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-42491 asterisk<18.26.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-53566 asterisk>=20<20.11.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-53566 asterisk>=21<21.6.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-53566 asterisk>=22<22.1.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-53566 atril<1.27.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51698 atril<1.26.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-52076 augeas-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-2588 authelia<4.38.19 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2025-24806 avahi<0.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1981 avahi<0.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2024-52615 avahi<0.9 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2024-52616 php{56,74,81,82,83,84}-glpi<10.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-28852 php{56,74,81,82,83,84}-glpi<10.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-28849 php{56,74,81,82,83,84}-glpi<10.0.7 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-28838 php{56,74,81,82,83,84}-glpi<10.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-28639 php{56,74,81,82,83,84}-glpi<10.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-28636 php{56,74,81,82,83,84}-glpi<10.0.7 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-28634 php{56,74,81,82,83,84}-glpi<10.0.7 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-28633 php{56,74,81,82,83,84}-glpi<10.0.7 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2023-28632 php{56,74,81,82,83,84}-glpi<10.0.8 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-34106 php{56,74,81,82,83,84}-glpi<10.0.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-36808 php{56,74,81,82,83,84}-glpi<10.0.8 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-35939 php{56,74,81,82,83,84}-glpi<10.0.8 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-35940 php{56,74,81,82,83,84}-glpi<10.0.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-35924 php{56,74,81,82,83,84}-glpi<10.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-34244 php{56,74,81,82,83,84}-glpi<10.0.8 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2023-34107 php{56,74,81,82,83,84}-glpi<10.0.9 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-37278 php{56,74,81,82,83,84}-glpi<10.0.10 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-41888 php{56,74,81,82,83,84}-glpi<10.0.10 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2023-41323 php{56,74,81,82,83,84}-glpi<10.0.10 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-42462 php{56,74,81,82,83,84}-glpi<10.0.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-42461 php{56,74,81,82,83,84}-glpi<10.0.10 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2023-41326 php{56,74,81,82,83,84}-glpi<10.0.10 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2023-41324 php{56,74,81,82,83,84}-glpi<10.0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-41321 php{56,74,81,82,83,84}-glpi<10.0.10 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-41322 php{56,74,81,82,83,84}-glpi<10.0.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-41320 php{56,74,81,82,83,84}-glpi<10.0.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42802 php{56,74,81,82,83,84}-glpi<10.0.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-43813 php{56,74,81,82,83,84}-glpi<10.0.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-46726 php{56,74,81,82,83,84}-glpi<10.0.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-46727 php{56,74,81,82,83,84}-glpi-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-27756 php{56,74,81,82,83,84}-glpi<10.0.13 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-27930 php{56,74,81,82,83,84}-glpi<10.0.13 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2024-27937 php{56,74,81,82,83,84}-glpi<10.0.13 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2024-27098 php{56,74,81,82,83,84}-glpi<10.0.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-27104 php{56,74,81,82,83,84}-glpi<10.0.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-27914 php{56,74,81,82,83,84}-glpi<10.0.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-27096 php{56,74,81,82,83,84}-glpi<10.0.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-29889 php{56,74,81,82,83,84}-glpi<10.0.15 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-31456 php{56,74,81,82,83,84}-glpi<10.0.16 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-37147 php{56,74,81,82,83,84}-glpi<10.0.16 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-37148 php{56,74,81,82,83,84}-glpi<10.0.16 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-37149 php{56,74,81,82,83,84}-glpi<10.0.17 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-40638 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-41678 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-47759 php{56,74,81,82,83,84}-glpi<10.0.17 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-41679 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43417 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43418 php{56,74,81,82,83,84}-glpi<10.0.17 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-45608 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-45609 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-45610 php{56,74,81,82,83,84}-glpi<10.0.17 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-45611 php{56,74,81,82,83,84}-glpi<10.0.16 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-38370 php{56,74,81,82,83,84}-glpi<10.0.17 username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2024-43416 php{56,74,81,82,83,84}-glpi<10.0.17 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-47758 php{56,74,81,82,83,84}-glpi<10.0.17 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-47760 php{56,74,81,82,83,84}-glpi<10.0.17 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-47761 php{56,74,81,82,83,84}-glpi<10.0.17 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-48912 php{56,74,81,82,83,84}-glpi<10.0.17 session-hijack https://nvd.nist.gov/vuln/detail/CVE-2024-50339 php{56,74,81,82,83,84}-glpi<10.0.18 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2024-11955 php{56,74,81,82,83,84}-glpi<10.0.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-21626 php{56,74,81,82,83,84}-glpi<10.0.18 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-23024 php{56,74,81,82,83,84}-glpi<10.0.18 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-21627 php{56,74,81,82,83,84}-glpi<10.0.18 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-25192 php{56,74,81,82,83,84}-glpi<10.0.18 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-23046 php{56,74,81,82,83,84}-glpi<10.0.18 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-21619 php{56,74,81,82,83,84}-glpi<10.0.18 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24799 php{56,74,81,82,83,84}-glpi<10.0.18 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-24801 bind<9.18.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2828 bind<9.18.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2911 bind<9.18.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3341 bind<9.18.19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4236 bind<9.18.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4408 bind<9.18.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5517 bind<9.18.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5679 bind<9.16.48 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-6516 bind<9.18.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-0760 bind<9.18.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-11187 bind<9.18.33 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-12705 bind<9.18.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-1737 bind<9.18.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-1975 bind<9.18.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4076 bind>=9.20<9.20.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40775 binutils<2.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19726 binutils-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32256 binutils<2.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35205 binutils<2.39 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-35206 binutils<2.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45703 binutils<2.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47007 binutils<2.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47008 binutils<2.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47010 binutils<2.39 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47011 binutils<2.41 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1579 binutils<2.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1972 binutils<2.41 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-25584 binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25585 binutils<2.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25586 binutils<2.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-25588 binutils<2.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-57360 binutils<2.44 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0840 binutils<2.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1149 binutils<2.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1150 binutils<2.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1151 binutils<2.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1152 binutils<2.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1153 binutils<2.45 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-1176 binutils<2.45 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-1178 binutils<2.44 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-1179 binutils<2.45 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-1180 binutils<2.45 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-1181 binutils<2.45 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-1182 binutils<2.45 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-3198 bitcoin<24.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25220 bitcoin-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-50428 bitcoin-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-34149 bitcoin<25.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-35202 bitcoin<0.21.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-52912 bitcoin<0.21.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-52913 bitcoin<0.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52914 bitcoin<0.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52915 bitcoin<0.15.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52916 bitcoin<22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52917 bitcoin<0.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52918 bitcoin<22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52919 bitcoin<0.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52920 bitcoin<25.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-52921 bitcoin<25.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-52922 bitcoin-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-55563 blosc2<2.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37185 blosc2<2.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37186 blosc2<2.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37187 blosc2<2.9.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-37188 blosc2<2.14.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-3203 blosc2<2.14.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-3204 blosc2<2.17.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-29476 botan<2.1.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-7252 botan<2.19.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34702 botan>=3<3.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34702 botan<2.19.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34703 botan>=3<3.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34703 botan<2.19.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2024-39312 botan>=3<3.5.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2024-39312 botan<3.6.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-50382 botan<3.6.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-50383 c-ares<1.17.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22217 cJSON<1.7.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50471 cJSON<1.7.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50472 cJSON<1.7.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31755 cacti<1.2.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-46490 cacti<1.2.26 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49084 cacti<1.2.26 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-49085 cacti<1.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-49086 cacti<1.2.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-49088 cacti<1.2.26 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-50250 cacti<1.2.26 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51448 cacti<1.2.27 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-25641 cacti<1.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-27082 cacti<1.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-29894 cacti>=1.3<1.4 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-29895 cacti>=1.3<1.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-30268 cacti<1.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-31443 cacti<1.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-31444 cacti<1.2.27 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-31445 cacti<1.2.27 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-31458 cacti<1.2.27 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-31459 cacti<1.2.27 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-31460 cacti<1.2.27 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-34340 cacti<1.2.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43362 cacti<1.2.28 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-43363 cacti<1.2.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43364 cacti<1.2.28 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-43365 cacti<1.2.29 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-45598 cacti<1.2.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-54145 cacti<1.2.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-54146 cacti<1.2.29 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-22604 cacti<1.2.29 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-24367 cacti<1.2.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24368 cacti<1.2.29 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-26520 calibre<6.19.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-46303 calibre<7.16.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-6781 calibre<7.16.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-6782 calibre<7.16.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-7008 calibre<7.16.0 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2024-7009 catdoc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-46345 cfengine<3.21.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2023-45684 cflow-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2789 cjose<0.6.2.2 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2023-37464 clamav<1.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20197 clamav<1.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-20212 clamav<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-20290 clamav<1.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-20380 clamav<1.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-20505 clamav<1.4.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-20506 clamav<1.4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-20128 clojure<1.9.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2017-20189 clojure<1.12.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-22871 commonmarker<0.23.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-22051 consul<1.20.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-10005 consul<1.20.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-10006 consul<1.20.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-10086 php{56,70,71,72,73}-contao35<3.5.32 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-5478 php{56,70,71,72,73}-contao35-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-29200 couchdb<3.3.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-45725 cpp-httplib<0.18.4 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-0825 cpp-httplib<0.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46728 cppcheck-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39070 cryptopp-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-48570 cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-50979 cryptopp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50980 cryptopp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50981 cryptopp-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-28285 cups-base<2.4.9 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-35235 cups-base-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-47850 curl<7.66.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-19909 curl<8.6.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-0853 curl<8.7.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-2004 curl<8.7.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-2379 curl<8.7.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2024-2398 curl<8.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-6874 curl<8.12.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-0167 curl<8.12.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-0665 curl<8.12.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0725 cyrus-imapd<3.8.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34055 dante<1.4.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-54662 dav1d<1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32570 dav1d<1.4.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-1580 dbus<1.15.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-34969 dmidecode<3.5 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2023-30630 # not an issue in pkgsrc due how it is installed #dnscrypt-proxy-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-36587 dnsdist>=1.9.0<1.9.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25581 dnsdist<1.9.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-30193 dnsmasq<2.90 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49441 drupal<9.3.12 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25273 drupal<9.3.12 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-25274 drupal<9.4.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2022-25275 drupal<9.4.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-25276 drupal<9.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-25277 drupal<9.4.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-25278 drupal<10.0.8 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-31250 drupal<10.2.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-11941 drupal<10.2.10 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2024-11942 drupal<11.0.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-12393 drupal<10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-22362 drupal<11.0.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-45440 drupal<11.0.8 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-55634 drupal<7.102 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-55635 drupal<11.0.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-55636 drupal<11.0.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-55637 drupal<10.3.9 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-55638 drupal<11.1.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-3057 drupal<11.1.3 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-31673 drupal<11.1.3 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-31674 drupal<11.1.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-31675 zabbix-server-{mysql,postgresql}<6.0.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29458 zabbix-proxy<6.0.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29458 easy-rsa<3.2.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2024-13454 editorconfig-core<0.12.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-53849 elasticsearch<8.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31417 elasticsearch<8.8.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-31418 elasticsearch<8.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31419 elasticsearch<8.10.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46673 elasticsearch<8.11.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49921 elasticsearch<8.17.0 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-12539 elasticsearch<8.13.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23444 elasticsearch<8.14.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-23445 elasticsearch<8.11.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23449 elasticsearch<8.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23450 elasticsearch<8.13.0 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2024-23451 elasticsearch<8.14.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-37280 elasticsearch<8.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-43709 elasticsearch<8.16.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52979 elasticsearch<8.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52980 elasticsearch<8.15.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-52981 element-web<1.11.81 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-47779 element-web<1.11.85 spoofing https://nvd.nist.gov/vuln/detail/CVE-2024-51749 element-web<1.11.85 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-51750 element-web<1.11.97 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-32026 emacs29<29.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-30202 emacs29-nox11<29.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-30202 emacs29<29.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-30203 emacs29-nox11<29.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-30203 emacs29<29.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-30204 emacs29-nox11<29.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-30204 emacs30<30.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-53920 emacs30-nox11<30.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-53920 emacs29<29.4.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1244 emacs29-nox11<29.4.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-1244 engrampa<1.28.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-52138 erlang<27.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-26618 erlang<27.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-30211 erlang<27.3.4 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2025-46712 erlang-jose<1.11.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50966 exiftags-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-50671 exiftags-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-42851 exim<4.98 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-39929 exiv2<0.27.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18831 exiv2<0.28.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-24826 exiv2<0.28.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25112 expat<2.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-50602 eza<0.18.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-25817 ffmpeg6<6.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-48434 ffmpeg5<5.1.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-48434 ffmpeg4<4.4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-48434 ffmpeg6<6.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-46407 ffmpeg6<6.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47470 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49501 ffmpeg6<6.1.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49501 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49502 ffmpeg6<6.1.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49502 ffmpeg5<5.1.7 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49502 ffmpeg4<4.4.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49502 ffmpeg3<3.4.14 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49502 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-49528 ffmpeg7<7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50007 ffmpeg6<6.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50007 ffmpeg5<5.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50007 ffmpeg7<7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50008 ffmpeg6<6.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50008 ffmpeg5<5.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50008 ffmpeg7<7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-50009 ffmpeg7<7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-50010 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51791 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51793 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51794 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51795 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51796 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51797 ffmpeg7<7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-51798 ffmpeg7<7.1.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6601 ffmpeg6<6.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6601 ffmpeg5<5.1.7 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6601 ffmpeg8<8.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6602 ffmpeg7<7.1.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6602 ffmpeg6<6.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6602 ffmpeg5<5.1.7 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6602 ffmpeg4<4.4.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6602 ffmpeg5<5.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-6603 ffmpeg8<8.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6604 ffmpeg7<7.1.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6604 ffmpeg6<6.1.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6604 ffmpeg5<5.1.7 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6604 ffmpeg4<4.4.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-6604 ffmpeg8<8.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-6605 ffmpeg7<7.1.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-6605 ffmpeg6<6.1.3 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-6605 ffmpeg4<4.4.6 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2023-6605 ffmpeg6<6.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-22860 ffmpeg6<6.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-22861 ffmpeg6<6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-22862 ffmpeg7<7.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-31578 ffmpeg6<6.1.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-31578 ffmpeg7<7.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-31581 ffmpeg7<7.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-31582 ffmpeg6<6.1.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-31582 ffmpeg5<5.1.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-31582 ffmpeg7<7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31585 ffmpeg7<7.0.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32228 ffmpeg<7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32229 ffmpeg7<7.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32230 ffmpeg7<7.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2024-35365 ffmpeg7<7.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-35366 ffmpeg7<7.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-35367 ffmpeg6<6.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-35367 ffmpeg5<5.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-35367 ffmpeg7<7.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2024-35368 ffmpeg6<6.1.3 double-free https://nvd.nist.gov/vuln/detail/CVE-2024-35368 ffmpeg5<5.1.7 double-free https://nvd.nist.gov/vuln/detail/CVE-2024-35368 ffmpeg7<7.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-35369 ffmpeg7<7.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36613 ffmpeg5<5.1.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36613 ffmpeg4<4.3.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36613 ffmpeg7<7.1 race-condition https://nvd.nist.gov/vuln/detail/CVE-2024-36615 ffmpeg7<7.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36616 ffmpeg5<5.1.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36616 ffmpeg4<4.3.7 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36616 ffmpeg7<7.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36617 ffmpeg6<6.1.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36617 ffmpeg5<5.1.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36617 ffmpeg4<4.4.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36617 ffmpeg3<3.4.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36617 ffmpeg7<7.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36618 ffmpeg7<7.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-36619 ffmpeg7<7.1.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-55069 ffmpeg7<7.0.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-7055 ffmpeg6<6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-7272 ffmpeg5<5.1.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-7272 ffmpeg8<8.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-0518 ffmpeg7<7.1.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-0518 ffmpeg6<6.1.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-0518 ffmpeg5<5.1.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-0518 ffmpeg4<4.4.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-0518 ffmpeg3<3.4.14 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-0518 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1373 ffmpeg8<8.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-1594 ffmpeg7<7.1.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-1594 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1816 ffmpeg7<7.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1816 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22919 ffmpeg7<7.1.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22919 ffmpeg6<6.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22919 ffmpeg5<5.1.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22919 ffmpeg4<4.4.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22919 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22920 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-22921 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-25468 ffmpeg8<8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-25469 ffmpeg8<8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-25471 ffmpeg8<8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-25473 ffmpeg4<4.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36138 ffmpeg4<4.3.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-28429 elasticsearch<8.18.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-37727 ruby{31,32,33,34}-rack2<2.2.20 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61780 ruby{31,32,33,34}-rack>=3<3.2.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61780 ruby{31,32,33,34}-rack2<2.2.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61919 ruby{31,32,33,34}-rack>=3<3.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61919 py{27,39,310,311,312,313,314}-authlib<1.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61920 ruby{31,32,33,34}-sinatra<4.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61921 py{27,39,310,311,312,313,314}-ldap<3.4.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61911 py{27,39,310,311,312,313,314}-ldap<3.4.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61912 wireshark<4.4.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11626 poppler<25.10.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-52885 fastd<23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24356 p5-FCGI-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-40907 fdupes<2.2.0 arbitrary-file-removal https://nvd.nist.gov/vuln/detail/CVE-2022-48682 fig2dev-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2025-31162 fig2dev-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31163 fig2dev-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-31164 fig2dev-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-46397 fig2dev-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-46398 fig2dev-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-46399 fig2dev-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-46400 file<5.43 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-48554 flac<1.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-22219 flightgear<2020.3.6 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-0781 fluent-bit<1.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46878 fluent-bit<1.8.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46879 fluent-bit<2.2.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-23722 fluent-bit<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-50608 fluent-bit<3.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-50609 fluent-bit<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-29477 fluent-bit<4.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-29478 fluent-bit-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-26455 freeimage-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47992 freeimage-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-47993 freeimage-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47994 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-47995 freeimage-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47996 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-47997 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28562 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28563 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28564 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28565 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28567 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28568 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28569 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28570 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28571 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28572 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28573 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28574 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28575 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28576 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28577 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28578 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28579 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28580 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28581 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28582 freeimage-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-28583 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28584 freeimage-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-31570 freerdp2<2.11.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-22211 freerdp2<2.11.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32039 freerdp2<2.11.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32040 freerdp2<2.11.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32041 freerdp2<2.11.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32458 freerdp2<2.11.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32459 freerdp2<2.11.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32460 freerdp2<3.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32658 freerdp2<3.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32659 freerdp2<3.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-32660 freerdp2<3.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-32661 freerdp2<3.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32662 freetype2<2.9 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-23022 frr<8.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38406 frr<8.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38407 frr<10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46752 frr<10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46753 frr<10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-47234 frr<10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-47235 frr<10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27913 frr<10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31948 frr<10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31949 frr<10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31950 frr<10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-31951 frr<10.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-34088 frr<10.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-44070 frr<10.1.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-55553 tiff<4.7.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3164 ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-52762 ganglia-webfrontend-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-52763 # disputed by the GCC project as missed hardening bug, not a vulnerability #gcc-[0-9]* security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4039 # not considered a vulnerability issue, --no-absolute-filenames option should # be used instead: # #gcpio-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2023-7216 # not reproducible, rejected by uptsream #gdal-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-29480 gdb<14.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39128 gdb<14.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-39129 gdb<14.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-39130 gdk-pixbuf2<2.42.12 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-48622 geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-46058 geeklog-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-46059 gerbv<2.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4508 gh<2.61.0 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-52308 gh<2.63.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-53858 gh<2.11.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-53859 gh<2.63.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-54132 gh<2.67.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-25204 ghostscript-agpl<9.51 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21710 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21710 ghostscript-agpl<9.51 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21890 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21890 ghostscript-agpl<9.53.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36773 ghostscript-gpl-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-36773 ghostscript-agpl<10.01.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-36664 ghostscript-gpl-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-36664 ghostscript-agpl<10.02.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38559 ghostscript-gpl-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38559 ghostscript-agpl<10.02.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38560 ghostscript-gpl-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38560 ghostscript-agpl<10.02.0 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43115 ghostscript-gpl-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43115 ghostscript-agpl<10.02.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46751 ghostscript-gpl-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-46751 ghostscript-agpl<10.03.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29506 ghostscript-gpl-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29506 ghostscript-agpl<10.03.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29507 ghostscript-gpl-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29507 ghostscript-agpl<10.03.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-29508 ghostscript-gpl-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-29508 ghostscript-agpl<10.03.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29509 ghostscript-gpl-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29509 ghostscript-agpl<10.03.1 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2024-29510 ghostscript-gpl-[0-9]* sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2024-29510 ghostscript-agpl<10.03.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-29511 ghostscript-gpl-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-29511 ghostscript-agpl<10.03.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-33869 ghostscript-gpl-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-33869 ghostscript-agpl<10.03.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-33870 ghostscript-gpl-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-33870 ghostscript-agpl<10.03.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-33871 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-33871 ghostscript-agpl<10.04.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-46951 ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-46951 ghostscript-agpl<10.04.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-46952 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-46952 ghostscript-agpl<10.04.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-46953 ghostscript-gpl-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-46953 ghostscript-agpl<10.04.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-46954 ghostscript-gpl-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-46954 ghostscript-agpl<10.04.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-46955 ghostscript-gpl-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-46955 ghostscript-agpl<10.04.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-46956 ghostscript-gpl-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-46956 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27830 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27830 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27831 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27831 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27832 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27832 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27833 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27833 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27834 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27834 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27835 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27835 ghostscript-agpl<10.05.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27836 ghostscript-gpl-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-27836 ghostscript-agpl<10.05.0 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2025-27837 ghostscript-gpl-[0-9]* arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2025-27837 ghostscript-agpl<10.05.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-46646 ghostscript-gpl-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-46646 giflib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39742 giflib-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-48161 giflib<5.2.2nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-31344 giflib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-45993 gifsicle<1.94 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36193 gifsicle<1.95 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2023-46009 gimp<3.0.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2760 gimp<3.0.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-2761 libxslt<1.1.43nb5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11731 firefox<144 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-81/ firefox115<115.29 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-82/ firefox140<140.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-83/ thunderbird<144 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-84/ thunderbird140<140.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-85/ webkit-gtk<2.50.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-43343 zabbix-agent<6.0.18 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-29453 gindent<2.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40305 gindent<2.2.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-0911 git-base<2.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-50338 # disputed: https://lore.kernel.org/git/aQd_iisOrwX909Fr@@fruit.crustytoothpaste.net/T/#t #git-base-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-52005 git-base<2.26.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-52006 git-lfs<3.6.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-53263 gitea<1.17.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-38795 gitea<1.19.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2023-3515 glade<3.40.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-36774 glib2<2.74 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29499 glib2<2.74 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32611 glib2<2.74.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32636 glib2<2.74.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32643 glib2<2.74.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-32665 glib2<2.80.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-34397 glib2<2.82.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-52533 glib2<2.82.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-3360 glib2<2.84.2 buffer-underflow https://nvd.nist.gov/vuln/detail/CVE-2025-4373 global<6.6.13 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-38448 glslang-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-3010 # disputed by upstream, considered a feature #gnome-settings-daemon-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-38394 gnome-shell<44.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-43090 gnome-shell<44.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-50977 gnome-shell<48.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-36472 gnupg2<2.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-30258 gnuplot<6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31176 gnuplot<6.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-31177 gnuplot<6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31178 gnuplot<6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31179 gnuplot<6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31180 gnuplot<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-31181 gnuplot<6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-3359 gnutls<3.8.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-12243 gnutls<3.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28835 go121<1.21.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-24531 go119<1.19.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24534 go120<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24534 go119<1.19.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24536 go120<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24536 go119<1.19.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24537 go120<1.20.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24537 go119<1.19.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-24538 go120<1.20.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-24538 go119<1.19.9 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-24539 go120<1.20.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-24539 go119<1.19.9 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2023-29400 go120<1.20.4 html-attribute-injection https://nvd.nist.gov/vuln/detail/CVE-2023-29400 go119<1.19.10 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-29402 go120<1.20.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-29402 go119<1.19.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-29403 go120<1.20.5 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-29403 go119<1.19.10 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-29404 go120<1.20.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-29404 go119<1.19.10 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-29405 go120<1.20.5 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-29405 go119<1.19.11 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-29406 go120<1.20.6 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2023-29406 go119<1.19.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29409 go120<1.20.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29409 go120<1.20.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39318 go121<1.21.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39318 go120<1.20.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39319 go121<1.21.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-39319 go121<1.21.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-39320 go121<1.21.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39322 go120<1.20.0 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-45287 go121<1.21.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45290 go122<1.22.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45290 go121<1.21.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24784 go122<1.22.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24784 go121<1.21.8 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24785 go122<1.22.1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24785 go122<1.22.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24788 go121<1.21.11 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24789 go122<1.22.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24789 go121<1.21.11 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24790 go122<1.22.4 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2024-24790 go121<1.21.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24791 go122<1.22.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24791 go122<1.22.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-45336 go123<1.23.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-45336 go122<1.22.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-45341 go123<1.23.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-45341 go122<1.22.12 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-22866 go123<1.23.6 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-22866 go123<1.23.8 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-22871 go124<1.24.2 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-22871 go124<1.24.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-45340 gpac<2.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47090 gpsd<3.26 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43628 gradle<8.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-35946 gradle<8.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-35947 gradle<8.12 insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2025-27148 grafana<9.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-1387 grafana<9.3.11 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-1410 grafana<9.5.3 spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-2183 grafana<9.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-2801 grafana<9.5.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-3128 grafana<10.1.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-4399 grafana<10.1.3 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-4822 grafana<10.3.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-6152 grafana-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-10452 grafana<11.5.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-11741 grafana<10.3.5 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-1313 grafana<10.3.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-1442 grafana<11.1.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-6322 grafana<11.2.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-8118 grafana<11.2.2 code-injection https://nvd.nist.gov/vuln/detail/CVE-2024-9264 grafana<11.3.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2024-9476 grafana<12.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-4123 GraphicsMagick<1.3.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27795 GraphicsMagick<1.3.46 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-27796 grpc<1.68.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-11407 grpc<1.65.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-7246 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45774 grub2<2.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45775 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45776 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45777 grub2<2.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-45778 grub2<2.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-45779 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45780 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45781 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45782 grub2<2.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45783 grub2-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-56737 grub2<2.13 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2024-56738 grub2<2.13 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-0622 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-0624 grub2<2.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0677 grub2<2.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0678 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-0684 grub2<2.13 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0685 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-0686 grub2<2.13 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0689 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-0690 grub2<2.13 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-1118 grub2<2.13 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-1125 grub2<2.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-4382 samba<4.21.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-9640 samba<4.21.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-10230 p5-YAML-Syck<1.36 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11683 binutils-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11839 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11840 icinga2<2.14.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61907 icinga2<2.14.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61908 icinga2<2.14.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-61909 quickjs<20250913 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-62490 quickjs<20250913 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-62491 quickjs<20250913 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-62492 quickjs<20250913 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-62493 quickjs<20250913 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-62494 quickjs<20250913 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-62495 quickjs<20250913 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-62496 radare2<6.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-60358 webmin-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61541 ImageMagick6<6.9.13.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62171 ImageMagick<7.1.2.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62171 git-lfs<3.7.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-26625 radare2<6.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-60359 radare2<6.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-60360 radare2<6.0.0 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-60361 squid<7.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62168 xpdf<4.06 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11896 bftpd-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11947 libwebsockets<4.3.7 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-11677 libwebsockets>=4.4<4.4.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-11677 libwebsockets<4.3.7 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11678 libwebsockets>=4.4<4.4.2 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11678 libwebsockets<4.4.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11679 libwebsockets<4.4.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-11680 mbedtls<3.6.5 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-54764 mongodb<7.0.25 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-11979 trufflehog<3.90.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-41390 mbedtls<3.6.5 padding-oracle-attack https://nvd.nist.gov/vuln/detail/CVE-2025-59438 unbound<1.24.1 cache-poisoning https://www.cve.org/CVERecord?id=CVE-2025-11411 bind<9.18.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8677 bind>=9.20<9.20.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8677 bind<9.18.41 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40778 bind>=9.20<9.20.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40778 bind<9.18.41 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40780 bind>=9.20<9.20.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40780 asterisk-18.* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<8.0.44 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixMSQL openjdk11<11.0.29 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixJAVA openjdk17<17.0.17 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixJAVA openjdk21<21.0.9 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixJAVA ImageMagick<7.1.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62594 apache-tomcat<9.0.109 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-55752 apache-tomcat>=10<10.1.45 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-55752 apache-tomcat>=11<11.0.11 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-55752 apache-tomcat<9.0.109 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-55754 apache-tomcat>=10<10.1.45 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-55754 apache-tomcat>=11<11.0.11 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-55754 apache-tomcat<9.0.110 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61795 apache-tomcat>=10<10.1.47 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61795 apache-tomcat>=11<11.0.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61795 bitcoin<30.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54604 bitcoin<30.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54605 consul<1.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11374 consul<1.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11375 # Questionable, needs to change the configuration files, see #dnsmasq-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-12198 #dnsmasq-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-12199 #dnsmasq-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-12200 firefox<144.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-86/ fontforge<20251009 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-50949 fontforge<20251009 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-50951 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61099 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61100 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61101 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61102 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61103 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61104 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61105 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61106 frr-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61107 gegl<0.4.64 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10921 gimp<3.0.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-10920 gimp<3.0.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10922 gimp<3.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10923 gimp<3.0.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10924 gimp<3.0.6 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10925 gimp<3.0.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-10934 go124<1.24.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-47912 go125<1.25.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-47912 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58183 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58183 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58185 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58185 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58186 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58186 go124<1.24.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58187 go125<1.25.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58187 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58188 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58188 go124<1.24.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-58189 go125<1.25.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-58189 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61723 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61723 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61724 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61724 go124<1.24.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61725 go125<1.25.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61725 kea>=3.0.1<3.0.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11232 libaudiofile-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-50950 libsoup-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-12105 modular-xorg-server<21.1.19 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-62229 modular-xorg-server<21.1.19 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-62230 modular-xorg-server<21.1.19 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-62231 moodle<5.0.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-62393 moodle<5.0.3 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-62394 moodle<5.0.3 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-62395 moodle<5.0.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62396 moodle<5.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62397 moodle<5.0.3 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-62398 moodle<5.0.3 brute-force https://nvd.nist.gov/vuln/detail/CVE-2025-62399 moodle<5.0.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62400 moodle<5.0.3 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-62401 # Only alpha and beta releases affected, never packaged in pkgsrc #openvpn>=2.7_alpha1<2.7_beta1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-10680 py{27,39,310,311,312,313,314}-authlib<1.6.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62706 py{27,39,310,311,312,313,314}-pdf<6.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62707 py{27,39,310,311,312,313,314}-pdf<6.1.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62708 py{27,39,310,311,312,313,314}-starlette<0.49.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62727 rt5>=5.0.4<5.0.9 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-9158 sqlite3<3.50.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52099 vault<1.21.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-11621 vault<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12044 py{27,39,310,311,312,313,314}-brotli<1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6176 qt5-qtconnectivity<5.15.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-23050 qt6-qtconnectivity<6.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-23050 xenkernel418<20260317 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58147 xenkernel420<20251113 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58147 xenkernel418<20260317 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58148 xenkernel420<20251113 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58148 xenkernel418<20260317 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58149 xenkernel420<20251113 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58149 python39<3.9.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 python310<3.10.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 python311<3.11.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 python312<3.12.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 python313<3.13.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 python314<3.14.0nb3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12464 gsl-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-50610 gsoap<2.8.133 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-4227 gst-rtsp-server<1.24.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-44331 gstreamer1<1.24.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-0444 gstreamer1<1.24.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-47537 gstreamer1<1.24.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-47538 gstreamer1<1.24.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-47539 gstreamer1<1.24.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-47540 gstreamer1<1.24.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-47541 gstreamer1<1.24.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-47542 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47543 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47544 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47545 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47546 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47596 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47597 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47598 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47599 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47600 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47601 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47602 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47603 gstreamer1<1.24.10 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-47606 gstreamer1<1.24.10 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-47607 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47613 gstreamer1<1.24.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-47615 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47774 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47775 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47776 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47777 gstreamer1<1.24.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-47778 gstreamer1<1.24.10 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-47834 gstreamer1<1.24.10 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-47835 # Gstreamer Installer, not used by pkgsrc #gstreamer1-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-2759 gstreamer1<1.26.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-3887 gstreamer1<1.222.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-37327 gstreamer1<1.22.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38103 gstreamer1<1.22.5 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38104 gstreamer1<1.22.8 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-50186 gtar-base<1.35 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39804 opensmtpd>=7.7.0<7.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62875 exim<4.99 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-30232 lighttpd>=1.4.80<1.4.81 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-12642 mantis<2.27.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46556 mongodb<8.0.10 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12657 netsurf-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-51317 netsurf-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-29699 netsurf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-45663 mantis<2.27.2 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-47776 mantis<2.27.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-55155 mantis<2.27.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62520 redis<8.2.3 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-62507 calibre<8.14.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-64486 chromium<141.0.7390.54 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11205 chromium<141.0.7390.54 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11206 chromium<141.0.7390.54 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-11207 chromium<141.0.7390.54 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-11208 chromium<141.0.7390.54 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-11210 chromium<141.0.7390.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11211 chromium<141.0.7390.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11215 chromium<141.0.7390.54 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-11219 chromium<141.0.7390.65 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11458 chromium<141.0.7390.65 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-11460 chromium<141.0.7390.107 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-11756 chromium<141.0.7390.122 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2025-12036 chromium<142.0.7444.59 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-12428 chromium<142.0.7444.59 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-12429 chromium<142.0.7444.59 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-12430 chromium<142.0.7444.59 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-12431 chromium<142.0.7444.59 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-12432 chromium<142.0.7444.59 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-12433 chromium<142.0.7444.59 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-12436 chromium<142.0.7444.59 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-12437 chromium<142.0.7444.59 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-12438 chromium<142.0.7444.59 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-12440 chromium<142.0.7444.59 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-12441 chromium<142.0.7444.59 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-12443 chromium<142.0.7444.59 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-12444 chromium<142.0.7444.59 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-12445 chromium<142.0.7444.59 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-12446 chromium<142.0.7444.137 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-12727 chromium<140.0.7339.80 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-12906 chromium<140.0.7339.80 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-12907 chromium<140.0.7339.80 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-12909 chromium<140.0.7339.80 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-12910 chromium<140.0.7339.80 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-12911 # wolfssh not supported in pkgsrc #curl<8.17.0 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2025-10966 ffmpeg5<5.1.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-7700 ffmpeg6<6.1.3 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-7700 ffmpeg7<7.1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-7700 ffmpeg8<8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-7700 lasso<2.9.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-46404 lasso<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46705 lasso<2.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46784 lasso<2.9.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-47151 libarchive-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-60753 libmicrohttpd<1.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59777 libmicrohttpd<1.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62689 libxml2-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-12863 magento<20.16.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-64174 openexr<3.4.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-64181 openexr<3.4.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-64182 openexr<3.4.3 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-64183 py{27,39,310,311,312,313,314}-django<4.2.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-64458 py{27,39,310,311,312,313,314}-django>=5<5.2.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-64458 py{27,39,310,311,312,313,314}-django<4.2.26 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-64459 py{27,39,310,311,312,313,314}-django>=5<5.2.8 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-64459 py{27,39,310,311,312,313,314}-octoprint<1.11.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-64187 quickjs<20250913nb1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-12745 firefox<145 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/ firefox140<140.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/ firefox115<115.30 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-89/ libvirt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12748 anubis<1.23.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-64716 chromium<142.0.7444.166 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13042 cups-filters<1.28.17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-57812 libcupsfilters<2.1.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-57812 cups-filters<2.1.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-64503 libcupsfilters<1.28.18 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-64503 duckdb<1.4.2 insecure-key-generation https://nvd.nist.gov/vuln/detail/CVE-2025-64429 py{27,39,310,311,312,313,314}-torch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-63396 chromium<128.0.6613.84 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2024-13178 chromium<126.0.6478.182 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2024-7017 chromium<136.0.7103.59 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-13097 chromium<140.0.7339.80 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-13107 chromium<133.0.6943.141 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-9479 jitsi-meet<2.0.10532 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-64754 php{56,74,81,82,83,84}-phppgadmin<9.10 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-12762 php{56,74,81,82,83,84}-phppgadmin<9.10 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-12763 php{56,74,81,82,83,84}-phppgadmin<9.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12764 php{56,74,81,82,83,84}-phppgadmin<9.10 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12765 postgresql-client<13.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12818 postgresql-client>=14<14.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12818 postgresql-client>=15<15.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12818 postgresql-client>=16<16.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12818 postgresql-client>=17<17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12818 postgresql-client>=18<18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12818 postgresql-server<13.23 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12817 postgresql-server>=14<14.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12817 postgresql-server>=15<15.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12817 postgresql-server>=16<16.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12817 postgresql-server>=17<17.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12817 postgresql-server>=18<18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12817 radare2<6.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-63744 radare2<6.0.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-63745 qjson-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages chromium<142.0.7444.175 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13223 chromium<142.0.7444.175 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13224 chromium<142.0.7444.59 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13226 chromium<142.0.7444.59 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13227 chromium<142.0.7444.59 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13228 chromium<142.0.7444.59 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13229 chromium<142.0.7444.59 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13230 drupal<11.1.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13080 drupal<11.1.9 php-object-injection https://nvd.nist.gov/vuln/detail/CVE-2025-13081 drupal<11.1.9 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-13082 drupal<11.1.9 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-13083 grub2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54770 grub2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-54771 grub2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61661 grub2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61662 grub2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61663 grub2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61664 haproxy<3.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11230 libvirt<11.10.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-13193 mongo-c-driver<1.30.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-12119 php{56,74,81,82,83,84}-piwigo<15.6.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2025-62406 py{27,39,310,311,312,313,314}-cbor2<5.7.1 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2025-64076 rsync<3.4.1nb1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-10158 7-zip<25.00 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-11001 cups-filters<2.0.2 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-64524 php{56,74,81,82,83,84}-phppgadmin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-60796 php{56,74,81,82,83,84}-phppgadmin-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-60797 php{56,74,81,82,83,84}-phppgadmin-[0-9]* sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-60798 php{56,74,81,82,83,84}-phppgadmin-[0-9]* incorrect-access-controls https://nvd.nist.gov/vuln/detail/CVE-2025-60799 wireshark<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13499 wolfssl<5.8.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11931 wolfssl<5.8.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-11932 wolfssl<5.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11933 wolfssl<5.8.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11934 wolfssl<5.8.4 weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2025-11935 wolfssl<5.8.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11936 wolfssl<5.8.4 side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-12888 wolfssl<5.8.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12889 nnn-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2025-13566 SOGo<5.12.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-63498 cups-base<2.4.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58436 cups-base<2.4.15 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-61915 expat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66382 #fail2ban-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2025-45311 # disputed fluent-bit<4.0.14 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-12969 fluent-bit<4.0.14 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-12970 fluent-bit<4.0.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-12972 fluent-bit<4.0.14 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-12977 fluent-bit<4.0.14 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-12978 glib2<2.86.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-13601 krita<5.2.13 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-59820 mongodb<7.0.26 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12893 mongodb<7.0.26 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13507 mongodb<7.0.26 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-13643 mongodb<7.0.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13644 php{56,74,81,82,83,84}-orangehrm<5.8 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-66224 php{56,74,81,82,83,84}-orangehrm<5.8 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-66225 php{56,74,81,82,83,84}-orangehrm<5.8 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-66289 php{56,74,81,82,83,84}-orangehrm<5.8 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-66290 php{56,74,81,82,83,84}-orangehrm<5.8 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-66291 png<1.6.51 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-64505 png<1.6.51 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-64506 png<1.6.51 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-64720 png<1.6.51 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-65018 py{27,39,310,311,312,313,314}-fonttools>=4.33.0<4.60.2 xml-injection https://nvd.nist.gov/vuln/detail/CVE-2025-66034 py{27,39,310,311,312,313,314}-pdf<6.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66019 tinyproxy<1.11.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-63938 wireshark<4.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13674 webkit-gtk<2.50.2 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2025-0008.html kissfft-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-34297 # Only alpha, beta and rc1 affected #openvpn>=2.7_alpha1<2.7rc2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-12106 python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 python313<3.13.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 python314<3.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 python313<3.13.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 python314<3.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 zabbix-agent<6.0.40 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-49642 zabbix-frontend>=7.4<7.4.3 arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2025-27232 zabbix-frontend<6.0.42 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49643 xkbcomp<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15853 xkbcomp<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15859 xkbcomp<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15861 xkbcomp<1.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-15863 ImageMagick6<6.9.13.34 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-65955 ImageMagick<7.1.2.9 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-65955 cacti<1.22.29 remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2025-66399 chromium<143.0.7499.41 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13630 chromium<143.0.7499.41 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-13632 chromium<143.0.7499.41 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13633 chromium<143.0.7499.41 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-13635 chromium<143.0.7499.41 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-13636 chromium<143.0.7499.41 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-13637 chromium<143.0.7499.41 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13638 chromium<143.0.7499.41 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-13639 chromium<143.0.7499.41 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-13640 chromium<143.0.7499.41 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13720 chromium<143.0.7499.41 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-13721 go124<1.24.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61729 go125<1.25.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61729 py{27,39,310,311,312,313,314}-django<4.2.27 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-13372 py{27,39,310,311,312,313,314}-django>=5<5.2.9 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-13372 py{27,39,310,311,312,313,314}-django<4.2.27 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-64460 py{27,39,310,311,312,313,314}-django>=5<5.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-64460 wireshark<4.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13945 wireshark<4.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13946 chromium<139.0.7258.66 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-13992 go124<1.24.11 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61727 go125<1.25.5 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-61727 openvpn<2.6.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13086 pgbouncer<1.25.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-12819 png<1.6.52 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-66293 python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 python313<3.13.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 python314<3.14.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 qt5-qtdeclarative-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12385 qt6-qtdeclarative<6.10.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12385 webkit-gtk<2.50.3 multiple-vulnerabilities https://webkitgtk.org/security/WSA-2025-0009.html SOGo<5.12.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-63499 ansible<12.2.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-14010 apache<2.4.66 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-55753 apache<2.4.66 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-58098 apache<2.4.66 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-59775 apache<2.4.66 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-65082 apache<2.4.66 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-66200 cpp-httplib<0.27.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-66570 cpp-httplib<0.27.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-66577 php{56,74,81,82,83,84}-nextcloud<31.0.10 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-59788 php{56,74,81,82,83,84}-nextcloud>=32<32.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-59788 php{56,74,81,82,83,84}-nextcloud<31.0.10 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-66510 php{56,74,81,82,83,84}-nextcloud>=32<32.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-66510 php{56,74,81,82,83,84}-nextcloud<31.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-66512 php{56,74,81,82,83,84}-nextcloud>=32<32.0.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-66512 php{56,74,81,82,83,84}-nextcloud<31.0.1 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-66547 php{56,74,81,82,83,84}-nextcloud<31.0.1 insufficient-logging https://nvd.nist.gov/vuln/detail/CVE-2025-66552 php{56,74,81,82,83,84}-nextcloud>=32<32.0.1 insufficient-logging https://nvd.nist.gov/vuln/detail/CVE-2025-66552 py{27,39,310,311,312,313,314}-urllib3<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66418 py{27,39,310,311,312,313,314}-urllib3<2.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66471 libcares<1.34.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62408 mongodb<7.0.26 improper-locking https://nvd.nist.gov/vuln/detail/CVE-2025-14345 p5-Plack-Middleware-Session<0.17 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2013-10031 powerdns-recursor>=5.3<5.3.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59029 powerdns-recursor<5.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59030 thunderbird<145 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-90/ thunderbird140<140.5 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-91/ firefox<146 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/ firefox115<115.31 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-93/ firefox140<140.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-94/ ImageMagick<7.1.2.10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-66628 freeimage-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-65803 glib2<2.86.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14087 glib2<2.86.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14512 jenkins<2.540 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67635 jenkins<2.540 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67636 jenkins<2.540 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67637 jenkins<2.540 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67638 jenkins<2.540 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-67639 libsoup-[0-9]* http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-14523 miniflux<2.2.15 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-67713 php{56,74,81,82,83,84}-phppgadmin<9.11 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-13780 py{27,39,310,311,312,313,314}-tornado<6.5.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67724 py{27,39,310,311,312,313,314}-tornado<6.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67725 py{27,39,310,311,312,313,314}-tornado<6.5.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67726 webmin<2.600 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-67738 wolfssl<5.8.4 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-13912 chromium<143.0.7499.110 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-14372 exim<4.99.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-67896 php{56,74,81,82,83,84}-nextcloud<31.0.9.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-64011 py{27,39,310,311,312,313,314}-django-allauth<65.13.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-65430 py{27,39,310,311,312,313,314}-django-allauth<65.13.0 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-65431 elasticsearch<8.19.7 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-37731 libreoffice>=25.2<25.2.4 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-14714 openrsync-[0-9]* remote-denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67901 uriparser<1.0.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67899 ImageMagick<7.1.1.14 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-68469 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59529 binaryen<126 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14956 binaryen<126 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-14957 capstone-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-67873 capstone-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-68114 chromium<143.0.7499.147 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-14765 chromium<143.0.7499.147 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-14766 elasticsearch<8.19.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68384 elasticsearch<8.19.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68390 ffmpeg8<8.0.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-63757 freerdp2<3.20.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-68118 mongodb<7.0.28 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-14847 php{56,74,81,82,83,84}-glpi-[0-9]* username-enumeration https://nvd.nist.gov/vuln/detail/CVE-2023-53943 php{56,74,81,82,83,84}-glpi<10.0.21 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-59935 php{56,74,81,82,83,84}-glpi<10.0.21 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-64520 php{56,74,81,82,83,84}-avideo<20.1 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-34433 php{56,74,81,82,83,84}-dotclear-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-53952 py{27,39,310,311,312,313,314}-biopython-[0-9]* xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2025-68463 py{27,39,310,311,312,313,314}-filelock<3.20.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-68146 php{56,74,81,82,83,84}-roundcube<1.6.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-68460 php{56,74,81,82,83,84}-roundcube<1.6.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-68461 ruby{32,33,34}-aws-sdk-s3<1.208.0 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2025-14762 thunderbird<146 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-95/ thunderbird140<140.6 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-96/ firefox<146.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-98/ direwolf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-34457 direwolf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-34458 fluidsynth<2.5.2 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-68617 gimp<3.2.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14422 gimp<3.2.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14423 gimp<3.2.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-14424 gimp<3.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14425 mariadb-client<10.6.24 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-13699 mariadb-client>=10.11<10.11.15 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-13699 mariadb-client>=11.4<11.4.9 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-13699 mariadb-client>=11.8<11.8.4 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-13699 net-snmp<5.9.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68615 netcdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14932 netcdf-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14933 netcdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14934 netcdf-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14935 netcdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14936 openexr<3.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-12495 openexr<3.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-12839 openexr<3.4.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-12840 ruby{32,33,34}-httparty-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-68696 barcode-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-25153 barcode-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-25154 kermit-[0-9]* arbitrary-file-read https://nvd.nist.gov/vuln/detail/CVE-2025-68920 gitea<1.25.2 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-68938 gitea<1.23.0 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-68939 gitea<1.22.5 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-68940 gitea<1.22.3 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-68941 gitea<1.22.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-68942 gitea<1.21.8 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-68943 gitea<1.22.2 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-68944 gitea<1.21.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-68945 gitea<1.20.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-68946 py{27,39,310,311,312,313,314}-httpbin-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-15095 php81<8.1.34 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-14177 php82<8.2.30 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-14177 php83<8.3.29 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-14177 php84<8.4.16 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-14177 php81<8.1.34 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14178 php82<8.2.30 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14178 php83<8.3.29 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14178 php84<8.4.16 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14178 php81<8.1.34 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-14180 php82<8.2.30 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-14180 php83<8.3.29 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-14180 php84<8.4.16 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-14180 gnupg2-[0-9]* ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-68972 gnupg2<2.4.9 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-68973 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66861 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66862 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66863 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66864 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66865 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66866 coturn>=4.6.3<4.8.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2025-69217 libheif<1.221.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-68431 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-66869 ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-66877 ImageMagick<7.1.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68618 ImageMagick<7.1.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68950 ImageMagick<7.1.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69204 fontforge-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-15269 fontforge-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-15270 fontforge-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-15271 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15272 fontforge-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15273 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15274 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15275 fontforge-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-15276 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15277 fontforge-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15278 fontforge-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15279 fontforge-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-15280 libpcap<1.10.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-11961 libsodium<1.0.21 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-69277 matio-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-50343 php{56,74,81,82,83,84}-composer<2.2.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67746 py{27,39,310,311,312,313,314}-cbor2<5.8.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-68131 ruby{32,33,34}-uri<1.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61594 sox-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2022-50798 lua51-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages lua52-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages lua53-[0-9]* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages cpp-httplib<0.30.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-21428 gitea<1.25.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-69413 gpsd<3.27.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-67268 gpsd<3.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67269 libtpms<0.10.2 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2026-21444 messagelib<25.11.90 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-69412 wabt-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-15411 wabt-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-15412 h2o-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2023-41337 h2o-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-50247 h2o-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2024-25622 h2o-[0-9]* improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2024-45397 h2o-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45403 haproxy<2.8.2 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2023-45539 haproxy<2.9.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-45506 haproxy<2.9.11 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-49214 haproxy<2.9.10 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2024-53008 haproxy<3.0.10 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-32464 harfbuzz<10.2.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-56732 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18232 hdf5-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18494 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29157 hdf5<1.14.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29158 hdf5<1.14.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29159 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29160 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29161 hdf5<1.14.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29162 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29163 hdf5<1.14.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29164 hdf5<1.14.4 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29165 hdf5<1.14.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-29166 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32605 hdf5<1.14.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-32606 hdf5<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-32607 hdf5<1.14.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-32608 hdf5<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-32609 hdf5<1.14.4 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2024-32610 hdf5<1.14.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-32611 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32612 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32613 hdf5<1.14.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-32614 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32615 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32616 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32617 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32618 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32619 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32620 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32621 hdf5<1.14.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-32622 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32623 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32624 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-33873 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-33874 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-33875 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-33876 hdf5<1.14.4 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-33877 hdf5<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2153 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2308 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2309 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2310 hdf5<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2912 hdf5<2.0.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-2913 hdf5<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2914 hdf5<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2915 hdf5<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2923 hdf5<2.0.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-2924 hdf5<2.0.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-2925 hdf5<2.0.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-2926 heimdal<7.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3116 hledger<1.23 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-46888 htmldoc<1.9.19 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2024-45508 htmldoc<1.9.19 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-46478 htop<3.4.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2024-37676 hugin<2023.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-25442 hugin<2023.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2024-25443 hugin<2023.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25445 hugin<2023.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-25446 hugo<0.125.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-32875 hugo<0.139.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-55601 hwloc<2.9.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47022 hyperscan<5.4.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-28711 py{27,310,311,312,313,314}-aiohttp<3.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69223 py{27,310,311,312,313,314}-aiohttp<3.13.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-69224 py{27,310,311,312,313,314}-aiohttp<3.13.3 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-69225 py{27,310,311,312,313,314}-aiohttp<3.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69227 py{27,310,311,312,313,314}-aiohttp<3.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69228 py{27,310,311,312,313,314}-aiohttp<3.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69229 py{27,310,311,312,313,314}-aiohttp<3.13.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69230 icinga2<2.14.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2024-49369 icingaweb2<2.12.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-27404 icingaweb2<2.12.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-27405 icingaweb2<2.12.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-27609 icingaweb2<2.12.3 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-30164 imapsync<2.264 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-34204 imlib2<1.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-25447 imlib2<1.10.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-25448 imlib2<1.10.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-25450 inetutils<2.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-40303 influxdb<2.8.0 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2024-30896 iniparser<4.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-33461 iniparser<4.2.6 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-0633 iperf3<3.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-7250 iperf3<3.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38403 iperf3<3.17 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2024-26306 iperf3<3.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-53580 php-8.1<8.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php81-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages chromium<143.0.7499.192 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0628 libtasn1<4.21.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-13151 lmdb-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-22185 py{27,310,311,312,313,314}-urllib3<2.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21441 # curl not built with ngtcp2 #curl>=8.8.0<8.18.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13034 curl<8.18.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-14017 curl<8.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-14524 curl<8.18.0 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-14819 curl<8.18.0 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-15079 curl<8.18.0 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-15224 fluidsynth<2.4.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-56225 harfbuzz<12.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-22693 libsoup-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-0719 miniflux<2.2.16 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-21885 py{27,310,311,312,313,314}-authlib<1.6.6 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-68158 py{27,310,311,312,313,314}-filelock<3.20.3 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2026-22701 py{27,310,311,312,313,314}-pdf<6.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-22690 py{27,310,311,312,313,314}-pdf<6.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-22691 py{27,310,311,312,313,314}-virtualenv<20.36.1 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2026-22702 py{27,310,311,312,313,314}-werkzeug<3.1.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-21860 wget2<2.2.1 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-69194 wget2<2.2.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-69195 py{27,310,311,312,313,314}-aiohttp<3.13.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-69226 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68276 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68468 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-68471 cpp-httplib<0.30.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-22776 freeimage-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-70968 freerdp2<3.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-22851 freerdp2<3.20.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-22852 freerdp2<3.20.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-22853 freerdp2<3.20.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-22854 freerdp2<3.20.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-22855 freerdp2<3.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-22856 freerdp2<3.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-22857 freerdp2<3.20.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-22858 freerdp2<3.20.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-22859 php{56,74,81,82,83,84}-glpi<10.0.21 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-64516 php{56,74,81,82,83,84}-glpi>=11.0.0<11.0.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-66417 gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-70298 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70299 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70302 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70303 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70304 gpac-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-70305 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70307 gpac-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-70308 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70309 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70310 gradle<9.3.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-22816 gradle<9.3.0 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-22865 libsndfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-56226 libsoup-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-0716 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0989 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0990 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0992 metabase<56.3 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-22805 mit-krb5<1.22 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-24528 opencolorio<2.5.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-15506 png<1.6.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-22695 png<1.6.54 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-22801 py{27,310,311,312,313,314}-asn1<0.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-23490 raylib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15533 raylib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15534 rt4<4.4.9 csv-injection https://nvd.nist.gov/vuln/detail/CVE-2025-61873 rt5<5.0.9 csv-injection https://nvd.nist.gov/vuln/detail/CVE-2025-61873 slurm-wlm<224.11.5 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-43904 php{56,74,81,82,83,84}-typo3<13.4.23 incorrect-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-59020 php{56,74,81,82,83,84}-typo3<13.4.23 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-59021 php{56,74,81,82,83,84}-typo3<13.4.23 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-59022 php{56,74,81,82,83,84}-typo3<13.4.23 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0859 vlc<3.0.22 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-51602 #vsftpd-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14242 # specific to Red Hat wireshark<4.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-0959 wireshark<4.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0960 wireshark<4.6.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-0961 wireshark<4.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0962 firefox<147 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/ firefox115<115.32 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-02/ firefox140<140.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/ thunderbird<147 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-04/ thunderbird140<140.7 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/ opencc-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-15536 assimp-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-15538 ImageMagick<7.1.2.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-22770 ImageMagick<7.1.2.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-23874 ImageMagick<7.1.2.13 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23876 ImageMagick6<6.9.13.38 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23876 chromium<144.0.7559.59 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-0899 chromium<144.0.7559.59 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-0900 chromium<144.0.7559.59 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-0902 chromium<144.0.7559.59 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-0904 chromium<144.0.7559.59 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-0905 chromium<144.0.7559.59 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-0907 chromium<144.0.7559.59 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-0908 freerdp2<3.21.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23530 freerdp2<3.21.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23531 freerdp2<3.21.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23532 freerdp2<3.21.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23533 freerdp2<3.21.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23534 freerdp2<3.21.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23732 freerdp2<3.21.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-23883 freerdp2<3.21.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-23884 inetutils<2.7nb1 remote-authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-24061 nodejs20<20.20.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-55130 nodejs22<22.22.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-55130 nodejs24<24.13.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-55130 nodejs<25.3.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-55130 nodejs20<20.20.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-55131 nodejs22<22.22.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-55131 nodejs24<24.13.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-55131 nodejs<25.3.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-55131 nodejs20<20.20.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-55132 nodejs22<22.22.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-55132 nodejs24<24.13.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-55132 nodejs<25.3.0 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-55132 nodejs24<24.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59464 nodejs20<20.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59465 nodejs22<22.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59465 nodejs24<24.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59465 nodejs<25.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59465 nodejs20<20.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59466 nodejs22<22.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59466 nodejs24<24.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59466 nodejs<25.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59466 nodejs<25.3.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-21636 nodejs20<20.20.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21637 nodejs22<22.22.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21637 nodejs24<24.13.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21637 nodejs<25.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21637 py{27,310,311,312,313,314}-jaraco.context<6.1.0 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-23949 py{27,310,311,312,313,314}-ply-[0-9]* code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-56005 py{27,310,311,312,313,314}-weasyprint<68.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2025-68616 python310-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 python311-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 python312-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 python313<3.13.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 python314<3.14.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 python310-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 python311-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 python312-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 python313<3.13.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 python314<3.14.3 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 python310-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15366 python311-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15366 python312-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15366 python313-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15366 python314-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15366 python310-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15367 python311-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15367 python312-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15367 python313-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15367 python314-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-15367 python310-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 python311-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 python312-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 python313<3.13.12 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 python314<3.14.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 python310-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 python311-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 python312-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 python313<3.13.12 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 python314<3.14.3 http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 mysql-server<8.0.45 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL openjdk11<11.0.30 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2026.html#AppendixJAVA openjdk17<17.0.18 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2026.html#AppendixJAVA openjdk21<21.0.10 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujan2026.html#AppendixJAVA bind<9.18.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13878 glib2<2.87.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0988 moodle-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2021-47857 php{56,74,81,82,83,84}-phppgadmin-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2021-47853 proftpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-47865 python310-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12781 python311-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12781 python312-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12781 python313-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12781 python314-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-12781 ImageMagick<7.1.2.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-23952 ImageMagick6<6.9.13.38 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-23952 py{27,310,311,312,313,314}-test-[0-9]* insecure-temporary-files https://nvd.nist.gov/vuln/detail/CVE-2025-71176 py{27,310,311,312,313,314}-wheel<0.46.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-24049 7-zip<25.00 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-11002 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24401 docopt.cpp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67125 epiphany<48.1 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-3839 expat<2.7.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-24515 gimp-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15059 gitea<1.25.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-0798 gitea<1.25.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-20736 gitea<1.25.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-20750 gitea<1.25.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-20800 gitea<1.25.4 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-20883 gitea<1.25.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-20888 gitea<1.25.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-20897 gitea<1.25.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-20904 gitea<1.25.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-20912 moodle<5.0.4 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-67847 nodejs20-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0775 nodejs22-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0775 nodejs24-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0775 nodejs-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0775 py{27,310,311,312,313,314}-orjson-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67221 py{27,310,311,312,313,314}-protobuf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0994 python310-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 python311-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 python312-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 python313<3.13.12 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 python314<3.14.3 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 sentencepiece<0.2.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-1260 gnutls<3.8.11 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-9820 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-1415 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-1416 gpac-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-1417 gpac-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-1418 hiawatha<11.8 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-57783 hiawatha<11.8 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-57784 hiawatha<11.8 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-57785 py{27,310,311,312,313,314}-gi-docgen<2025.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-11687 py{27,310,311,312,313,314}-python-multipart<0.0.22 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-24486 #qgis-[0-9]* improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-24480 # CI/CD vulnerability alsa-lib>=1.2.2<1.2.15.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-25068 cacti<1.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-45160 chromium<144.0.7559.110 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-1504 codeblocks-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-37038 codeblocks-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-37040 expat<2.7.4 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25210 furnace<0.6.8.3 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-24800 glib2<2.86.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-1484 glib2<2.86.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-1485 glib2<2.86.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-1489 gnome-font-viewer-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-37011 gnupg2>=2.5.13<2.5.17 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-24881 #gnupg2<2.5.17 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-24882 # security/gnupg2 does not build tpm2daemon gnupg2>=2.5.3<2.5.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24883 go124<1.24.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61726 go125<1.25.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61726 go124<1.24.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61728 go125<1.25.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61728 go124<1.24.12 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61730 go125<1.25.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61730 go124<1.24.12 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-61731 go125<1.25.6 arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2025-61731 go125<1.25.6 code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-68119 grafana<12.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21720 grafana<12.3.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2026-21721 icingaweb2-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-50942 libsoup-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2026-1467 libsoup-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2026-1536 libsoup-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-1539 libsoup-[0-9]* http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-1760 libsoup-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-1761 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1757 mongo-c-driver<2.1.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14911 monit-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-36968 monit-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2020-36969 openssl<3.6.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-11187 openssl<3.6.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-15467 openssl<3.6.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-15468 openssl<3.6.1 improper-validation-of-certificate https://nvd.nist.gov/vuln/detail/CVE-2025-15469 openssl<3.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-66199 openssl<3.6.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-68160 openssl<3.6.1 weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2025-69418 openssl<3.6.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-69419 openssl<3.6.1 improper-validation-of-certificate https://nvd.nist.gov/vuln/detail/CVE-2025-69420 openssl<3.6.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-69421 openssl<3.6.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2026-22795 openssl<3.6.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2026-22796 #only unrelased versions #openvpn>=2.7alpha_1<2.7rc5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-15497 png<1.6.47 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-28162 png<1.6.47 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-28164 py{27,310,311,312,313,314}-octoprint<1.11.6 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2026-23892 py{27,310,311,312,313,314}-pdf<6.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24688 py{27,310,311,312,313,314}-pip<26.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-1703 py{27,310,311,312,313,314}-torch<2.10.0 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-24747 rawtherapee<5.12 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-24808 ruby{32,33,34}-activestorage61-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24293 ruby{32,33,34}-activestorage70-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24293 ruby{32,33,34}-activestorage71<7.1.5.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24293 ruby{32,33,34}-activestorage72<7.2.2.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24293 ruby{32,33,34}-activestorage80<8.0.2.1 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-24293 salt<3007.9 code-injection https://nvd.nist.gov/vuln/detail/CVE-2025-62348 salt<3007.9 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2025-62349 tcpflow<1.6.2 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-25061 xenkernel418<20260317 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2025-58150 xenkernel420<20260317 buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2025-58150 xenkernel418<20260317 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-23553 xenkernel420<20260317 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-23553 mediawiki<1.43.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-11173 mediawiki<1.43.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-11261 mediawiki<1.43.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-61634 mediawiki<1.43.6 brute-force https://nvd.nist.gov/vuln/detail/CVE-2025-61635 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61636 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61637 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61638 mediawiki<1.43.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61639 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61640 mediawiki<1.43.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61641 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61642 mediawiki<1.43.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61643 mediawiki-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61644 mediawiki<1.44.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61645 mediawiki<1.43.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-61646 mediawiki<1.44.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61648 mediawiki<1.43.4 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-61652 mediawiki<1.43.4 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-61653 mediawiki<1.43.4 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2025-61654 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61655 mediawiki<1.43.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-61657 mediawiki<1.43.6 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-6589 mediawiki<1.43.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-6590 mediawiki<1.43.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-6591 mediawiki<1.43.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-6592 mediawiki<1.43.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6593 mediawiki<1.43.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-6594 mediawiki<1.43.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-6595 mediawiki<1.43.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-6596 mediawiki<1.43.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-6597 mediawiki<1.43.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67475 mediawiki<1.44.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67476 mediawiki<1.44.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67477 mediawiki<1.43.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-67478 mediawiki<1.43.4 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-67479 mediawiki<1.43.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-67480 mediawiki<1.43.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67481 mediawiki<1.43.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67482 mediawiki<1.43.6 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67483 mediawiki<1.43.6 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-67484 mediawiki<1.43.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-6927 asterisk<20.18.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-23738 asterisk>=21<21.12.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-23738 asterisk>=22<22.8.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-23738 asterisk>=23<23.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-23738 asterisk<20.18.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2026-23739 asterisk>=21<21.12.1 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2026-23739 asterisk>=22<22.8.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2026-23739 asterisk>=23<23.2.2 xml-external-entity https://nvd.nist.gov/vuln/detail/CVE-2026-23739 asterisk<20.18.2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2026-23740 asterisk>=21<21.12.1 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2026-23740 asterisk>=22<22.8.2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2026-23740 asterisk>=23<23.2.2 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2026-23740 asterisk<20.18.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2026-23741 asterisk>=21<21.12.1 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2026-23741 asterisk>=22<22.8.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2026-23741 asterisk>=23<23.2.2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2026-23741 calibre<9.2.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-25635 calibre<9.2.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-25636 calibre<9.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-25731 chromium<144.0.7559.132 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-1861 chromium<144.0.7559.132 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-1862 codeblocks-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-37121 dnsmasq<2.80 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-37127 php{56,74,81,82,83,84}-glpi<10.0.23 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-22044 php{56,74,81,82,83,84}-glpi>=11<11.0.5 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-22247 php{56,74,81,82,83,84}-glpi<10.0.23 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2026-23624 gnupg2<2.5.17 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-24882 go123<1.23.9 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-22873 go124<1.24.3 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-22873 go124<1.24.13 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-61732 go125<1.25.7 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-61732 go124<1.24.13 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-68121 go125<1.25.7 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-68121 libsoup-[0-9]* http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-1801 magento<20.16.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-25523 micropython<1.28.0 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-1998 moodle<5.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67848 moodle<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67849 moodle<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67850 moodle<5.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-67851 moodle<5.0.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-67852 moodle<5.0.4 brute-force https://nvd.nist.gov/vuln/detail/CVE-2025-67853 moodle<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67855 moodle<5.0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-67856 moodle<5.0.4 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67857 mupdf<1.27.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2026-25556 php{56,74,81,82,83,84}-phppgadmin<9.122 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1707 py{27,310,311,312,313,314}-django<4.2.28 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2025-13473 py{27,310,311,312,313,314}-django>=5<5.2.11 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2025-13473 py{27,310,311,312,313,314}-django<4.2.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-14550 py{27,310,311,312,313,314}-django>=5<5.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-14550 py{27,310,311,312,313,314}-django<4.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1207 py{27,310,311,312,313,314}-django>=5<5.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1207 py{27,310,311,312,313,314}-django<4.2.28 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1285 py{27,310,311,312,313,314}-django>=5<5.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1285 py{27,310,311,312,313,314}-django<4.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1287 py{27,310,311,312,313,314}-django>=5<5.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1287 py{27,310,311,312,313,314}-django<4.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1312 py{27,310,311,312,313,314}-django>=5<5.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1312 py{27,310,311,312,313,314}-wagtail<7.2.2 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-25517 vim<9.1.2132 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25749 firefox<147.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-06/ thunderbird<147.0.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-07/ firefox140<140.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-08/ freerdp2<3.22.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-23948 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24491 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24675 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24676 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24677 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24678 freerdp2<3.22.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-24679 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24680 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24681 freerdp2<3.22.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-24682 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24683 freerdp2<3.22.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-24684 gnutls<3.8.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-14831 janet-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2240 janet-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2241 janet-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2242 lrzip-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-15570 lrzip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-15571 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1847 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1848 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1849 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1850 mongodb<7.0.29 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-25609 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25610 mongodb<7.0.29 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2026-25611 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25612 mongodb<7.0.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25613 munge<0.5.18 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-25506 mupdf<1.26.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15569 png<1.6.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25646 powerdns-recursor<5.3.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-59023 powerdns-recursor<5.3.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-59024 powerdns-recursor<5.3.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-0398 powerdns-recursor<5.3.5 traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2026-24027 py{27,310,311,312,313,314}-cryptography<46.0.5 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-26007 php{56,74,81,82,83,84}-roundcube<1.6.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-25916 php{56,74,81,82,83,84}-roundcube<1.6.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-26079 ruby{32,33,34}-faraday<2.14.1 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-25765 tcpreplay<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-54192 libvpx<1.16.0nb1 heap-overflow https://nvd.nist.gov/vuln/detail/cve-2026-2447 ruby[234][0-9]-rails70-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby[34][0-4]-rails71-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<7.1.2.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-24481 ImageMagick6<6.9.13.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-24481 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24484 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24484 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24485 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-24485 ImageMagick<7.1.2.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25576 ImageMagick6<6.9.13.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25576 ImageMagick<7.1.2.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25637 ImageMagick<7.1.2.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25638 ImageMagick6<6.9.13.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25638 ImageMagick<7.1.2.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25794 ImageMagick<7.1.2.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-25795 ImageMagick6<6.9.13.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-25795 ImageMagick<7.1.2.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25796 ImageMagick6<6.9.13.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25796 ImageMagick<7.1.2.15 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-25797 ImageMagick6<6.9.13.40 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-25797 ImageMagick<7.1.2.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-25798 ImageMagick6<6.9.13.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-25798 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25799 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25799 ImageMagick<7.1.2.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25897 ImageMagick6<6.9.13.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25897 ImageMagick<7.1.2.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25898 ImageMagick6<6.9.13.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25898 ImageMagick<7.1.2.15 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-25965 ImageMagick6<6.9.13.40 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-25965 ImageMagick<7.1.2.15 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-25966 ImageMagick6<6.9.13.40 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-25966 ImageMagick<7.1.2.15 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25967 ImageMagick<7.1.2.15 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25968 ImageMagick6<6.9.13.40 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25968 ImageMagick<7.1.2.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25969 ImageMagick<7.1.2.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25970 ImageMagick6<6.9.13.40 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25970 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25971 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25971 ImageMagick<7.1.2.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25982 ImageMagick6<6.9.13.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25982 ImageMagick<7.1.2.15 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25983 ImageMagick6<6.9.13.40 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25983 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25985 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25985 ImageMagick<7.1.2.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25986 ImageMagick6<6.9.13.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25986 ImageMagick<7.1.2.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25987 ImageMagick6<6.9.13.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25987 ImageMagick<7.1.2.15 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25988 ImageMagick6<6.9.13.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2026-25988 ImageMagick<7.1.2.15 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25989 ImageMagick6<6.9.13.40 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-25989 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26066 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26066 ImageMagick<7.1.2.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26283 ImageMagick6<6.9.13.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26283 ImageMagick<7.1.2.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-26284 ImageMagick6<6.9.13.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-26284 ImageMagick<7.1.2.15 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-26983 ImageMagick6<6.9.13.40 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-26983 KeePass<2.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-37178 SOGo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-3054 admesh-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2653 apache-tomcat<9.0.113 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-66614 apache-tomcat>=10<10.1.50 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-66614 apache-tomcat>=11<11.0.15 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-66614 apache-tomcat<9.0.113 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24733 apache-tomcat>=10<10.1.50 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24733 apache-tomcat>=11<11.0.15 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24733 apache-tomcat<9.0.115 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24734 apache-tomcat>=10<10.1.52 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24734 apache-tomcat>=11<11.0.18 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24734 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27585 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27586 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27587 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27588 caddy<2.11.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-27589 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27590 calibre<9.3.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-26064 calibre<9.3.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-26065 chromium<145.0.7632.45 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2313 chromium<145.0.7632.45 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2314 chromium<145.0.7632.45 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2026-2315 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2316 chromium<145.0.7632.45 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-2317 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2318 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2319 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2320 chromium<145.0.7632.45 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2321 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2322 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2323 chromium<145.0.7632.75 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-2441 chromium<145.0.7632.109 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2648 chromium<145.0.7632.109 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2649 chromium<145.0.7632.109 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2650 chromium<145.0.7632.116 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3061 chromium<145.0.7632.116 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3062 chromium<145.0.7632.116 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-3063 clamav-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-37167 coturn<4.9.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-27624 curl<8.18.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2025-11563 dropbear>=2024.84<2025.88 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-14282 erlang<27.3.4.8 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-21620 ffmpeg7<7.1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10256 ffmpeg8<8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10256 ffmpeg7<7.1.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-12343 ffmpeg8<8.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-12343 gimp<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-0797 gimp<3.0.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2044 gimp<3.0.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2045 gimp<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2047 gimp<3.0.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2048 grafana<12.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-41117 grafana<12.2.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-21722 gsoap-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-25355 hdf5<1.14.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-26200 janet<1.41.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2869 jenkins<2.551 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-27099 jenkins<2.551 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-27100 libde265-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61147 libjxl<0.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12474 libjxl<0.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1837 libsixel<1.8.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-61146 libsoup<3.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2443 libvips-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2913 libvips-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-3145 libvips-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-3146 libvips-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3147 metabase<0.58.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-27464 minisat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-2644 moodle<5.0.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-26045 moodle<5.0.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-26046 moodle<5.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26047 nats-server<2.12.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27571 openbabel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2704 openbabel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2705 openexr<3.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-26981 p5-Crypt-URandom<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2474 p5-Image-ExifTool<13.50 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-3102 php{56,74,81,82,83,84}-owncloud-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25337 php{56,74,81,82,83,84}-piwigo<15.0.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2024-48928 php{56,74,81,82,83,84}-piwigo-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62512 postgresql-server<14.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=16<16.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=17<17.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=18<18.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server<14.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=16<16.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=17<17.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=18<18.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server<14.21 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=15<15.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=16<16.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=17<17.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=17<17.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=18<18.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server<14.21 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=15<15.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=16<16.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=17<17.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=18<18.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=18<18.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2007 py{27,310,311,312,313,314}-Pillow<12.1.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-25990 py{27,310,311,312,313,314}-flask<3.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-27205 py{27,310,311,312,313,314}-nltk<3.9.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-14009 py{27,310,311,312,313,314}-pdf<6.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27024 py{27,310,311,312,313,314}-pdf<6.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27025 py{27,310,311,312,313,314}-pdf<6.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27026 py{27,310,311,312,313,314}-pdf<6.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27628 py{27,310,311,312,313,314}-werkzeug<3.1.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27199 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-14876 qemu<10.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8860 qemu-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-0665 qemu-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2243 re2c-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-2903 ruby{32,33,34,40}-rack2<2.2.22 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-22860 ruby{32,33,34,40}-rack<3.2.5 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-22860 ruby{32,33,34,40}-rack2<2.2.22 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-25500 ruby{32,33,34,40}-rack<3.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-25500 tiff<4.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61143 tiff<4.7.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-61144 tiff<4.7.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-61145 vaultwarden<1.35.3 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-26012 vim<9.1.2148 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-26269 yt-dlp<2026.02.21 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-26331 zlib<1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27171 zoneminder-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-65791 zoneminder<1.38.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-27470 firefox<147.0.4 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-10/ firefox140<140.7.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-10/ firefox115<115.32.1 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-10/ thunderbird<147.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-11/ firefox<148.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/ firefox115<115.33 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-14/ firefox140<140.8 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-15/ thunderbird<148.0 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-16/ ImageMagick<7.1.2.15 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-27798 ImageMagick6<6.9.13.40 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-27798 ImageMagick<7.1.2.15 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-27799 ImageMagick6<6.9.13.40 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-27799 calibre<9.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-27810 calibre<9.4.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-27824 exiv2<0.28.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25884 exiv2<0.28.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-27596 exiv2<0.28.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27631 freerdp2<2.11.8 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25941 freerdp2<3.23.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-25942 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25952 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25953 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25954 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25955 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25959 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-25997 freerdp2<3.23.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-26271 freerdp2<3.23.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-26955 freerdp2<3.23.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-26965 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-26986 freerdp2<3.23.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27015 freerdp2<3.23.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-27950 freerdp2<3.23.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-27951 freetype2<2.14.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-23865 gpac<26.02.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-27821 grafana<12.4.1 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-21725 gvfs<1.56.2 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-28295 gvfs<1.56.2 crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2026-28296 inetutils<2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2026-28372 libvips-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3281 libvips-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3282 libvips-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3283 libvips-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3284 ocaml<4.14.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28364 openbabel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-3408 p5-Net-CIDR<0.24 input-validation https://nvd.nist.gov/vuln/detail/CVE-2021-4456 py{27,310,311,312,313,314}-pdf<6.7.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27888 py{27,310,311,312,313,314}-pdf<6.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-28351 py{27,310,311,312,313,314}-pillow_heif<1.3.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28231 py{27,310,311,312,313,314}-uv<0.9.6 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-13327 rebar3<3.27.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-21619 vim<9.2.0073 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-28417 vim<9.2.0074 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28418 vim<9.2.0075 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28419 vim<9.2.0076 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28420 vim<9.2.0077 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28421 vim<9.2.0078 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28422 wireshark<4.6.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-3201 wireshark<4.6.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-3202 wireshark<4.6.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3203 ImageMagick<7.1.2.16 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28493 ImageMagick<7.1.2.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28494 ImageMagick6<6.9.13.41 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28494 ImageMagick<7.1.2.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28686 ImageMagick6<6.9.13.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28686 ImageMagick<7.1.2.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-28687 ImageMagick6<6.9.13.41 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-28687 ImageMagick<7.1.2.16 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-28688 ImageMagick6<6.9.13.41 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-28688 ImageMagick<7.1.2.16 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2026-28689 ImageMagick6<6.9.13.41 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2026-28689 ImageMagick<7.1.2.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28690 ImageMagick6<6.9.13.41 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-28690 ImageMagick<7.1.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-28691 ImageMagick6<6.9.13.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-28691 ImageMagick<7.1.2.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28692 ImageMagick6<6.9.13.41 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28692 ImageMagick<7.1.2.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28693 ImageMagick6<6.9.13.41 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-28693 ImageMagick<7.1.2.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30883 ImageMagick6<6.9.13.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30883 ImageMagick<7.1.2.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30931 ImageMagick<7.1.2.16 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-30935 ImageMagick<7.1.2.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30936 ImageMagick6<6.9.13.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30936 ImageMagick<7.1.2.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30937 ImageMagick6<6.9.13.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-30937 ImageMagick<7.1.2.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31853 ImageMagick6<6.9.13.41 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31853 ImageMagick<7.1.2.16 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-32259 ImageMagick6<6.9.13.41 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-32259 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69644 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69645 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69646 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69647 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69648 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69649 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69650 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69651 binutils<2.46 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69652 caddy<2.11.2 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2026-30851 caddy<2.11.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-30852 calibre<9.5.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-30853 capnproto<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-32239 capnproto<1.4.0 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-32240 chromium<145.0.7632.159 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3536 chromium<145.0.7632.159 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3538 chromium<145.0.7632.159 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-3539 chromium<145.0.7632.159 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3540 chromium<145.0.7632.159 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3541 chromium<145.0.7632.159 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3542 chromium<145.0.7632.159 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3543 chromium<145.0.7632.159 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3544 chromium<145.0.7632.159 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2026-3545 chromium<146.0.7680.75 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3909 chromium<146.0.7680.75 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-3910 chromium<146.0.7680.71 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3913 chromium<146.0.7680.71 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3914 chromium<146.0.7680.71 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3915 chromium<146.0.7680.71 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3916 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3917 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3918 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3919 chromium<146.0.7680.71 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3920 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3921 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3922 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3923 chromium<146.0.7680.71 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3924 chromium<146.0.7680.71 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3926 chromium<146.0.7680.71 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-3927 chromium<146.0.7680.71 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-3928 chromium<146.0.7680.71 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-3929 chromium<146.0.7680.71 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3931 chromium<146.0.7680.71 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-3934 chromium<146.0.7680.71 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-3935 chromium<146.0.7680.71 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-3938 chromium<146.0.7680.71 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-3939 chromium<146.0.7680.71 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-3940 chromium<146.0.7680.71 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-3941 chromium<146.0.7680.71 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-3942 consul<1.22.5 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2026-2808 cpp-httplib<0.35.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-28434 cpp-httplib<0.35.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-28435 cpp-httplib<0.37.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-29076 cpp-httplib<0.37.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-31870 curl<8.19.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-1965 curl<8.19.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-3783 curl<8.19.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-3784 curl<8.19.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-3805 dpkg<1.23.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-2219 dropbear-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2026-3706 erlang<27.3.4.9 http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-23941 erlang<27.3.4.9 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-23942 erlang<27.3.4.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-23943 ettercap-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3606 freerdp2<3.24.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-29774 freerdp2<3.24.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-29775 freerdp2<3.24.0 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-29776 freerdp2<3.24.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31806 freerdp2<3.24.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31883 freerdp2<3.24.0 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2026-31884 freerdp2<3.24.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-31885 freerdp2<3.24.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-31897 giflib<6.1.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2026-23868 php{56,74,81,82,83,84}-glpi<11.0.5 code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-22248 go125<1.25.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-25679 go126<1.26.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-25679 go126<1.26.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27137 go126<1.26.1 denial-of-sevice https://nvd.nist.gov/vuln/detail/CVE-2026-27138 go125<1.25.8 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-27139 go126<1.26.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-27139 go125<1.25.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-27142 go126<1.26.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-27142 gpac<26.03 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4015 gpac<26.03 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-4016 inetutils-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-32746 irrd<4.4.5 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2026-28681 jetty<12.0.31 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11143 jetty<12.0.32 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1605 libarchive<3.8.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-4111 libheif-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3949 libheif-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3950 libredwg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61154 libsoup-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-3099 libssh<0.11.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3731 mold-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3994 openexr<3.4.6 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-27622 openssl<3.6.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-2673 p5-Apache-Session-Generate-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2025-40931 php{56,74,81,82,83,84}-concrete-cms<9.4.8 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-2994 php{56,74,81,82,83,84}-concrete-cms<9.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-3240 php{56,74,81,82,83,84}-concrete-cms<9.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-3241 php{56,74,81,82,83,84}-concrete-cms<9.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-3242 php{56,74,81,82,83,84}-concrete-cms<9.4.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-3244 php{56,74,81,82,83,84}-concrete-cms<9.4.8 code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-3452 #png-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3713 # pnm2png not built in pkgsrc postgresql-timescaledb<2.25.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-29089 py{27,310,311,312,313,314}-Glances<4.5.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-30928 py{27,310,311,312,313,314}-Glances<4.5.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-30930 py{27,310,311,312,313,314}-JWT<2.12.0 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2026-32597 py{27,310,311,312,313,314}-authlib<1.6.7 improper-validation-of-certificate https://nvd.nist.gov/vuln/detail/CVE-2026-28802 py{27,310,311,312,313,314}-black<26.3.1 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-32274 py{27,310,311,312,313,314}-cairosvg<2.9.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-31899 py{27,310,311,312,313,314}-django>=5<5.2.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25673 py{27,310,311,312,313,314}-django<4.2.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-25673 py{27,310,311,312,313,314}-django>=5<5.2.12 race-condition https://nvd.nist.gov/vuln/detail/CVE-2026-25674 py{27,310,311,312,313,314}-django<4.2.29 race-condition https://nvd.nist.gov/vuln/detail/CVE-2026-25674 py{27,310,311,312,313,314}-django-allauth<65.14.1 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2026-27982 py{27,310,311,312,313,314}-lxml-html-clean<0.4.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-28348 py{27,310,311,312,313,314}-lxml-html-clean<0.4.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-28350 py{27,310,311,312,313,314}-magic-wormhole<0.23.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-32116 py{27,310,311,312,313,314}-markdown<3.8.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69534 py{27,310,311,312,313,314}-multipart<1.3.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-28356 py{27,310,311,312,313,314}-nltk<3.9.3 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-0846 py{27,310,311,312,313,314}-nltk-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-0847 py{27,310,311,312,313,314}-nltk<3.9.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-0848 py{27,310,311,312,313,314}-pdf<6.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-28804 py{27,310,311,312,313,314}-pdf<6.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-31826 py{27,310,311,312,313,314}-tornado<6.5.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-31958 py{27,310,311,312,313,314}-wagtail<7.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-28222 py{27,310,311,312,313,314}-wagtail<7.2.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-28223 python310-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13462 python311-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13462 python312-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13462 python313-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13462 python314-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-13462 python310-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2026-2297 python311-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2026-2297 python312-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2026-2297 python313-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2026-2297 python314-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2026-2297 quickjs<20251212 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69653 quickjs<20251212 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-69654 rustdesk-server-[0-9]* improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-30784 rustdesk-server-[0-9]* improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2026-30790 rustdesk-server-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-30796 sqlite3<3.51.3 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-70873 vaultwarden<1.35.0 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2026-27801 vaultwarden<1.35.4 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-27802 vaultwarden<1.35.4 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-27803 vaultwarden<1.35.4 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-27898 vim<9.2.0137 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-32249 wordpress-[0-9]* improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-3906 zabbix-server-{mysql,postgresql}<6.0.41 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-23925 zookeeper<3.8.6 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24281 zookeeper<3.8.6 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-24308 firefox<148.0.2 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2026-19/ ImageMagick<7.1.2.17 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-32636 ImageMagick6<6.9.13.42 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-32636 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3441 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-3442 cpp-httplib<0.37.2 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2026-32627 expat<2.7.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-32776 expat<2.7.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-32777 expat<2.7.5 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-32778 ffmpeg8<8.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-69693 giflib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26740 php{56,74,81,82,83,84}-glpi<11.0.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-25936 php{56,74,81,82,83,84}-glpi<11.0.6 improper-authentication https://nvd.nist.gov/vuln/detail/CVE-2026-25937 gpac<26.02.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4185 gst-plugins1-ugly<1.28.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2920 gst-plugins1-base<1.28.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2921 gst-plugins1-ugly<1.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2922 gst-plugins1-bad<1.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2923 gst-plugins1-bad<1.28.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3081 gst-plugins1-bad<1.28.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3082 gst-plugins1-good<1.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3083 gst-plugins1-bad<1.28.1 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2026-3084 gst-plugins1-good<1.28.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3085 gst-plugins1-bad<1.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3086 htslib<1.21.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31962 htslib<1.21.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31963 htslib<1.21.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-31964 htslib<1.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-31965 htslib<1.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-31966 htslib<1.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-31967 htslib<1.21.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31968 htslib<1.21.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31969 htslib<1.21.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31970 htslib<1.21.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-31971 inetutils-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-32772 jenkins<2.541.3 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2026-33001 jenkins<2.426.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-33002 libarchive-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-4424 libarchive-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-4426 libexif-[0-9]* integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2026-32775 libsoup3<3.6.6 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2026-2369 libsoup-[0-9]* http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2026-3632 libsoup-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2026-3633 libsoup-[0-9]* crlf-attack https://nvd.nist.gov/vuln/detail/CVE-2026-3634 libsoup-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-4271 mongo-c-driver<2.2.3 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-4359 mongodb<7.0.31 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-4147 mongodb<7.0.31 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-4148 mongodb<7.0.31 double-free https://nvd.nist.gov/vuln/detail/CVE-2026-4358 mumble<1.6.870 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-71264 ncurses-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-69720 nghttp2<1.68.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27135 p5-XML-Parser<2.48 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2006-10002 p5-XML-Parser<2.48 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2006-10003 p5-YAML-Syck<1.37 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4177 py{27,310,311,312,313,314}-Glances<4.5.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-32596 py{27,310,311,312,313,314}-Glances<4.5.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-32608 py{27,310,311,312,313,314}-Glances<4.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-32609 py{27,310,311,312,313,314}-Glances<4.5.2 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-32610 py{27,310,311,312,313,314}-Glances<4.5.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-32611 py{27,310,311,312,313,314}-Glances<4.5.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-32632 py{27,310,311,312,313,314}-Glances<4.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-32633 py{27,310,311,312,313,314}-Glances<4.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-32634 py{27,310,311,312,313,314}-OpenSSL<26.0.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-27448 py{27,310,311,312,313,314}-OpenSSL<26.0.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-27459 py{27,310,311,312,313,314}-asn1<0.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-30922 py{27,310,311,312,313,314}-authlib<1.6.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-27962 py{27,310,311,312,313,314}-authlib<1.6.9 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2026-28490 py{27,310,311,312,313,314}-authlib<1.6.9 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-28498 py{27,310,311,312,313,314}-simpleeval<1.0.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-32640 python310-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-3479 python311-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-3479 python312-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-3479 python313-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-3479 python314-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-3479 python310-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-3644 python311-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-3644 python312-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-3644 python313-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-3644 python314-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-3644 python310-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4224 python311-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4224 python312-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4224 python313-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4224 python314-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-4224 radare2<6.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-4174 samtools<1.21.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-31972 samtools<1.21.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2026-31973 wolfssl<5.9.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-0819 wolfssl<5.9.0 integer-underflow https://nvd.nist.gov/vuln/detail/CVE-2026-1005 wolfssl<5.9.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-2645 wolfssl<5.9.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2646 wolfssl<5.9.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2026-3503 wolfssl<5.9.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3548 wolfssl<5.9.0 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2026-3579 wolfssl<5.9.0 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2026-3580 xpdf<4.0.7 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-4407 GMT-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-33147 ImageMagick<7.1.2.18 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-33535 ImageMagick6<6.9.13.43 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-33535 ImageMagick<7.1.2.18 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-33536 ImageMagick6<6.9.13.43 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-33536 SOGo<5.12.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-71276 SOGo<5.12.5 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-33550 awstats-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-63261 ruby32-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages opensmtpd<7.8.0p1 denial-of-service https://www.openbsd.org/errata78.html arti-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 asuka-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 bulletty-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 cargo-c<0.10.22 unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 cargo-licenses-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 cargo-nextest-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 cargo-outdated-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 cargo-upgrades-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 carwash-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 castor-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 chess-tui-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 crates-io-cli-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 defguard-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 eilmeldung<1.5.0 unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 endbasic-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 flawz-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 gitnr-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 iamb-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 kaput-cli-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 librespot-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 meli-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 mise<2026.4.20 unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 mktool<1.5.8 unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 moccasin-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 monolith-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 ncspot-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 nushell-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 oatbar-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 phetch-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 pijul-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 py314-cryptography-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 py314-maturin-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 routinator-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 rust-kanban-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 rustdesk-server-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 saturn-cli-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 sccache-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 seaward-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 sequoia-chameleon-gnupg-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 sequoia-sq-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 sniffnet<1.5.0 unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 so-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 spotify-player-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 spotifyd-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 suckit-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 taplo-cli-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 tealdeer-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 termscp-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 termusic-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 twitch-tui-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 typst-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 usenet_reborn-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 vaultwarden-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 wezterm-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 wiki-tui-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 wthrr-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 xh-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 yaydl-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 zola-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 @ 1.760 log @cargo-c and sniffnet fixed @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.759 2026/04/27 08:18:32 jperkin Exp $ d30327 1 a30327 1 eilmeldung-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 @ 1.759 log @pkg-vulnerabilities: Limit mktool pattern. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.758 2026/04/27 07:10:38 wiz Exp $ d30317 1 a30317 1 cargo-c-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 d30354 1 a30354 1 sniffnet-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 @ 1.758 log @doc: add some (possible) vulnerabilities caused by openssl<0.10.78 crate @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.757 2026/04/19 20:00:29 leot Exp $ d30336 1 a30336 1 mktool-[0-9]* unknown https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 @ 1.757 log @pkg-vulnerabilities: Dedup CVE-2026-24061 Local patch was backported by , update the original entry. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.756 2026/04/19 19:28:09 vins Exp $ d30314 59 @ 1.756 log @Add reference to CVE-2026-24061 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.755 2026/04/19 18:28:48 vins Exp $ d29436 1 a29436 1 inetutils<2.8 remote-authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-24061 a30313 1 inetutils<2.7nb1 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-24061 @ 1.755 log @pkg-vulnerabilities: add reference to OpenBSD 7.8 errata 26 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.754 2026/04/02 08:31:28 wiz Exp $ d30314 1 @ 1.754 log @doc: ruby 3.2 is EOL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.753 2026/03/29 12:21:48 leot Exp $ d30313 1 @ 1.753 log @pkg-vulnerabilities: add part of last week CVEs + GMT (fixed upstream, latest stable 6.6.0 affected), ImageMagick{,6}, SOGo, awstats (not fixed), @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.752 2026/03/19 22:05:29 leot Exp $ d30312 1 @ 1.752 log @pkg-vulnerabilities: add last days CVEs + ImageMagick{,6}, binutils (no reference to upstream, recheck if fixed once upstream bug reports /information are available), cpp-httplib, expat, ffmpeg, giflib (no upstream information, assume not fixed), glpi, gpac, gst-plugins1-{good,bad,ugly}, htslib, inetutils (no stable release with fixes), jenkins, libarchive (not fixed, possible PR under review), libexif (fixed upstream, no stable release with fix), libsoup (some not fixed), mongo-c-driver, mongodb, mumble, ncurses (under discussion, double-check later, assume valid and not fixed), nghttp2, p5-XML-Parser, p5-YAML-Syck, py-Glances, py-OpenSSL, py-asn1, py-authlib, py-simpleeval, python (no stable releases with the fix), radare2, samtools, wolfssl, xpdf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.751 2026/03/17 20:53:53 bouyer Exp $ d30304 8 @ 1.751 log @Ajust patterns for xen*418 and xen*420; all known vulnerabilities are fixed in the latest version @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.750 2026/03/17 19:35:03 bsiegert Exp $ d30208 96 @ 1.750 log @pkg-vulnerabilities: mark libssh vulns as fixed and adjust versions. We package libssh-0.11.4 as 0.114, for historical reasons, as mentioned in the package Makefile. Thus, 'libssh<0.11.2' never fires, so adjust all the 0.11.x vulnerabilities accordingly. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.749 2026/03/16 16:36:49 kim Exp $ d27214 1 a27214 1 xenkernel418-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27465 d27229 1 a27229 1 xenkernel418-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-1713 d27562 6 a27567 6 xenkernel418-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-27466 xenkernel418-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-58142 xenkernel418-[0-9]* race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-58143 xenkernel420<4.20.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-27466 xenkernel420<4.20.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-58142 xenkernel420<4.20.2 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-58143 d28774 6 a28779 6 xenkernel418-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58147 xenkernel420<4.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58147 xenkernel418-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58148 xenkernel420<4.20.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58148 xenkernel418-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58149 xenkernel420<4.20.2 authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58149 d29617 4 a29620 4 xenkernel418-[0-9]* buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2025-58150 xenkernel420-[0-9]* buffer-overrun https://nvd.nist.gov/vuln/detail/CVE-2025-58150 xenkernel418-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-23553 xenkernel420-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-23553 @ 1.749 log @CVE-2025-13836 https://github.com/python/cpython/issues/119451 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.748 2026/03/16 16:32:54 kim Exp $ d27042 1 a27042 1 libssh<0.11.2 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-5318 d27143 3 a27145 3 libssh<0.11.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-5351 libssh<0.11.2 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-5372 libssh<0.11.2 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-5987 d27236 1 a27236 1 libssh<0.11.2 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-4878 d27278 2 a27279 2 libssh<0.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-5449 libssh-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8114 d27394 1 a27394 1 libssh<0.11.2 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-4877 d27540 1 a27540 1 libssh<0.11.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8277 @ 1.748 log @CVE-2025-8194 https://github.com/python/cpython/issues/130577 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.747 2026/03/16 16:23:38 kim Exp $ d29010 1 a29010 1 python313-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 @ 1.747 log @CVE-2025-6069 https://github.com/python/cpython/issues/135462 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.746 2026/03/16 16:09:39 kim Exp $ d27258 1 a27258 1 python313-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8194 @ 1.746 log @CVE-2025-10158: Added patch for rsync @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.745 2026/03/16 16:07:33 hauke Exp $ d26462 1 a26462 1 python313-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6069 @ 1.745 log @www/hiawatha -- According to upstream, the three vulnerabilities have been fixed in v11.8 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.744 2026/03/15 17:48:16 leot Exp $ d28957 1 a28957 1 rsync-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-10158 @ 1.744 log @pkg-vulnerabilities: add latest MFSA + firefox @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.743 2026/03/15 17:39:34 leot Exp $ d29547 3 a29549 3 hiawatha-[0-9]* http-request-smuggling https://nvd.nist.gov/vuln/detail/CVE-2025-57783 hiawatha-[0-9]* timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-57784 hiawatha-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2025-57785 @ 1.743 log @pkg-vulnerabilities: add last days CVEs + ImageMagick{,6}, binutils, caddy, calibre, capnproto, chromium, consul, cpp-httplib, curl, dpkg, dropbear (not fixed, possible patch under review), erlang, ettercap (fixed upstream, latest stable release 0.8.4 affected), freerdp2, giflib, php-glpi, go, gpac, inetutils (fixed upstream, latest stable release 2.7 affected), irrd, jetty, libarchive, libheif (fixed upstream, latest stable release 1.21.2 affected), libredwg (not fixed), libsoup (not fixed), libssh, mold (not fixed), openexr, openssl, p5-Apache-Session-Generate (not fixed), php-concrete-cms, postgresql-timescaledb, py-Glances, py-JWT, py-authlib, py-black, py-cairosvg, py-django, py-lxml-html-clean, py-markdown, py-multipart, py-nltk (some fixed, other not public, unclear status), py-pdf, py-tornado, py-wagtail, python (fixed upstream, latest stable releases affected), quickjs, rustdesk-sever (assume not fixed, no information from upstream linked in the CVE), sqlite3, vaultwarden, vim, wordpress (fixed upstream, probably no stable releases with fix), zabbix-server, zookeeper @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.742 2026/03/05 16:49:34 leot Exp $ d30207 1 @ 1.742 log @pkg-vulnerabilities: CVE-2025-12745 was backported in quickjs-20250913nb1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.741 2026/03/02 22:42:24 leot Exp $ d30021 186 @ 1.741 log @pkg-vulnerabilities: add last days CVEs + ImageMagick{,6}, calibre, exiv2, freerdp2, freetype2, gpac, grafana, gvfs, inetutils, libvips (fixed upstream, latest stable release affected), ocaml, openbabel (not fixed, possible patch proposed), p5-Net-CIDR, py-pdf, py-pillow_heif, py-uv, rebar3, vim, wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.740 2026/03/02 22:13:05 leot Exp $ d28897 1 a28897 1 quickjs-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-12745 @ 1.740 log @pkg-vulnerabilities: add last MFSA + firefox*, thunderbirrd @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.739 2026/02/26 08:26:37 leot Exp $ d29970 51 @ 1.739 log @pkg-vulnerabilities: re-add last week CVEs Redo commit 1.737 properly without deleting comments. + KeePass, SOGo (no upstream and/or further details, assume not fixed), admesh (not fixed), apache-tomcat, caddy, calibre, chromium, clamav (no upstream information, assume not fixed), coturn, curl, dropbear, erlang, ffmpeg, gimp, grafana, gsoap (no upstream information, assume not fixed), hdf5, janet, jenkins, libde265 (fixed upstream, latest stable release 1.0.16 affected), libjxl, libsixel (fixed upstream, latest stable release 1.8.7 affected), libsoup, libvips (fixed upstream, latest stable release 8.18.0 affected), metabase, minisat (not fixed), moodle, nats-server, openbabel (not fixed), openexr, p5-Crypt-URandom, p5-Image-ExifTool, php-owncloud (no upstream information, assume not fixed), php-piwigo (CVE-2025-62512 not fixed), postgresql-server, py-Pillow, py-flask, py-nltk, py-pdf, py-werkzeug, qemu (possible patches under discussion), re2c (fixed upstream, latest stable release 4.4 affected), ruby-rack, tiff, vaultwarden, vim, yt-dlp, zlib, zoneminder (CVE-2025-65791 not fixed). Thanks ! @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.738 2026/02/26 08:24:44 leot Exp $ d29962 8 @ 1.738 log @pkg-vulnerabilities: revert to 1.736 1.737 accidentally added most comments. Thanks to ! @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.736 2026/02/25 19:58:38 leot Exp $ d29828 134 @ 1.737 log @pkg-vulnerabilities: add last week CVEs + KeePass, SOGo (no upstream and/or further details, assume not fixed), admesh (not fixed), apache-tomcat, caddy, calibre, chromium, clamav (no upstream information, assume not fixed), coturn, curl, dropbear, erlang, ffmpeg, gimp, grafana, gsoap (no upstream information, assume not fixed), hdf5, janet, jenkins, libde265 (fixed upstream, latest stable release 1.0.16 affected), libjxl, libsixel (fixed upstream, latest stable release 1.8.7 affected), libsoup, libvips (fixed upstream, latest stable release 8.18.0 affected), metabase, minisat (not fixed), moodle, nats-server, openbabel (not fixed), openexr, p5-Crypt-URandom, p5-Image-ExifTool, php-owncloud (no upstream information, assume not fixed), php-piwigo (CVE-2025-62512 not fixed), postgresql-server, py-Pillow, py-flask, py-nltk, py-pdf, py-werkzeug, qemu (possible patches under discussion), re2c (fixed upstream, latest stable release 4.4 affected), ruby-rack, tiff, vaultwarden, vim, yt-dlp, zlib, zoneminder (CVE-2025-65791 not fixed), @ text @d1 1 d5 2 d8 4 d13 1 d15 2 d18 2 d21 2 d24 2 d27 1 d1023 1 d3692 1 d12615 1 d14862 1 d18878 1 d21289 1 d21291 1 d21335 1 d21790 1 d21792 1 d22845 1 d23298 1 d27243 1 d27285 1 d27411 1 d27568 1 d27748 1 d28127 1 d28401 1 d28403 3 d28407 1 d28504 1 d28522 1 d28703 1 d28761 1 d28820 1 d28874 1 d29005 1 d29336 1 a29827 134 KeePass<2.44 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-37178 SOGo-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-3054 admesh-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2653 apache-tomcat<9.0.113 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-66614 apache-tomcat>=10<10.1.50 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-66614 apache-tomcat>=11<11.0.15 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-66614 apache-tomcat<9.0.113 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24733 apache-tomcat>=10<10.1.50 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24733 apache-tomcat>=11<11.0.15 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24733 apache-tomcat<9.0.115 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24734 apache-tomcat>=10<10.1.52 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24734 apache-tomcat>=11<11.0.18 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-24734 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27585 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27586 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27587 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27588 caddy<2.11.1 cross-site-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-27589 caddy<2.11.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27590 calibre<9.3.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-26064 calibre<9.3.0 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-26065 chromium<145.0.7632.45 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2313 chromium<145.0.7632.45 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2314 chromium<145.0.7632.45 out-of-bounds-access https://nvd.nist.gov/vuln/detail/CVE-2026-2315 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2316 chromium<145.0.7632.45 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-2317 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2318 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2319 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2320 chromium<145.0.7632.45 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2321 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2322 chromium<145.0.7632.45 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2026-2323 chromium<145.0.7632.75 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-2441 chromium<145.0.7632.109 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2648 chromium<145.0.7632.109 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-2649 chromium<145.0.7632.109 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2650 chromium<145.0.7632.116 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3061 chromium<145.0.7632.116 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-3062 chromium<145.0.7632.116 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-3063 clamav-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-37167 coturn<4.9.0 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2026-27624 curl<8.18.0 arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2025-11563 dropbear>=2024.84<2025.88 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-14282 erlang<27.3.4.8 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-21620 ffmpeg7<7.1.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10256 ffmpeg8<8.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10256 ffmpeg7<7.1.2 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-12343 ffmpeg8<8.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-12343 gimp<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-0797 gimp<3.0.8 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2044 gimp<3.0.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2045 gimp<3.0.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2047 gimp<3.0.8 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-2048 grafana<12.2.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-41117 grafana<12.2.0 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2026-21722 gsoap-[0-9]* path-traversal https://nvd.nist.gov/vuln/detail/CVE-2019-25355 hdf5<1.14.4.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-26200 janet<1.41.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2869 jenkins<2.551 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-27099 jenkins<2.551 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-27100 libde265-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-61147 libjxl<0.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12474 libjxl<0.11.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-1837 libsixel<1.8.8 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-61146 libsoup<3.6.6 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2443 libvips-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2913 libvips-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2026-3145 libvips-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-3146 libvips-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-3147 metabase<0.58.7 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-27464 minisat-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-2644 moodle<5.0.5 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-26045 moodle<5.0.5 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-26046 moodle<5.0.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-26047 nats-server<2.12.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27571 openbabel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2704 openbabel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2705 openexr<3.4.5 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-26981 p5-Crypt-URandom<0.55 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2474 p5-Image-ExifTool<13.50 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-3102 php{56,74,81,82,83,84}-owncloud-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-25337 php{56,74,81,82,83,84}-piwigo<15.0.0 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2024-48928 php{56,74,81,82,83,84}-piwigo-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-62512 postgresql-server<14.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=16<16.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=17<17.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server>=18<18.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2003 postgresql-server<14.21 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=15<15.16 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=16<16.12 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=17<17.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server>=18<18.2 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-2004 postgresql-server<14.21 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=15<15.16 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=16<16.12 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=17<17.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=17<17.8 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server>=18<18.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2005 postgresql-server<14.21 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=15<15.16 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=16<16.12 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=17<17.8 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=18<18.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2026-2006 postgresql-server>=18<18.2 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-2007 py{27,310,311,312,313,314}-Pillow<12.1.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-25990 py{27,310,311,312,313,314}-flask<3.1.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2026-27205 py{27,310,311,312,313,314}-nltk<3.9.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-14009 py{27,310,311,312,313,314}-pdf<6.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27024 py{27,310,311,312,313,314}-pdf<6.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27025 py{27,310,311,312,313,314}-pdf<6.7.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27026 py{27,310,311,312,313,314}-pdf<6.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27628 py{27,310,311,312,313,314}-werkzeug<3.1.6 input-validation https://nvd.nist.gov/vuln/detail/CVE-2026-27199 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-14876 qemu<10.1.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-8860 qemu-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2026-0665 qemu-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2026-2243 re2c-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-2903 ruby{32,33,34,40}-rack2<2.2.22 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-22860 ruby{32,33,34,40}-rack<3.2.5 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2026-22860 ruby{32,33,34,40}-rack2<2.2.22 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-25500 ruby{32,33,34,40}-rack<3.2.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2026-25500 tiff<4.7.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-61143 tiff<4.7.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-61144 tiff<4.7.1 double-free https://nvd.nist.gov/vuln/detail/CVE-2025-61145 vaultwarden<1.35.3 improper-authorization https://nvd.nist.gov/vuln/detail/CVE-2026-26012 vim<9.1.2148 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-26269 yt-dlp<2026.02.21 command-injection https://nvd.nist.gov/vuln/detail/CVE-2026-26331 zlib<1.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2026-27171 zoneminder-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-65791 zoneminder<1.38.1 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-27470 @ 1.736 log @pkg-vulnerabilities: add recent ImageMagick CVEs + ImageMagick{,6} @ text @a0 1 # $NetBSD: pkg-vulnerabilities,v 1.735 2026/02/22 16:17:32 taca Exp $ a3 2 # Please read "Handling packages with security problems" in the pkgsrc # guide before editing this file. a4 4 # Note: NEVER remove entries from this file; this should document *all* # known package vulnerabilities so it is entirely appropriate to have # multiple entries in this file for a single package, and to contain # entries for packages which have been removed from pkgsrc. a5 1 # New entries should be added at the end of this file. a6 2 # Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after # making changes to this file. a7 2 # The command to run for this update is "./pkg-vuln-update.sh", but it needs # access to the private GPG key for pkgsrc-security. a8 2 # If you have comments/additions/corrections, please contact # pkgsrc-security@@NetBSD.org. a9 2 # Note: If this file format changes, please do not forget to update # pkgsrc/mk/scripts/genreadme.awk which also parses this file. a10 1 # package type of exploit URL a1005 1 # intagg not installed a3673 1 # N/A; see https://security-tracker.debian.org/tracker/CVE-2009-0068 a12595 1 # in stills2dv, not libjpeg-turbo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9614 a14841 1 # reported against tiff, see https://gitlab.com/libtiff/libtiff/-/issues/128 a18856 1 # Disputed: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726578 a21266 1 # rejected a21267 1 # rejected a21310 1 # rejected a21764 1 # not reproducible? https://github.com/Exiv2/exiv2/issues/759 a21765 1 # not reproducible? https://github.com/Exiv2/exiv2/issues/760 a22817 1 # "can't be fixed" according to https://bugzilla.redhat.com/show_bug.cgi?id=2054686 a23269 1 # affects ghostpcl, not part of standard ghostscript, see e.g. https://ubuntu.com/security/CVE-2022-1350 a27213 1 # disputed because abuse of the commands network protocol is not a violation of the Redis Security Model a27254 1 # https://github.com/jpadilla/pyjwt/issues/1080 a27379 1 # disputed, this is how Python's import works a27535 1 # xenkernel for ARM, not packaged in pkgsrc a27714 1 # disputed by upstream, see https://modsecurity.org/20241011/about-cve-2024-46292-2024-october/ a28092 1 # not an issue in pkgsrc due how it is installed a28365 1 # disputed by the GCC project as missed hardening bug, not a vulnerability a28366 3 # not considered a vulnerability issue, --no-absolute-filenames option should # be used instead: # a28367 1 # not reproducible, rejected by uptsream a28463 1 # disputed: https://lore.kernel.org/git/aQd_iisOrwX909Fr@@fruit.crustytoothpaste.net/T/#t a28480 1 # disputed by upstream, considered a feature a28660 1 # Questionable, needs to change the configuration files, see a28717 1 # Only alpha and beta releases affected, never packaged in pkgsrc a28775 1 # Gstreamer Installer, not used by pkgsrc a28828 1 # wolfssh not supported in pkgsrc a28958 1 # Only alpha, beta and rc1 affected a29288 1 # curl not built with ngtcp2 d29780 134 @ 1.735 log @doc/pkg-vulnerabilities: add rails eol and clean up * Tweak package names for older Ruby on Rails pacakges. * Add eol for Ruby on Rails packages 7.0 and 7.1. * Add php81* with eol. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.734 2026/02/22 00:40:56 ryoon Exp $ d29768 60 @ 1.734 log @doc: Update pkg-vulnerabilities for libvpx @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.733 2026/02/15 15:43:28 spz Exp $ d25175 4 a25178 1 ruby{30,31,32}-rails<6.1 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d29330 2 a29331 1 php>=8.1<8.2 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d29766 2 @ 1.733 log @fished some fixed-in-versions for python out of https://docs.python.org/3.13/whatsnew/changelog.html#changelog and https://docs.python.org/3.14/whatsnew/changelog.html#changelog @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.732 2026/02/11 13:23:56 leot Exp $ d29761 1 @ 1.732 log @pkg-vulnerabilities: add last days CVEs + freerdp2, gnutls, janet (fixed upstream, latest stable release 1.40.1 affected), lrzip (not fixed), mongodb, munge, mupdf, png, powerdns-recursor, py-cryptography, roundcube, ruby-faraday, tcpreplay @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.731 2026/02/08 14:09:55 leot Exp $ d29052 2 a29053 2 python313-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 python314-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12084 d29465 2 a29466 2 python313-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 python314-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-11468 d29470 2 a29471 2 python313-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 python314-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-15282 d29485 2 a29486 2 python313-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 python314-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0672 d29490 2 a29491 2 python313-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 python314-[0-9]* http-header-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0865 d29535 2 a29536 2 python313-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 python314-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2026-1299 @ 1.731 log @pkg-vulnerabilities: add recent MFSA + firefox{,140}, thunderbird @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.730 2026/02/08 14:08:07 leot Exp $ d29722 39 @ 1.730 log @pkg-vulnerabilities: indent recently added entries NFC, whitespaces change only to possibly ease future edits. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.729 2026/02/08 14:01:54 leot Exp $ d29719 3 @ 1.729 log @pkg-vulnerabilities: add last days CVEs + asterisk, calibre, chromium, codeblocks (no details, probably not reported upstream, assume not fixed), dnsmasq, glpi, gnupg22, go, libsoup (fixed upstream, latest stable release affected), magento, micropython (fixed upstream, next release should contain the fix), moodle, mupdf, phppgadmin, py-django, py-wagtail, vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.728 2026/02/07 10:35:49 leot Exp $ d29677 1 a29677 1 chromium<144.0.7559.132 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-1861 d29679 1 a29679 1 codeblocks-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-37121 d29681 1 a29681 1 php{56,74,81,82,83,84}-glpi<10.0.23 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-22044 d29683 1 a29683 1 php{56,74,81,82,83,84}-glpi<10.0.23 session-fixation https://nvd.nist.gov/vuln/detail/CVE-2026-23624 d29694 8 a29701 8 moodle<5.0.4 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-67848 moodle<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67849 moodle<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67850 moodle<5.0.4 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-67851 moodle<5.0.4 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2025-67852 moodle<5.0.4 brute-force https://nvd.nist.gov/vuln/detail/CVE-2025-67853 moodle<5.0.4 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-67855 moodle<5.0.4 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2025-67856 d29705 2 a29706 2 py{27,310,311,312,313,314}-django<4.2.28 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2025-13473 py{27,310,311,312,313,314}-django>=5<5.2.11 timing-attack https://nvd.nist.gov/vuln/detail/CVE-2025-13473 d29709 2 a29710 2 py{27,310,311,312,313,314}-django<4.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1207 py{27,310,311,312,313,314}-django>=5<5.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1207 d29713 4 a29716 4 py{27,310,311,312,313,314}-django<4.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1287 py{27,310,311,312,313,314}-django>=5<5.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1287 py{27,310,311,312,313,314}-django<4.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1312 py{27,310,311,312,313,314}-django>=5<5.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2026-1312 @ 1.728 log @pkg-vulnerabilities: Remove duplicate inetutils entry There was already an entry for CVE-2026-24061 and CVE-2026-24061 is not fixed in 2.7 but will be fixed in a next release (or we should backport them) via upstream commits fd702c02 and ccba9f74. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.727 2026/02/07 10:00:30 vins Exp $ d29658 61 @ 1.727 log @doc: add reference to CVE-2026-24061 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.726 2026/02/03 12:40:13 leot Exp $ a29657 1 inetutils<2.7 remote-code-execution https://nvd.nist.gov/vuln/detail/cve-2026-24061 @ 1.726 log @pkg-vulnerabilities: add recent mediawiki CVEs + mediawiki @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.725 2026/02/03 11:58:22 leot Exp $ d29658 1 @ 1.725 log @pkg-vulnerabilities: add (part of) last week CVEs + alsa-lib cacti, chromium, codeblocks (no further information / links to upstream, assume not fixed), expat, furnace, glib2, gnome-font-viewer (no further information / links to upstream, assume not fixed), gnupg2, go, grafana, icingaweb2 (no further information / links to upstream, assume not fixed), libsoup (fixed upstream, no stable releases with the fix), libxml2 (fixed upstream, no stable releases with the fix), mongo-c-driver, monit (no further information / links to upstream, assume not fixed), openssl, png, py-octoprint, py-pdf, py-pip, py-torch, rawtherapee, ruby-activestorage*, salt, tcpflow, xenkernel (patches available, all stable versions affected) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.724 2026/01/30 11:05:48 leot Exp $ d29617 41 @ 1.724 log @pkg-vulnerabilities: restrict CVE-2021-39246 to older tor This was fixed in tor-0.4.6.10 and should be no longer a problem given that v2 onion addresses should be no longer around and supported. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.723 2026/01/29 11:48:49 leot Exp $ d29549 68 @ 1.723 log @pkg-vulnerabilities: add (part of) last days CVEs + gnutls, gpac (fixed upstream, no stable releases with the fixes), hiawatha (no information from upstream, assume not fixed), py-gi-docgen, py-python-multipart, qgis (commented out because affects upstream CI/CD) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.722 2026/01/25 21:02:28 leot Exp $ d22197 1 a22197 1 tor-[0-9]* excessive-logging https://nvd.nist.gov/vuln/detail/CVE-2021-39246 @ 1.722 log @pkg-vulnerabilites: add last days CVEs + 7-zip, avahi (fixed upstream, no stable releases with the fix) docopt.cpp (no further information, unclear if fixed or not upstream, assume not fixed), epiphany, expat, gimp (fixed upstream, no stable releases with the fix), gitea nodejs (no useful details in the CVE and ZDI-26-043, NPM author says that it works as intended, maybe we should follow that too once details are published (and/or maybe that will be rejected)), py-orjson (a PR was proposed but not accepted, assume not fixed), py-protobuf (not fixed, possible PR under review), python (fixed upstream, no stable releases with the fix), sentencepiece @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.721 2026/01/22 09:37:24 leot Exp $ d29538 11 @ 1.721 log @pkg-vulnerabilities: Add last 12 hours CVEs + ImageMagick{,6}, py-test (not fixed, reported upstream and under discussion), py-wheel @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.720 2026/01/21 21:30:49 leot Exp $ d29510 28 @ 1.720 log @pkg-vulnerabilities: add last 12 hours CVEs + bind, glib2 (fixed in 2.87.1, unclear if 2.86.x is affected and/or will get a backport), moodle (no further details, assume not fixed and maybe not even reported upstream), php-phpgadmin (no further details, assume not fixed and maybe not even reported upstream), proftpd (no further details, assume not fixed and maybe not even reported upstream), python (fixed upstream, no stable releases with the fix) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.719 2026/01/21 18:08:52 leot Exp $ d29506 4 @ 1.719 log @pkg-vulnerabilities: add today Oracle CVEs + mysql-server, openjdk* @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.718 2026/01/21 17:53:47 leot Exp $ d29496 10 @ 1.718 log @pkg-vulnerabilities: add last days CVEs + ImageMagick{,6}, chromium, freerdp2, inetutils (fixed upstream, latest stable release 2.7 affected), nodejs, py-jaraco.context, py-ply (probably not shared upstream and the project seems no longer active), py-weasyprint, python (fixed upstream, no stable releases with fixes) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.717 2026/01/19 17:53:04 leot Exp $ d29492 4 @ 1.717 log @pkg-vulnerabilities: add last 12 hours CVEs + assimp (not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.716 2026/01/18 20:38:52 leot Exp $ d29413 79 @ 1.716 log @pkg-vulnerabilities: add last 12 hours CVEs + opencc (fixed upstream, latest stable release 1.1.9 affected) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.715 2026/01/18 11:24:19 leot Exp $ d29412 1 @ 1.715 log @pkg-vulnerabilities: indent last entries NFCI. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.714 2026/01/18 11:20:32 leot Exp $ d29411 1 @ 1.714 log @pkg-vulnerabilities: add recent MFSA + firefox*, thunderbird* @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.713 2026/01/18 11:16:55 leot Exp $ d29357 1 a29357 1 freerdp2<3.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-22851 d29360 1 a29360 1 freerdp2<3.20.1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-22854 d29362 3 a29364 3 freerdp2<3.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-22856 freerdp2<3.20.1 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2026-22857 freerdp2<3.20.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2026-22858 d29366 2 a29367 2 php{56,74,81,82,83,84}-glpi<10.0.21 improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-64516 php{56,74,81,82,83,84}-glpi>=11.0.0<11.0.3 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-66417 d29369 4 a29372 4 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70299 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70302 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70303 gpac-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70304 d29374 1 a29374 1 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70307 d29376 2 a29377 2 gpac-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70309 gpac-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-70310 d29391 1 a29391 1 raylib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-15533 d29399 1 a29399 1 php{56,74,81,82,83,84}-typo3<13.4.23 code-injection https://nvd.nist.gov/vuln/detail/CVE-2026-0859 d29401 1 a29401 1 #vsftpd-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-14242 # specific to Red Hat @ 1.713 log @pkg-vulnerabilities: add last days CVEs + avahi (fixed upstream, latest stable release 0.8 and also 0.9rc2 affected), cpp-httplib, freeimage (links only to PoC, unclear if reported upstream or not, assume not fixed), freerdp2, glpi, gpac (probably none reported upstream, assume not fixed), gradle, libsndfile (fixed upstream, latest 1.2.2 version affected), libsoup (not fixed, possible merge request under review), libxml2 (CVE-2026-0989: not fixed, possible merge request under review, CVE-2026-0990 and CVE-2026-0992 fixed upstream, no stable release with the fix), metabase, mit-krb5, opencolorio, png raylib (fixed upstream, latest stable release 5.5 affected), rt4, rt5, slurm-wlm, php-typo3, vlc, wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.712 2026/01/10 13:00:41 leot Exp $ d29406 5 @ 1.712 log @pkg-vulnerabilities: add CVE-2025-69226 entry + py-aiohttp @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.711 2026/01/10 12:22:18 leot Exp $ d29352 54 @ 1.711 log @pkg-vulnerabilities: add last 36 hours CVEs + curl, fluidsynth, harfbuzz, libsoup (possible patch under review), miniflux, py-authlib, py-filelock, py-pdf, py-virtualenv, py-werkzeug, wget2 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.710 2026/01/09 12:02:35 leot Exp $ d29351 1 @ 1.710 log @pkg-vulnerabilities: restrict CVE-2025-13151 libtasn1-4.21.0 was released and contains a fix for it. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.709 2026/01/08 10:50:24 leot Exp $ d29332 19 @ 1.709 log @pkg-vulnerabilities: add last 12 hours CVEs + libtasn1 (possible patch under review), lmdb (shared via fulldisclosure ML, unclear if shared upstream or not, probably not fixed), py-urllib3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.708 2026/01/07 22:12:04 leot Exp $ d29329 1 a29329 1 libtasn1-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-13151 @ 1.708 log @pkg-vulnerabilities: add today CVEs + chromium @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.707 2026/01/07 21:12:27 wiz Exp $ d29329 3 @ 1.707 log @doc: php 8.1's extended security support ended end of last year @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.706 2026/01/06 13:49:41 leot Exp $ d29328 1 @ 1.706 log @pkg-vulnerabilities: add old CVEs for packages starting with "i" + icinga2, icingaweb2, imapsync (issue still open but actually mitigated in 2.264), imlib2, inetutils, influxdb, iniparser, iperf3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.705 2026/01/06 12:16:44 leot Exp $ d29327 1 @ 1.705 log @pkg-vulnerabilities: add last 12 hours CVEs + py-aiohttp @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.704 2026/01/06 10:24:28 nia Exp $ d29310 17 @ 1.704 log @CVE-2025-11731 patched locally. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.703 2026/01/04 19:47:23 leot Exp $ d29303 7 @ 1.703 log @pkg-vulnerabilities: add remaining old CVEs for packages starting with h + harfbuzz, hdf5 (the ones with wildcards lkely not fixed and unclear if reported upstream or not), heimdal (according Debian only present in master branch, mark it as before 7.7.1 to be safe and keep track of it), htmldoc, htop, hugin, hugo, hwloc, hyperscan @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.702 2026/01/04 18:51:38 leot Exp $ d28490 1 a28490 1 libxslt-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-11731 @ 1.702 log @pkg-vulnerabilities: add old CVEs for (some) packages starting with "h" + h2o (fixed upstream, latest stable release and 2.3.0beta2 affected), haproxy @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.701 2026/01/03 21:50:20 leot Exp $ d29240 63 @ 1.701 log @pkg-vulnerabilities: CVE-2025-68973 fixed in gnupg2-2.4.9 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.700 2026/01/03 21:37:25 leot Exp $ d29230 10 @ 1.700 log @pkg-vulnerabilities: add last 24-36 hours CVEs + cpp-httplib, gitea, gpsd, libtpms, messagelib, wabt (not fixed) (Same of -r1.698 but without removing most comments!) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.699 2026/01/03 21:36:23 leot Exp $ d29186 1 a29186 1 gnupg2-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-68973 @ 1.699 log @pkg-vulnerabilities: revert to r1.697 Revert to 1.697 in order to readd all comments that were accidentally removed as port of commit r1.698. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.697 2026/01/03 21:19:16 leot Exp $ d29222 8 @ 1.698 log @pkg-vulnerabilities: add last 24-36 hours CVEs + cpp-httplib, gitea, gpsd, libtpms, messagelib, wabt (not fixed) @ text @d1 1 d5 2 d8 4 d13 1 d15 2 d18 2 d21 2 d24 2 d27 1 d1023 1 d3692 1 d12615 1 d14862 1 d18878 1 d21289 1 d21291 1 d21335 1 d21790 1 d21792 1 d22845 1 d23298 1 d27240 1 d27282 1 d27408 1 d27565 1 d27745 1 d28124 1 d28398 1 d28400 3 d28404 1 d28501 1 d28519 1 d28700 1 d28758 1 d28817 1 d28871 1 d29002 1 a29221 8 cpp-httplib<0.30.0 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2026-21428 gitea<1.25.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-69413 gpsd<3.27.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-67268 gpsd<3.27.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-67269 libtpms<0.10.2 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2026-21444 messagelib<25.11.90 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-69412 wabt-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-15411 wabt-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-15412 @ 1.697 log @pkg-vulnerabilities: mark lua5[123] as eol @ text @a0 1 # $NetBSD: pkg-vulnerabilities,v 1.696 2026/01/03 11:45:06 nia Exp $ a3 2 # Please read "Handling packages with security problems" in the pkgsrc # guide before editing this file. a4 4 # Note: NEVER remove entries from this file; this should document *all* # known package vulnerabilities so it is entirely appropriate to have # multiple entries in this file for a single package, and to contain # entries for packages which have been removed from pkgsrc. a5 1 # New entries should be added at the end of this file. a6 2 # Please ask pkgsrc-security to update the copy on ftp.NetBSD.org after # making changes to this file. a7 2 # The command to run for this update is "./pkg-vuln-update.sh", but it needs # access to the private GPG key for pkgsrc-security. a8 2 # If you have comments/additions/corrections, please contact # pkgsrc-security@@NetBSD.org. a9 2 # Note: If this file format changes, please do not forget to update # pkgsrc/mk/scripts/genreadme.awk which also parses this file. a10 1 # package type of exploit URL a1005 1 # intagg not installed a3673 1 # N/A; see https://security-tracker.debian.org/tracker/CVE-2009-0068 a12595 1 # in stills2dv, not libjpeg-turbo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9614 a14841 1 # reported against tiff, see https://gitlab.com/libtiff/libtiff/-/issues/128 a18856 1 # Disputed: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726578 a21266 1 # rejected a21267 1 # rejected a21310 1 # rejected a21764 1 # not reproducible? https://github.com/Exiv2/exiv2/issues/759 a21765 1 # not reproducible? https://github.com/Exiv2/exiv2/issues/760 a22817 1 # "can't be fixed" according to https://bugzilla.redhat.com/show_bug.cgi?id=2054686 a23269 1 # affects ghostpcl, not part of standard ghostscript, see e.g. https://ubuntu.com/security/CVE-2022-1350 a27210 1 # disputed because abuse of the commands network protocol is not a violation of the Redis Security Model a27251 1 # https://github.com/jpadilla/pyjwt/issues/1080 a27376 1 # disputed, this is how Python's import works a27532 1 # xenkernel for ARM, not packaged in pkgsrc a27711 1 # disputed by upstream, see https://modsecurity.org/20241011/about-cve-2024-46292-2024-october/ a28089 1 # not an issue in pkgsrc due how it is installed a28362 1 # disputed by the GCC project as missed hardening bug, not a vulnerability a28363 3 # not considered a vulnerability issue, --no-absolute-filenames option should # be used instead: # a28364 1 # not reproducible, rejected by uptsream a28460 1 # disputed: https://lore.kernel.org/git/aQd_iisOrwX909Fr@@fruit.crustytoothpaste.net/T/#t a28477 1 # disputed by upstream, considered a feature a28657 1 # Questionable, needs to change the configuration files, see a28714 1 # Only alpha and beta releases affected, never packaged in pkgsrc a28772 1 # Gstreamer Installer, not used by pkgsrc a28825 1 # wolfssh not supported in pkgsrc a28955 1 # Only alpha, beta and rc1 affected d29175 8 @ 1.696 log @CVE-2025-31344 was fixed locally. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.695 2025/12/31 21:24:02 leot Exp $ d29219 3 @ 1.695 log @pkg-vulnerabilities: add last 24 hours CVEs + ImageMagick, fontforge (not fixed, please see also ), libpcap, libsodium (1.0.21 not yet released, but it will contain such fixes), matio (not fixed), php-composer, py-cbor2, ruby-uri, sox (probably not fixed, no information from upstream) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.694 2025/12/30 11:56:20 leot Exp $ d28484 1 a28484 1 giflib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-31344 @ 1.694 log @pkg-vulnerabilities: add last 24-36 hours CVEs + binutils (no information from upstream (probably not shared) and old binutils release, assume not fixed), coturn (it will be fixed in 4.8.0, not yet released), libheif, ming (not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.693 2025/12/29 11:18:09 leot Exp $ d29197 22 @ 1.693 log @pkg-vulnerabilities: spell gnupg2 correctly Add the missing trailing "2". Please also note that at the moment only CVE-2025-68973 is fixed on 2.5.x release. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.692 2025/12/29 11:17:06 leot Exp $ d29187 10 @ 1.692 log @pkg-vulnerabilities: add last 24 hours CVEs + gnupg @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.691 2025/12/27 21:45:49 leot Exp $ d29185 2 a29186 2 gnupg-[0-9]* ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-68972 gnupg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-68973 @ 1.691 log @pkg-vulnerabilities: add last 12 hours CVEs + php @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.690 2025/12/26 11:49:38 leot Exp $ d29185 2 @ 1.690 log @pkg-vulnerabilities: add last 24 hours CVEs + gitea, py-httpbin (not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.689 2025/12/25 15:10:06 leot Exp $ d29173 12 @ 1.689 log @pkg-vulnerabilities: add last 24 hours CVEs + barcode (unclear if actually reported upstream or not, only a vague notice regarding that in 2018 in MLs and no public responses), kermit (possible PR proposed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.688 2025/12/24 21:19:05 leot Exp $ d29163 10 @ 1.688 log @pkg-vulnerabilities: add last days CVEs + direwolf (fixed in HEAD, latest 1.8.1 release affected), fluidsynth, gimp, mariadb-client, net-snmp, netcdf (probably not fixed), openexr, ruby-httparty (fixed upstream, latest 0.23.2 release affected), @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.687 2025/12/23 19:19:18 bsiegert Exp $ d29160 3 @ 1.687 log @pkg-vulnerabilities: the go-bin vuln was fixed in 1.16, years ago. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.686 2025/12/20 13:06:49 leot Exp $ d29139 21 @ 1.686 log @pkg-vulnerabilities: add last days CVEs + ImageMagick, avahi (not fixed yet, candidate fix being discussed), binaryen (fixed upstream, latest stable release 125 affected), capstone (fixed upstream, 6.0.0alpha5 affected), chromium, elasticsearch, ffmpeg8, freerdp2, glpi (CVE-2023-53943 not fixed), mongodb, php-avideo, php-dotclear (not fixed), py-biopython (not fixed), py-filelock, roundcube ruby-aws-sdk-s3, thunderbird, firefox @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.685 2025/12/15 21:44:50 leot Exp $ d19560 1 a19560 1 go-bin-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-14040 @ 1.685 log @pkg-vulnerabilities: add last 24 hours CVEs + py-django-allauth, elasticsearch, libreoffice openrsync (not fixed), uriparser @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.684 2025/12/14 20:53:56 leot Exp $ d29113 26 @ 1.684 log @pkg-vulnerabilities: add last 24 hours CVEs + chromium, exim, php-nextcloud @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.683 2025/12/12 17:08:31 leot Exp $ d29107 6 @ 1.683 log @pkg-vulnerabilities: add last days CVEs + ImageMagick, freeimage (no links to upstream, unclear if reported or not, assume not fixed), jenkins, libsoup (not fixed), miniflux, phppgadmin, py-tornado, webmin, wolfssl @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.682 2025/12/10 10:09:08 leot Exp $ d29104 3 @ 1.682 log @pkg-vulnerabilities: add recent MFSA + thunderbird, firefox @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.681 2025/12/10 10:01:36 leot Exp $ d29087 17 @ 1.681 log @pkg-vulnerabilities: add last day CVEs + libcares, mongodb, p5-Plack-Middleware-Session, powerdns-recursor @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.680 2025/12/08 13:16:00 leot Exp $ d29082 5 @ 1.680 log @pkg-vulnerabilities: add last days CVEs + SOGo (fixed in HEAD, will be fixed in 5.12.5), ansible, apache, cpp-httplib, php-nextcloud, py-urllib3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.679 2025/12/08 12:02:16 leot Exp $ d29077 5 @ 1.679 log @pkg-vulnerabilities: add WSA-2025-0009 Deduplicate all the CVEs too given that the WSA contains more information / version fixed. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.678 2025/12/04 10:03:25 leot Exp $ d29057 20 @ 1.678 log @pkg-vulnerabilities: add last 24 hours CVEs + chromium, go, openvpn, pgbouncer, png python (fixed upstream / backport in progress / no stable release with fix) qt5-declarative (not fixed and seems the open source version EOL), qt6-declarative (backported, fix will be present in 6.10.2 once released), webkit-gtk (no further details available in references, assume not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.677 2025/12/03 10:36:26 leot Exp $ a28998 1 webkit-gtk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13502 d29056 1 a29056 1 webkit-gtk-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-13947 @ 1.677 log @pkg-vulnerabilities: add last 24 hours CVEs + ImageMagick, chromium, go, py-django, wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.676 2025/12/03 09:27:15 leot Exp $ d29044 14 @ 1.676 log @pkg-vulnerabilities: Limit CVE-2025-13836 and CVE-2025-13837 New python313 and python314 releases contain fixes for them. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.675 2025/12/03 07:40:33 wiz Exp $ d29022 22 @ 1.675 log @doc: mention "new" xkbcomp vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.674 2025/12/02 17:50:40 leot Exp $ d29009 1 a29009 1 python314-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13836 d29013 2 a29014 2 python313-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 python314-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-13837 @ 1.674 log @pkg-vulnerabilities: add last 24 hours CVEs + kissfft (fixed upstream, latest stable release 131.2.0 still affected though), python (fixed upstream, no stable releases with fixes), zabbix-{agent,frontend} @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.673 2025/12/01 17:36:06 leot Exp $ d29018 4 @ 1.673 log @pkg-vulnerabilities: add WSA-2025-0008 + webkit-gtk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.672 2025/11/30 16:48:41 leot Exp $ d29002 16 @ 1.672 log @pkg-vulnerabilities: add last days CVEs + SOGo, cups-base, expat (details only available under a NDA for people willing to fix it, not fixed), fail2ban (disputed, commented out), fluent-bit, glib2, krita, mongodb, php-orangehrm, png, py-fonttools, py-pdf, tinyproxy (fixed upstream, no stable release with the fix, latest 1.11.2 release affected), webkit-gtk (no further upstream information, assume not fixed), wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.671 2025/11/23 20:53:32 leot Exp $ d29001 1 @ 1.671 log @pkg-vulnerabilities: add last 24 hours CVEs + nnn (fixed upstream, latest stable release 5.1 affected) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.670 2025/11/22 20:51:38 leot Exp $ d28971 30 @ 1.670 log @pkg-vulnerabilities: add last 48-72 hours CVEs + 7-zip, cups-filters, php-phppgadmin (probably not reported upstream, likely not fixed), wireshark, wolfssl @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.669 2025/11/22 11:47:20 leot Exp $ d28970 1 @ 1.669 log @pkg-vulnerabilities: use CVE link for last opensmtpd entry CVE is now public. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.668 2025/11/19 21:57:39 leot Exp $ d28955 15 @ 1.668 log @pkg-vulnerabilities: fix a typo in vulnerability type @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.667 2025/11/19 21:57:11 leot Exp $ d28825 1 a28825 1 opensmtpd>=7.7.0<7.8.0 denial-of-service https://www.openwall.com/lists/oss-security/2025/10/31/3 @ 1.667 log @pkg-vulnerabilities: add last 36 hours CVEs + chromium, drupal, grub2 (all fixed upstream, 2.12 affected, no stable releases with the fix), haproxy, libvirt, mongo-c-driver, php-piwigo, py-cbor2, rsync (fixed upstream, latest stable release 3.4.1 affected) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.666 2025/11/17 13:38:05 wiz Exp $ d28929 2 a28930 2 radare2<6.0.5 null-pointer-derference https://nvd.nist.gov/vuln/detail/CVE-2025-63744 radare2<6.0.5 null-pointer-derference https://nvd.nist.gov/vuln/detail/CVE-2025-63745 @ 1.666 log @doc: use standard "all" pattern @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.665 2025/11/17 13:32:38 gdt Exp $ d28932 23 @ 1.665 log @eol: Add qjson as eol @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.664 2025/11/15 10:06:30 leot Exp $ d28931 1 a28931 1 qjson-* eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages @ 1.664 log @pkg-vulnerabilities: add last 12 hours CVEs + radare2 (fixed in HEAD, will be fixed in 6.0.5, not yet released) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.663 2025/11/14 10:15:02 leot Exp $ d28931 1 @ 1.663 log @pkg-vulnerabilities: add last 24 hours CVEs + chromium, jitsi-meet, php-phppgadmin, postgresql-client, postgresql-server @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.662 2025/11/13 18:59:22 leot Exp $ d28929 2 @ 1.662 log @pkg-vulnerabilities: xenkernel-4.20.2 fixes up to and including XSA-476 Limit all xenkernel420 entries accordingly. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.661 2025/11/13 09:29:16 leot Exp $ d28907 22 @ 1.661 log @pkg-vulnerabilities: add last 24 hours CVEs + anubis, chromium, cups-filters, libcupsfilters, duckdb, py-torch (not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.660 2025/11/12 10:55:25 leot Exp $ d27562 3 a27564 3 xenkernel420-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-27466 xenkernel420-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-58142 xenkernel420-[0-9]* race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-58143 d28772 1 a28772 1 xenkernel420-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58147 d28774 1 a28774 1 xenkernel420-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-58148 d28776 1 a28776 1 xenkernel420-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-58149 @ 1.660 log @pkg-vulnerabilities: add last 24 hours CVEs + libvirt (not fixed yet, patch shared and under review) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.659 2025/11/12 09:38:57 leot Exp $ d28899 8 @ 1.659 log @pkg-vulnerabilities: add yesterday MFSA + firefox @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.658 2025/11/11 11:02:30 leot Exp $ d28898 1 @ 1.658 log @pkg-vulnerabilities: add last week CVEs + calibre, chromium, ffmpeg, lasso, libarchive (not fixed, despite the CVE description says before 3.8.1), libmicrohttpd, libxml2 (not fixed yet, possible patch proposed), magento, openexr, py-django, quickjs (fixed upstream, latest stable release 2025-09-13-2 affected) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.657 2025/11/05 22:22:26 wiz Exp $ d28895 3 @ 1.657 log @doc: update pattern for python314 fix Remove lz4 vulnerability entry, it was marked as REJECTED @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.656 2025/11/05 11:53:25 wiz Exp $ d28837 58 @ 1.656 log @doc: comment out redis vuln, disputed @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.655 2025/11/05 09:03:45 leot Exp $ a28745 1 lz4-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-62813 d28782 1 a28782 1 python314<3.14.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6075 @ 1.655 log @pkg-vulnerabilities: add last 12 hours CVEs + mantis, redis @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.654 2025/11/04 16:19:35 leot Exp $ d27240 2 a27241 1 redis-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-46686 @ 1.654 log @pkg-vulnerabilities: Add last 36 hours CVEs + lighttpd, mantis, mongodb, netsurf (all fixed upstream, no stable releases with the fix, 3.11 affected) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.653 2025/11/03 09:53:03 adam Exp $ d28833 4 @ 1.653 log @Updated mail/exim[-html] @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.652 2025/11/02 19:19:33 vins Exp $ d28827 6 @ 1.652 log @pkg-vulnerabilities: add reference to CVE-2025-62875 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.651 2025/11/02 16:01:22 wiz Exp $ d28826 1 @ 1.651 log @doc: comment out a git vulnerability Upstream does not think it is a vulnerability https://lore.kernel.org/git/aQd_iisOrwX909Fr@@fruit.crustytoothpaste.net/T/#t @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.650 2025/11/01 10:36:33 leot Exp $ d28825 1 @ 1.650 log @pkg-vulnerabilities: add old CVE for PKGBASE starting with "g" + gsl (patch available, no feedbacks from upstream), gsoap, gst-rtsp-server, gstreamer1, gtar-base @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.649 2025/11/01 10:04:07 leot Exp $ d28500 2 a28501 1 git-base-[0-9]* input-validation https://nvd.nist.gov/vuln/detail/CVE-2024-52005 @ 1.649 log @pkg-vulnerabilities: add last 12 hours CVEs + qemu (fixed upstream, no stable releases with the patch yet) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.648 2025/10/31 22:00:38 leot Exp $ d28783 41 @ 1.648 log @pkg-vulnerabilities: Add last 12 hours CVEs + xenkernel (patches available, no stable releases with fixes), python (already backported but only python 3.9.25 was released) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.647 2025/10/31 09:48:45 leot Exp $ d28782 1 @ 1.647 log @pkg-vulnerabilities: Add last 12 hours CVEs + py-brotli (actual report is for scrapy but py-brotli seems the culprit, NVD link still not public but see and ), qt-qtconnectivity @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.646 2025/10/30 11:08:22 leot Exp $ d28770 12 @ 1.646 log @pkg-vulnerabilities: Add last week CVEs + ImageMagick, apache-tomcat, bitcoin, consul, dnsmasq (commented out because if attacker can modify the configuration can probably do much more damage), firefox, fontforge, frr (possible patch under review upstream), gegl, gimp, go, kea, libaudiofile (possible patch shared upstream, no feedback yet), libsoup (fixed upstream, no stable release with fix yet), lz4 (fixed upstream, no stable release with fix yet) modular-xorg-server, moodle, openvpn (commented out because we do not package alpha and beta and such string is probably invalid PKGVERSION), py-authlib, py-pdf, py-starlette, rt5, sqlite3, vault @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.645 2025/10/30 10:24:30 leot Exp $ d28767 3 @ 1.645 log @pkg-vulnerabilities: add last Oracle CVEs + mysql-server, openjdk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.644 2025/10/28 10:26:58 leot Exp $ d28684 83 @ 1.644 log @pkg-vulnerabilities: fix typo in PKGBASE too CVE-2025-53101 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.643 2025/10/28 09:33:00 jperkin Exp $ d28680 4 @ 1.643 log @pkg-vulnerabilities: Fix various typos. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.642 2025/10/28 09:22:43 leot Exp $ d27175 1 a27175 1 sImageMagick<7.1.2.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53101 @ 1.642 log @pkg-vulnerabilities: simplify/fix some bind patterns When setting a lower bound use `>=` instead of `>`, this should be moot in that case but if that get copypasted can be harmful. When referring to 9.18.x avoid any extra bound that actually result in matching due the `<9.20` that is not correct. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.641 2025/10/27 07:40:01 jnemeth Exp $ d24223 1 a24223 1 libraw<0.21.1 ut-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35535 d25112 1 a25112 1 libssh<0.105 debial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-1667 d25181 1 a25181 1 webkit-gtk<2.40.1 content-security-policiy-escape https://nvd.nist.gov/vuln/detail/CVE-2023-32370 d25948 1 a25948 1 R<4.4.0 arbirary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-27322 d27175 1 a27175 1 sImageMagick<7.1.2.0 tack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-53101 d27747 24 a27770 24 ffmpeg5<5.1.7 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg6<6.1.3 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg7<7.1.2 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg8<8.0 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59728 ffmpeg5-[0-9]* out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg6-[0-9]* out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg7-[0-9]* out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg8<8.0 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59729 ffmpeg5-[0-9]* out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg6-[0-9]* out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg7-[0-9]* out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg8<8.0 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59730 ffmpeg5<5.1.7 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg6<6.1.3 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg7<7.1.2 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg8<8.0 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59731 ffmpeg5<5.1.7 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg6<6.1.3 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg7<7.1.2 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg8<8.0 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59732 ffmpeg5<5.1.7 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg6<6.1.3 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg7<7.1.2 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 ffmpeg8<8.0 out-of-bonunds-write https://nvd.nist.gov/vuln/detail/CVE-2025-59733 @ 1.641 log @asterisk18 is now eol @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.640 2025/10/25 13:28:45 kikadf Exp $ d27977 1 a27977 1 bind>9.20<9.20.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40775 d28673 6 a28678 6 bind>9.20<9.20.15 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8677 bind>9.20<9.20.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40778 bind>9.20<9.20.15 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40780 bind<9.20<9.18.41 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-8677 bind<9.20<9.18.41 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40778 bind<9.20<9.18.41 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-40780 @ 1.640 log @ doc/pkg-vulnerabilities: restrict FlightCrew patterns CVE-2019-13032: fixed in pkgsrc @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.639 2025/10/23 17:11:23 he Exp $ d28679 1 @ 1.639 log @Add recently fixed BIND vulnerabilities, and fix the entry for CVE-2025-40775 as it only applies to 9.20.x. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.638 2025/10/22 13:06:20 he Exp $ d17541 1 a17541 1 FlightCrew-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-13032 @ 1.638 log @Add unbound<1.24.1 cache-poisoning vulnerability, ref. CVE-2025-11411. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.637 2025/10/21 21:19:59 leot Exp $ d27977 1 a27977 1 bind<9.20.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40775 d28673 6 @ 1.637 log @pkg-vulnerabilities: add last 12 hours CVEs + mbedtls @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.636 2025/10/21 18:59:06 leot Exp $ d28672 1 @ 1.636 log @pkg-vulnerabilities: add last 24 hours CVEs + libwebsockets (will be fixed in the next patch stable releases, added the next minor given that they are already in the minor branches), mbedtls, mongodb, trufflehog @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.635 2025/10/21 12:32:16 leot Exp $ d28671 1 @ 1.635 log @pkg-vulnerabilities: restrict some fluent-bit CVEs They were fixed upstream via . Pointed out via . @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.634 2025/10/20 08:44:31 leot Exp $ d28662 9 @ 1.634 log @pkg-vulnerabilities: add last 12 hours CVEs + bftpd (not fixed (there is also a 6.3 release but affected code was not changed), no idea if reported upstream or not) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.633 2025/10/19 10:45:35 leot Exp $ d28335 2 a28336 2 fluent-bit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-29477 fluent-bit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-29478 @ 1.633 log @pkg-vulnerabilities: add last 48 hours CVEs + ImageMagick, git-lfs, radare2, squid, xpdf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.632 2025/10/17 08:00:36 kikadf Exp $ d28661 1 @ 1.632 log @ doc/pkg-vulnerabilities: restrict amanda-client patterns CVE-2022-37703: fixed in pkgsrc's amanda-client @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.631 2025/10/17 07:28:15 kikadf Exp $ d28653 8 @ 1.631 log @ doc/pkg-vulnerabilities: restrict anjuta patterns CVE-2021-42522: fixed in pkgsrc @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.630 2025/10/17 06:25:07 kikadf Exp $ d24998 1 a24998 1 amanda<3.5.3 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-37703 @ 1.630 log @ doc/pkg-vulnerabilities: restrict amfora patterns GO-2021-0238: fixed in go115-1.15.12, go116-1.16.4, amfora-1.10.0 already depend for go117 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.629 2025/10/17 06:23:05 kikadf Exp $ d24929 1 a24929 1 anjuta-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-42522 @ 1.629 log @ doc/pkg-vulnerabilities: restrict amanda patterns CVE-2022-37703: fixed in 3.5.3, https://github.com/zmanda/amanda/issues/192 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.628 2025/10/17 06:19:41 kikadf Exp $ d25802 1 a25802 1 amfora-[0-9]* infinite-loop https://pkg.go.dev/vuln/GO-2021-0238 @ 1.628 log @ doc/pkg-vulnerabilities: restrict afl++ patterns CVE-2023-26266: fixed in 4.06c, https://github.com/AFLplusplus/AFLplusplus/commit/bac8d25bc2779f06813065a1b5c54eeba8718e2b @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.627 2025/10/17 06:18:11 kikadf Exp $ d24998 1 a24998 1 amanda-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-37703 @ 1.627 log @ doc/pkg-vulnerabilities: restrict aerc patterns CVE-2025-49466: fixed in 0.21.0, https://git.sr.ht/~rjarry/aerc/commit/93bec0de8ed5ab3d6b1f01026fe2ef20fa154329?__goaway_challenge=meta-refresh&__goaway_id=1266ae23f297370d906d6a6e44a2a9ae @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.626 2025/10/17 06:16:05 kikadf Exp $ d25047 1 a25047 1 afl++-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-26266 @ 1.626 log @ doc/pkg-vulnerabilities: restrict advancecomp patterns CVE-2019-8379: fixed in 2.3, https://github.com/amadvance/advancecomp/commit/7894a6e684ce68ddff9f4f4919ab8e3911ac8040 CVE-2019-8383: fixed in 2.3, https://github.com/amadvance/advancecomp/commit/78a56b21340157775be2462a19276b4d31d2bd01 CVE-2019-9210: fixed in 2.3, https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02 CVE-2022-35014, CVE-2022-35015, CVE-2022-35016, CVE-2022-35017, CVE-2022-35018, CVE-2022-35019 and CVE-2022-35020: fixed in 2.4, https://github.com/amadvance/advancecomp/commit/f4fc0677527bdc7d1b78b1cc43974df7fe849d43 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.625 2025/10/16 21:28:01 leot Exp $ d26329 1 a26329 1 aerc-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-49466 @ 1.625 log @pkg-vulnerabilities: add last 12 hours CVEs + binutils (CVE-2025-11839 not fixed yet, CVE-2025-11840 has a possible patch), icinga2, quickjs, webmin (no useful info available, assume not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.624 2025/10/16 10:28:48 leot Exp $ d16790 2 a16791 2 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8379 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8383 d16879 1 a16879 1 advancecomp-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9210 d16888 1 a16888 1 ikiwiki<3.20190228 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-9187 d24055 7 a24061 7 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35020 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35019 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35018 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35017 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35016 advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35015 advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35014 @ 1.624 log @pkg-vulnerabilities: add last 12 hours CVEs + p5-YAML-Syck @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.623 2025/10/15 20:52:43 wiz Exp $ d28639 14 @ 1.623 log @doc: mention CVE-2025-10230 (samba) as well @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.622 2025/10/15 20:48:56 leot Exp $ d28638 1 @ 1.622 log @pkg-vulnerabilities: spell samba PKGBASE correctly It has no trailing "4"! @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.621 2025/10/15 20:47:00 leot Exp $ d28637 1 @ 1.621 log @pkg-vulnerabilities: add last 12 hours CVEs + samba @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.620 2025/10/15 11:58:39 leot Exp $ d12153 1 a12153 1 samba4<4.6.4 remote-code-execution https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7494 d25542 1 a25542 1 samba4<4.17.4 brute-force-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20251 d25705 6 a25710 6 samba4>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961 samba4>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-3961 samba4>=4.17<4.17.12 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669 samba4>=4.18<4.18.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-42669 samba4>=4.17<4.17.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670 samba4>=4.18<4.18.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-42670 d25752 2 a25753 2 samba4>=4.0<4.18.9 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 samba4>=4.19<4.19.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 d26004 2 a26005 2 samba4<4.19.7 memory-corruption https://www.openwall.com/lists/oss-security/2024/06/24/3 samba4>=4.20<4.20.2 memory-corruption https://www.openwall.com/lists/oss-security/2024/06/24/3 d26321 1 a26321 1 samba4<4.21.6 information-loss https://nvd.nist.gov/vuln/detail/CVE-2025-0620 @ 1.620 log @pkg-vulnerabilities: add old grub2 CVEs + grub2 (CVE-2024-56737 not fixed, all other fixed upstream and will be available in the next release, I have put 2.13 but possibly it can be a minor dot too (e.g. 2.12.x)) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.619 2025/10/15 11:05:07 leot Exp $ d28636 1 @ 1.619 log @pkg-vulnerabilities: add (part of) old CVEs for PKGBASE starting with "g" + gpac, gpsd, gradle, grafana (CVE-2024-10452 not fixed, probably WONTFIX) GraphicsMagick, grpc @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.618 2025/10/15 10:19:38 leot Exp $ d28612 24 @ 1.618 log @pkg-vulnerabilities: add (part of) old CVEs for PKGBASE starting with "g" + zabbix-agent, gindent, git-base (CVE-2024-52005 not addressed, recommendation is to avoid non-trusted repository, probably we should comment it out), gitea, glade, glib2, global glslang (not fixed), gnome-shell, gnupg2, gnuplot, gnutls, go @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.617 2025/10/15 09:42:30 wiz Exp $ d28586 26 @ 1.617 log @*: + webkit-gtk 2.50.1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.616 2025/10/14 21:56:45 leot Exp $ d28496 90 @ 1.616 log @pkg-vulnerabilities: add last 12 hours CVEs + firefox, thunderbird @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.615 2025/10/14 08:54:24 leot Exp $ d28495 1 @ 1.615 log @pkg-vulnerabilities: add last 12 hours CVEs + libxslt (probably not fixed yet, Red Hat bugzilla does not contains any upstream details and no entry regarding that in libxslt upstream NEWS) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.614 2025/10/12 07:00:23 wiz Exp $ d28490 5 @ 1.614 log @doc: update httpie pattern according to https://github.com/github/advisory-database/pull/5249 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.613 2025/10/11 19:07:36 wiz Exp $ d28489 1 @ 1.613 log @doc: update pattern for python313 fix @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.612 2025/10/11 18:13:16 leot Exp $ d26022 1 a26022 1 py{38,39,310,311,312}-httpie-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2023-48052 @ 1.612 log @pkg-vulnerabilities: add (part of) old CVEs for PKGBASEs starting with g + gdk-pixbuf2 geeklog (probably not fixed, unclear if reported upstream or not), gerbv, gh, ghostscript-agpl, ghostscript-gpl, giflib (CVE-2023-39742, CVE-2023-48161, CVE-2025-31344, CVE-2024-45993 seems not fixed), gifsicle, gimp @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.611 2025/10/11 12:50:39 wiz Exp $ d27781 1 a27781 1 python313-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 @ 1.611 log @doc: really bump python314 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.610 2025/10/11 12:02:09 leot Exp $ d28408 81 @ 1.610 log @pkg-vulnerabilities: fix a typo in CVE-2024-32039 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.609 2025/10/11 10:35:07 wiz Exp $ d27782 1 a27782 1 python314<3.14.0nb1 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 @ 1.609 log @doc: add upper bound for Python 3.14 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.608 2025/10/11 10:29:19 leot Exp $ d28368 1 a28368 1 freerdp2<22.11.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-32039 @ 1.608 log @pkg-vulnerabilities: add (part of) old CVEs for packages starting with g + tiff, ganglia-webfrontend (not fixed), commented out gcc, gcpio, gdal-lib disputed/rejected, gdb @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.607 2025/10/11 10:06:44 leot Exp $ d27782 1 a27782 1 python314-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 @ 1.607 log @pkg-vulnerabilities: add old CVEs with PKGBASEs starting with f + fastd, p5-FCGI (not fixed), fdupes, fig2dev (CVE-2025-31162, CVE-2025-31163, CVE-2025-31164, CVE-2025-46397, CVE-2025-46398, CVE-2025-46399, CVE-2025-46400 fixed upstream, 3.2.9a affected), file, flac, flightgear, fluent-bit (CVE-2025-29477, CVE-2025-29478 and CVE-2024-26455 probably not fixed nor shared with upstream), freeimage (none fixed upstream), freerdp2, freetype2, frr @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.606 2025/10/11 09:17:46 leot Exp $ d28394 14 @ 1.606 log @pkg-vulnerabilities: add morning CVEs + py-ldap, wireshark, poppler @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.605 2025/10/10 20:59:04 leot Exp $ d28317 77 @ 1.605 log @pkg-vulnerabilities: add today CVEs + elasticsearch, ruby-rack, py-authlib, ruby-sinatra @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.604 2025/10/10 19:10:16 leot Exp $ d28313 4 @ 1.604 log @pkg-vulnerabilities: add old ffmpeg CVEs + ffmpeg @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.603 2025/10/10 17:56:29 leot Exp $ d28306 7 @ 1.603 log @pkg-vulnerabilities: add old CVEs for PKGBASEs starting with "e" + easy-rsa, editorconfig-core, elasticsearch, element-web, emacs, engrampa, erlang, erlang-jose, exiftags (unclear if reported upstream or not, probably not fixed), exim, exiv22, expat, eza @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.602 2025/10/10 17:11:24 leot Exp $ d28196 110 @ 1.602 log @pkg-vulnerabilities: add old CVEs for PKGBASEs starting with "d" + dante, dav1d, dbus, dmidecode, dnsdist, dnsmasq, drupal, zabbix-* (duktape in zabbix) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.601 2025/10/10 16:26:23 leot Exp $ d25996 8 a26003 4 emacs29<29.4 remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@@localhost/ emacs28-[0-9]* remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@@localhost/ emacs27-[0-9]* remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@@localhost/ emacs26-[0-9]* remote-user-access https://list.orgmode.org/87sex5gdqc.fsf@@localhost/ d28151 45 @ 1.601 log @pkg-vulnerabilities: add (remaining) old CVEs for PKGBASEs starting with "c" + cjose, clamav, clojure, commonmarker, consul, contao35, couchdb, cpp-httplib, cppcheck (not fixed), cryptopp (CVE-2022-48570, CVE-2023-50979, CVE-2023-50981, CVE-2024-28285 not fixed; CVE-2023-50980 fixed upstream but 8.9 affected), cups-base (CVE-2024-47850 unclear if/when mitigated, keep wildcard), curl, cyrus-imapd @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.600 2025/10/10 15:54:08 leot Exp $ d28114 33 @ 1.600 log @pkg-vulnerabilities: limit patterns for CVE-2025-8291 Several Python versions were released addressing that issue. Also add python314. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.599 2025/10/10 10:27:47 leot Exp $ d28077 37 @ 1.599 log @pkg-vulnerabilities: add (part of) old CVEs for PKGBASEs starting with "c" + c-ares, cJSON, cacti, calibre, catdoc (probably not fixed and unclear if reported upstream), cfengine, cflow (not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.598 2025/10/10 10:03:02 leot Exp $ d27773 4 a27776 4 python39-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python310-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python311-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 python312-[0-9]* invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-8291 d27778 1 @ 1.598 log @pkg-vulnerabilities: add old CVEs for PKGNAMEs starting with "b" + blosc2, botan @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.597 2025/10/09 17:31:44 leot Exp $ d28034 42 @ 1.597 log @pkg-vulnerabilities: add old bitcoin CVEs + bitcoin (CVE-2023-50428, CVE-2024-34149 not fixed, upstream divided by that but not disputed, CVE-2024-55563 not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.596 2025/10/09 17:22:15 leot Exp $ d28018 16 @ 1.596 log @pkg-vulnerabilities: add old binutils CVEs + binutils (CVE-2021-32256 not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.595 2025/10/09 17:00:30 leot Exp $ d28002 16 @ 1.595 log @pkg-vulnerabilities: add old bind CVEs + bind @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.594 2025/10/09 13:41:50 leot Exp $ d27973 29 @ 1.594 log @pkg-vulnerabilities: add old php-glpi vulnerabilities + php-glpi (CVE-2024-27756 likely unfixed, probably not reported upstream) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.593 2025/10/09 13:05:41 leot Exp $ d27958 15 @ 1.593 log @pkg-vulnerabilities: add old CVE entries for PKGNAME starting with a + apache-cassandra, apache-roller, apache-tomcat, apache24, ark, arti, asio, assimp (CVE-2024-46632, CVE-2024-48426, CVE-2025-2752, CVE-2025-2753, CVE-2025-2754, CVE-2025-2755, CVE-2025-2756, CVE-2025-3549 not fixed), asterisk, atril, augeas (fixed upstream, latest release 1.14.1 affected), authelia, avahi @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.592 2025/10/09 08:31:35 leot Exp $ d27891 67 @ 1.592 log @pkg-vulnerabilities: add python39 eol entry @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.591 2025/10/08 20:48:19 leot Exp $ d27791 100 @ 1.591 log @pkg-vulnerabilities: properly spell bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.590 2025/10/08 20:47:41 leot Exp $ d27790 1 @ 1.590 log @pkg-vulnerabilities: add afternoon CVEs + matrix-synapse, binutils @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.589 2025/10/08 16:56:54 leot Exp $ d27784 3 a27786 3 binutils<2.46 out-of-bonds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11412 binutils<2.46 out-of-bonds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11413 binutils<2.46 out-of-bonds-read https://nvd.nist.gov/vuln/detail/CVE-2025-11414 @ 1.589 log @pkg-vulnerabilities: add morning CVEs + binutils @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.588 2025/10/07 21:32:21 leot Exp $ d27787 3 @ 1.588 log @pkg-vulnerabilities: adjust last ruby-rack2 entry ruby-rack2 has 2 also as part of PKGNAME. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.587 2025/10/07 21:31:17 leot Exp $ d27784 3 @ 1.587 log @pkg-vulnerabilitie: switch to CVE IDs Easier to deduplicate. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.586 2025/10/07 21:25:17 leot Exp $ d27686 1 a27686 1 ruby{31,32,33,34}-rack<2.2.18 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-59830 @ 1.586 log @pkg-vulnerabilities: add last 12 hours CVEs + python (backported, latest stable releases still not available), ruby-rack @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.585 2025/10/06 20:34:35 leot Exp $ d25871 11 a25881 11 ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 ruby{27,30,31,32,33}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 ruby{27,30,31,32,33}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944 ruby{27,30,31}-actionpack71>=7.1<7.1.3.1 denial-of-service https://discuss.rubyonrails.org/t/possible-redos-vulnerability-in-accept-header-parsing-in-action-dispatch/84946 ruby{27,30,31,32,33}-actionpack70>=7.0<7.0.8.1 cross-site-scripting https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 ruby{27,30,31,32,33}-actionpack71>=7.1<7.1.3.2 cross-site-scripting https://discuss.rubyonrails.org/t/possible-xss-vulnerability-in-action-controller/84947 ruby{27,30,31,32,33}-activestorage61>=6.1<6.1.7.7 information-leak https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 ruby{27,30,31,32,33}-activestorage70>=7.0<7.0.8.1 information-leak https://discuss.rubyonrails.org/t/possible-sensitive-session-information-leak-in-active-storage/84945 ruby{27,30,31}-rack2>=2.0<2.2.8.1 denial-of-service https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942 ruby{27,30,31}-rack>=3.0<3.0.9.1 denial-of-service https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942 @ 1.585 log @pkg-vulnerabilities: add last 12 hours CVEs + openssh @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.584 2025/10/06 09:56:20 leot Exp $ d27773 11 @ 1.584 log @pkg-vulnerabilities: limit some old ffmpeg patterns All of them via (there are probably older wildcards that should be limited as well for older ffmpeg versions). @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.583 2025/10/06 09:52:13 leot Exp $ d27771 2 @ 1.583 log @pkg-vulnerabilities: add last 24 hours CVEs + ffmpeg @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.582 2025/10/05 17:57:20 leot Exp $ d24399 4 a24402 3 ffmpeg5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3965 ffmpeg4-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3964 ffmpeg3-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3109 d24404 1 a24404 1 ffmpeg5-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-2566 @ 1.582 log @pkg-vulnerabilities: add all old ap24-* CVEs + ap24-auth-openidc, ap24-modsecurity @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.581 2025/10/05 11:01:56 leot Exp $ d27742 28 @ 1.581 log @pkg-vulnerabilities: add last 2 days CVEs + assimp (issues reported upstream and initial triaged, not fixed yet), qemu (possible patches shared upstream via ML), qt6-qtsvg, redis, zabbix-frontend @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.580 2025/10/05 07:26:26 wiz Exp $ d27735 7 @ 1.580 log @doc: update py-pip pattern according to https://github.com/pypa/pip/issues/13607 this is fixed in Python >=3.9.17, >=3.10.12, >=3.11.4, or >=3.12 which are versions from 2023; restrict this to Python 2.7. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.579 2025/10/04 21:20:11 leot Exp $ d27722 13 @ 1.579 log @pkg-vulnerabilities: use CVE ID for last fetchmail entry Switch to use CVE ID so it is easier to deduplicate. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.578 2025/10/04 17:17:23 kikadf Exp $ d27670 1 a27670 1 py{27,39,310,311,312,313}-pip-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-8869 @ 1.578 log @ doc/pkg-vulnerabilities: restrict admesh patterns CVE-2018-25033: fixed in 0.98.5, https://github.com/admesh/admesh/issues/28 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.577 2025/10/04 14:42:39 kikadf Exp $ d27721 1 a27721 1 fetchmail<6.5.6 denial-of-service https://www.fetchmail.info/fetchmail-SA-2025-01.txt @ 1.577 log @ doc/pkg-vulnerabilities: restrict SDL_image patterns CVE-2017-2887: fixed locally @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.576 2025/10/04 14:17:39 kikadf Exp $ d23430 1 a23430 1 admesh-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-25033 @ 1.576 log @ doc/pkg-vulnerabilities: restrict SOPE and SOPE5 patterns CVE-2025-53603: fixed local @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.575 2025/10/04 06:32:51 wiz Exp $ d13474 1 a13474 1 SDL_image-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2887 @ 1.575 log @doc: add fetchmail vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.574 2025/10/03 17:08:02 leot Exp $ d27071 2 a27072 1 SOPE-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-53603 @ 1.574 log @pkg-vulnerabilities: add old wireshark CVEs + wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.573 2025/10/03 16:59:20 leot Exp $ d27720 1 @ 1.573 log @pkg-vulnerabilities: add old ansible* CVEs + ansible-core @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.572 2025/10/03 16:35:51 leot Exp $ d27703 17 @ 1.572 log @pkg-vulnerabilities: comment out CVE-2025-50817 It was disputed because it is how Python's import works. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.571 2025/10/03 16:21:12 leot Exp $ d27697 6 @ 1.571 log @pkg-vulnerabilities: add morning CVEs + matrix-synapse @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.570 2025/10/03 16:09:09 kikadf Exp $ d27401 2 a27402 1 py{27,39,310,311,312,313}-future-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-50817 @ 1.570 log @ doc/pkg-vulnerabilities: restrict TeXmacs patterns CVE-2010-3394: fixed in 1.0.7.13, https://github.com/texmacs/texmacs/commit/5d36381c065f6c919b0fb8e8a1e6780333ba657f @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.569 2025/10/02 14:26:29 nia Exp $ d27694 2 @ 1.569 log @CVE-2025-54874 fixed in openjpeg-2.5.4 per https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.568 2025/10/01 21:04:57 leot Exp $ d5159 1 a5159 1 TeXmacs-[0-9]* privilege-escalation https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394 @ 1.568 log @pkg-vulnerabilities: add today CVEs + poppler, podofo (unclear if fixed or not, no info/references from upstream), py-django @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.567 2025/10/01 20:24:53 leot Exp $ d27355 1 a27355 1 openjpeg-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-54874 @ 1.567 log @pkg-vulnerabilities: add remaining last weeks CVEs + ruby-rexml, ruby-rack, squid, tcpreplay, tor, zookeeper @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.566 2025/10/01 20:16:54 leot Exp $ d27689 5 @ 1.566 log @pkg-vulnerabilities: add (other part of) last weeks CVEs + openssl, podman (no useful details contained, unclear if fixed or not), py-authlib, py-pip (fixed upstream, no stable release with fix), py-jupyterlab, py-torch (CVE-2025-55551, CVE-2025-55552, CVE-2025-55554 not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.565 2025/10/01 19:56:01 leot Exp $ d27682 7 @ 1.565 log @pkg-vulnerabilities: add (other part of) last weeks CVEs + go, jenkins, libsoup (not fixed), libvips, libxslt (possible patch proposed, still not merged), mapserver, mupdf, openbabel (issues closed but seems not fixed, no ACK from upstream too), opengrok @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.564 2025/10/01 19:32:17 leot Exp $ d27663 19 @ 1.564 log @pkg-vulnerabilities: add (some) last weeks CVEs + asterisk, binutils, chromium, element-web, expat, ghostscript-{a,}gpl, glib-networking (both fixed upstream, no stable releases with fix) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.563 2025/10/01 19:14:26 leot Exp $ d27643 20 @ 1.563 log @pkg-vulnerabilities: add latest MFSAs + firefox*, thunderbird* (firefox140 does not exist yet but we should probably package it as being the latest ESR, so add that pattern too) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.562 2025/10/01 17:00:05 wiz Exp $ d27618 25 @ 1.562 log @doc: add django sql injection vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.561 2025/09/28 15:31:41 khorben Exp $ d27611 7 @ 1.561 log @doc: add got vulnerability, fixed in 0.118 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.560 2025/09/27 08:19:50 wiz Exp $ d27608 3 @ 1.560 log @doc: mark botan (2) as EOL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.559 2025/09/26 11:35:04 gdt Exp $ d27607 1 @ 1.559 log @pkg-vulnerabilities: Limit recent tiff CVEs to <4.7.1 The three CVEs have links to issues, and two of them link to commits. For each CVE, it appears that a commit with text indicating it addressed the CVE was merged to master before the v4.7.1 tag. Others who care about tiff are invited to review this change. Those who think CVEs are important are requested to ask the CVE authority to follow up and fix the CVE pages to indicate the fixed-in version. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.558 2025/09/26 10:38:10 wiz Exp $ d24963 1 a24963 1 botan2<2.19.3 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2022-43705 d27606 1 @ 1.558 log @doc: add tiff vulnerability, fixed in 4.7.1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.557 2025/09/25 07:30:15 wiz Exp $ d27361 1 a27361 1 tiff-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-8534 d27409 2 a27410 2 tiff-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-8961 tiff-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2025-9165 @ 1.557 log @doc: expat vulnerability fixes were 'improved', update pattern @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.556 2025/09/23 10:04:48 wiz Exp $ d27605 1 @ 1.556 log @doc: add one of the new webkit-gtk vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.555 2025/09/16 15:38:44 kim Exp $ d26150 1 a26150 1 expat<2.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-8176 @ 1.555 log @Update libxml2 vulnerability info https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025#libxml2-and-libxslt @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.554 2025/09/15 22:09:20 nia Exp $ d27604 1 @ 1.554 log @more precise git version info @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.553 2025/09/13 19:01:14 wiz Exp $ d26370 5 a26374 5 libxml2-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-49794 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49795 libxml2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-49796 libxml2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6021 libxml2-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6170 @ 1.553 log @doc: fix typo in pattern @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.552 2025/09/13 17:39:52 leot Exp $ d27075 16 a27090 2 git-base<2.50.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48384 git-base<2.50.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-48385 d27115 8 a27122 1 git-base<2.50.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-48386 @ 1.552 log @pkg-vulnerabilities: merge zabbix-server-* entries We can use {...} to spell them just one time. NFC. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.551 2025/09/13 17:38:25 leot Exp $ d27546 1 a27546 1 zabbix-sever-{mysql,postgresql}<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages @ 1.551 log @pkg-vulnerabilities: add old zabbix CVEs Add all (old) zabbix-* CVEs. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.550 2025/09/13 11:19:03 leot Exp $ d27539 2 a27540 4 zabbix-server-mysql>=7.0<7.0.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-27238 zabbix-server-postgresql>=7.0<7.0.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-27238 zabbix-server-mysql<6.0.34 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-27240 zabbix-server-postgresql<6.0.34 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-27240 d27546 1 a27546 2 zabbix-sever-mysql<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages zabbix-sever-postgresql<6.0 eol https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages @ 1.550 log @pkg-vulnerabilities: fix PKGNAME for zabbix The server also has the DB type as part of PKGNAME (this should be probably avoided given that it seems that despite the server used they will conflict!) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.549 2025/09/13 11:15:08 leot Exp $ d27550 36 @ 1.549 log @pkg-vulnerabilities: add zabbix EOL entries @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.548 2025/09/13 11:06:49 leot Exp $ d27539 4 a27542 2 zabbix>=7.0<7.0.14 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2025-27238 zabbix<6.0.34 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2025-27240 d27548 2 @ 1.548 log @pkg-vulnerabilities: add last 24 hours CVEs + curl, erlang, xenkernel (fixed upstream and patches available, no stable releases yet with fixes), zabbix @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.547 2025/09/12 07:48:23 wiz Exp $ d27541 5 @ 1.547 log @doc: add one of the new curl CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.546 2025/09/11 17:49:28 leot Exp $ d27525 16 @ 1.546 log @pkg-vulnerabilities: add cups-base CVEs Via oss-security@@ ML. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.545 2025/09/11 09:39:43 leot Exp $ d27524 1 @ 1.545 log @pkg-vulnerabilities: add last 24 hours CVEs + chromium, libxml2 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.544 2025/09/10 10:12:56 leot Exp $ d27522 2 @ 1.544 log @pkg-vulnerabilities: add last day CVEs + ffmpeg (no details regarding commits, probably also 8.0.0 is affected because there are no references in ), libssh, py-installer, py-octoprint, shibboleth-sp, typo3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.543 2025/09/09 15:48:36 leot Exp $ d27519 3 @ 1.543 log @pkg-vulnerabilities: add (remaining) last week CVEs + exiv2, glib2, glpi, kea, libsoup (not fixed), linenoise (not fixed, patch shared upstream), mongodb, p5-CGI-Simple, p5-Cpanel-JSON-XS, p5-JSON-XS, pcre2, phppgadmin, podman, py-deepdiff, py-django, py-xmltodict, sqlite3, tcpreplay, vault, wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.542 2025/09/09 15:04:14 leot Exp $ d27505 14 @ 1.542 log @pkg-vulnerabilities: add part of last week CVEs + ImageMagick, asterisk, cJSON, cacti, chromium @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.541 2025/09/07 19:28:15 leot Exp $ d27476 29 @ 1.541 log @pkg-vulnerabilities: add helm CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.540 2025/09/04 17:46:07 kikadf Exp $ d27456 20 @ 1.540 log @ doc/pkg-vulnerabilities: restrict R-RSQLite patterns CVE-2019-8457: fixed in SQLite-3.28.0, RSQLite-2.1.2 comes with the fixed SQLite https://github.com/r-dbi/RSQLite/releases/tag/v2.1.2 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.539 2025/09/01 15:27:04 kikadf Exp $ d27454 2 @ 1.539 log @ doc/pkg-vulnerabilities: restrict audacity patterns CVE-2020-11867: fixed in pkgsrc, 2.4.1nb28 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.538 2025/09/01 15:03:39 kikadf Exp $ d17420 1 a17420 1 R-RSQLite-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8457 @ 1.538 log @ doc/pkg-vulnerabilities: restrict GraphicsMagick patterns CVE-2017-15281: CVE in ImageMagick, no indication it affects GraphicsMagick CVE-2017-16352: fixed in 1.3.27, https://sourceforge.net/p/graphicsmagick/code/ci/7292230dd185409cdabd0bd61f691403d94776fe/ CVE-2017-16353: fixed in 1.3.27, https://sourceforge.net/p/graphicsmagick/code/ci/e4e1c2a581d897b6f5d1fd8c1d30e96d57b69793/ CVE-2017-16545: fixed in 1.3.27, https://sourceforge.net/p/graphicsmagick/bugs/519/ CVE-2017-16547: fixed in 1.3.27, https://sourceforge.net/p/graphicsmagick/bugs/517/ CVE-2017-16669: fixed in 1.3.27, https://sourceforge.net/p/graphicsmagick/bugs/450/ CVE-2017-17782: fixed in 1.3.28, https://sourceforge.net/p/graphicsmagick/bugs/530/ CVE-2017-17783: fixed in 1.3.28, https://sourceforge.net/p/graphicsmagick/bugs/529/ CVE-2025-32460: fixed in pkgsrc, 1.3.42nb14 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.537 2025/09/01 12:10:30 kikadf Exp $ d20371 1 a20371 1 audacity-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11867 @ 1.537 log @ doc/pkg-vulnerabilities: fix anubis pattern CVE-2025-54414: fixed in 1.21.3, typo in pattern @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.536 2025/09/01 12:09:03 kikadf Exp $ d13491 1 a13491 1 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15281 d13547 5 a13551 5 graphicsmagick-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-16352 graphicsmagick-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2017-16353 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16545 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16547 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-15930 d13835 1 a13835 1 graphicsmagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-16669 d14028 2 a14029 2 graphicsmagick-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17782 graphicsmagick-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-17783 d27401 2 a27402 2 GraphicsMagick<1.34 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-21679 GraphicsMagick-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-32460 @ 1.536 log @ doc/pkg-vulnerabilities: restrict LuaJIT2 patterns CVE-2020-15890: fixed in https://github.com/LuaJIT/LuaJIT/issues/601 CVE-2020-24372: fixed in https://github.com/LuaJIT/LuaJIT/issues/603 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.535 2025/08/31 09:48:07 leot Exp $ d27228 1 a27228 1 anubis-1.21.3 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-54414 @ 1.535 log @pkg-vulnerabilities: CVE-2020-36123 was rejected Comment it out. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.534 2025/08/31 09:47:15 leot Exp $ d19695 1 a19695 1 LuaJIT2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-15890 d19807 1 a19807 1 LuaJIT2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24372 @ 1.534 log @pkg-vulnerabilities: add reference for CVE-2020-36120 comment In that way we can easily reach them by avoiding "cvs annotate" or similar too. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.533 2025/08/31 09:46:21 leot Exp $ d23062 1 a23062 1 libsixel-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2020-36123 @ 1.533 log @pkg-vulnerabilities: comment out CVE-2020-36120 (non-issue) It was marked as user error per but not formally rejected as CVE. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.532 2025/08/31 09:44:21 leot Exp $ d20983 1 a20983 1 #libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36120 # user error @ 1.532 log @pkg-vulnerabilities: restrict libsixel patterns Most of them via while other based on CVE references and corresponding GitHub issues / PRs and Git commits. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.531 2025/08/30 17:55:40 kikadf Exp $ d20983 1 a20983 1 libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-36120 @ 1.531 log @ doc/pkg-vulnerabilities: fig2dev alarm fine-tuning CVE-2018-16140: fixed in 3.2.7b, https://sourceforge.net/p/mcj/tickets/28/ CVE-2019-14275: fixed in 3.2.7b, https://sourceforge.net/p/mcj/tickets/52/ CVE-2019-19555: fixed in 3.2.8, https://sourceforge.net/p/mcj/tickets/55/ CVE-2019-19746: fixed in 3.2.8, https://sourceforge.net/p/mcj/tickets/57/ CVE-2019-19797: fixed in 3.2.8, https://sourceforge.net/p/mcj/tickets/67/ CVE-2021-3561: fixed in 3.2.8b, https://sourceforge.net/p/mcj/tickets/116/ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.530 2025/08/28 12:06:18 kikadf Exp $ d19184 1 a19184 1 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-11721 d20204 1 a20204 1 libsixel-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-19668 d22716 1 a22716 1 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45340 d23112 5 a23116 5 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27938 libsixel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27046 libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27044 libsixel-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-41715 libsixel-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-40656 d23400 1 a23400 1 libsixel-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29977 d27361 1 a27361 1 libsixel-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-9300 @ 1.530 log @ doc/pkg-vulnerabilities: ktexteditor alarm fine-tuning CVE-2018-10361: fixed in 5.48.0, https://github.com/KDE/ktexteditor/commit/c81af5aa1d4f6e0f8c44b2e85ca007ba2a1e4590 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.529 2025/08/28 12:04:55 kikadf Exp $ d15824 1 a15824 1 fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-16140 d17727 1 a17727 1 fig2dev-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14275 d18488 1 a18488 1 fig2dev-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-19555 d18546 1 a18546 1 fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19746 d18563 1 a18563 1 fig2dev-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-19797 d21218 1 a21218 1 fig2dev-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3561 @ 1.529 log @ doc/pkg-vulnerabilities: yarn alarm fine-tuning CVE-2020-15168 is a node-fetch issue, https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.528 2025/08/28 12:03:51 kikadf Exp $ d14914 1 a14914 1 ktexteditor>=5.34.0 symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2018-10361 @ 1.528 log @ doc/pkg-vulnerabilities: spice-server alarm fine-tuning CVE-2020-23793: fixed in 0.13.90, https://bugzilla.redhat.com/show_bug.cgi?id=2234984 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.527 2025/08/28 12:02:05 kikadf Exp $ d19906 1 a19906 1 yarn-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15168 @ 1.527 log @ doc/pkg-vulnerabilities: libssh alarm fine-tuning CVE-2020-16135: fixed in 0.9.5, https://gitlab.com/libssh/libssh-mirror/-/tags/libssh-0.9.5 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.526 2025/08/28 12:00:49 kikadf Exp $ d25642 1 a25642 1 spice-server-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-23793 @ 1.526 log @ doc/pkg-vulnerabilities: libssh2 alarm fine-tuning CVE-2019-17498: fixed in 1.10.0, https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.525 2025/08/28 11:58:59 kikadf Exp $ d19744 1 a19744 1 libssh-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-16135 @ 1.525 log @ doc/pkg-vulnerabilities: lua5{1,2} alarm fine-tuning CVE-2021-43519: lua5{1,2} not affected The bug introduced in 5.4.1, https://www.lua.org/bugs.html#5.4.3-7 http://lua-users.org/lists/lua-l/2023-06/msg00059.html http://lua-users.org/lists/lua-l/2023-06/msg00063.html @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.524 2025/08/27 10:50:01 leot Exp $ d18262 1 a18262 1 libssh2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-17498 @ 1.524 log @pkg-vulnerabilities: add some old CVEs + abseil, adodb, amavisd-new, ampache, anope @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.523 2025/08/26 15:26:01 leot Exp $ d22374 2 a22375 2 lua51-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 lua52-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 @ 1.523 log @pkg-vulnerabilities: add yesterday and today CVEs + apache-cassandra, jq (commented out because affects only the test suite, not fixed / no reply from upstream), lrzip (probably not fixed and no reply from upstream), podofo (fixed upstream, no stable release with the fix), py-h2, tcpreplay, vim, vim-share @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.522 2025/08/24 17:06:08 kikadf Exp $ d27438 16 @ 1.522 log @ doc/pkg-vulnerabilities: unzip, fixed CVEs CVE-2018-1000035, CVE-2019-13232 and CVE-2021-4217 fixed locally in unzip-6.0nb11 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.521 2025/08/24 08:16:53 leot Exp $ d27428 10 @ 1.521 log @pkg-vulnerabilities: add (old) {Graphics,Image}Magick CVEs + GraphicsMagick (CVE-2025-32460 fixed upstream but latest stable release not fixed), ImageMagick @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.520 2025/08/24 07:57:46 leot Exp $ d14319 1 a14319 1 unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-1000035 d17594 1 a17594 1 unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-13232 d24710 1 a24710 1 unzip-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-4217 @ 1.520 log @pkg-vulnerabilities: add old 7-zip CVEs + 7-zip (CVE-2022-47111 and CVE-2022-47112 unclear if/when fixed, CVE description says that later versions are not affected, leave the wildcard) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.519 2025/08/23 18:19:22 leot Exp $ d27401 27 @ 1.519 log @pkg-vulnerabilities: add today CVEs + ufoai @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.518 2025/08/23 13:15:38 kikadf Exp $ d27393 8 @ 1.518 log @ doc/pkg-vulnerabilities: djvulibre-lib alarm fine-tuning CVE-2019-15142: fixed in 3.5.28, https://sourceforge.net/p/djvu/djvulibre-git/ci/970fb11a296b5bbdc5e8425851253d2c5913c45e/ CVE-2019-15143: fixed in 3.5.28, https://sourceforge.net/p/djvu/djvulibre-git/ci/b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f/ CVE-2019-15144: fixed in 3.5.28, https://sourceforge.net/p/djvu/djvulibre-git/ci/e15d51510048927f172f1bf1f27ede65907d940d/ CVE-2019-15145: fixed in 3.5.28, https://sourceforge.net/p/djvu/djvulibre-git/ci/9658b01431cd7ff6344d7787f855179e73fe81a7/ CVE-2019-18804: fixed in 3.5.28, https://sourceforge.net/p/djvu/djvulibre-git/ci/c8bec6549c10ffaa2f2fbad8bbc629efdf0dd125/ CVE-2021-3500, CVE-2021-32490, CVE-2021-32491, CVE-2021-32492 and CVE-2021-32493: fixed in 3.5.29, https://sourceforge.net/p/djvu/djvulibre-git/ci/cd8b5c97b27a5c1dc83046498b6ca49ad20aa9b6/ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.517 2025/08/22 10:35:49 leot Exp $ d27392 1 @ 1.517 log @pkg-vulnerabilities: xenkernel415 is EOL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.516 2025/08/22 10:30:52 leot Exp $ d17930 4 a17933 4 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15142 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15143 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15144 djvulibre-lib-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-15145 d18343 1 a18343 1 djvulibre-lib-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-18804 d21338 5 a21342 5 djvulibre-lib-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-32490 djvulibre-lib-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32491 djvulibre-lib-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-32492 djvulibre-lib-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-32493 djvulibre-lib-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3500 @ 1.516 log @pkg-vulnerabilities: add (remaing part of) last days CVEs + postgresql-server, proftpd py-future (not fixed), py-pdf, retroarch, ruby-rails, tcpreplay, tiff (CVE-2025-8961 not fixed yet, CVE-2025-9165 fixed but no stable release with patch), yarn (not fixed yet, possible patch proposed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.515 2025/08/22 10:18:03 wiz Exp $ d27391 1 @ 1.515 log @doc: update cmake pattern @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.514 2025/08/22 09:49:55 leot Exp $ d27364 27 @ 1.514 log @pkg-vulnerabilities: add (part of) last days CVEs + chromium, cmake (fixed upstream, no stable release with the fix), intellij-ce-bin, jetty, libsixel (fixed upstream, no stable release with the fix), libsndfile (reported, no replies from upstream, probably not fixed), libssh @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.513 2025/08/22 09:37:46 leot Exp $ d27355 1 a27355 1 cmake-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-9301 @ 1.513 log @pkg-vulnerabilities: add last MFSA @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.512 2025/08/22 09:19:44 kikadf Exp $ d27354 10 @ 1.512 log @ doc/pkg-vulnerabilities: nasm alarm fine-tuning CVE-2018-1000886: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392514 CVE-2018-20535: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392530 CVE-2018-20538: fixed in 2.16, https://github.com/netwide-assembler/nasm/commit/f95c7e983c00d6b9f46fde7c702c0e5351b7dffa CVE-2019-7147: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392544 CVE-2019-20352: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392636 CVE-2020-24241: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392707 CVE-2020-24242: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392708 CVE-2022-46457: fixed in 2.16, https://github.com/netwide-assembler/nasm/commit/c8af73112027fad0ecbb277e9cba257678c405af CVE-2020-21687: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392645 CVE-2020-21685: fixed in 2.15.04, https://bugzilla.nasm.us/show_bug.cgi?id=3392644 CVE-2020-21528: fixed in 2.16, https://github.com/netwide-assembler/nasm/commit/93c774d482694643cafbc82578ac8b729fb5bc8b CVE-2020-18780: fixed in 2.15.04, https://github.com/netwide-assembler/nasm/commit/7c88289e222dc5ef9f53f9e86ecaab1924744b88 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.511 2025/08/22 09:07:13 kikadf Exp $ d27349 5 @ 1.511 log @ doc/pkg-vulnerabilities: libwpd alarm fine-tuning CVE-2017-14226: fixed in 0.10.2, https://sourceforge.net/p/libwpd/code/ci/f40827b3eae260ce657c67d9fecc855b09dea3c3/ https://sourceforge.net/p/libwpd/code/ci/0329a9c57f9b3b0efa0f09a5235dfd90236803a5/ CVE-2018-19208: fixed in 0.10.3, https://sourceforge.net/p/libwpd/code/ci/33e6bfdc1e7c3f0c5fa07863618cb8403aceabab/ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.510 2025/08/22 09:04:48 kikadf Exp $ d16453 1 a16453 1 nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-1000886 d16505 2 a16506 2 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20535 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20538 d16664 1 a16664 1 nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-7147 d18797 1 a18797 1 nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-20352 d19851 2 a19852 2 nasm-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2020-24241 nasm-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-24242 d24063 1 a24063 1 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46457 d25451 1 a25451 1 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21687 d25453 3 a25455 3 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21685 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21528 nasm-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18780 @ 1.510 log @ oc/pkg-vulnerabilities: qt5-qtbase alarm fine-tuning CVE-2018-19872: fixed in 5.11.2, https://github.com/qt/qtbase/commit/8c4207dddf9b2af0767de2ef0a10652612d462a5 CVE-2015-9541: fixed in 5.15.0, https://github.com/qt/qtbase/commit/fd4be84d23a0db4186cb42e736a9de3af722c7f7 CVE-2021-38593: fixed in 5.15.6, https://wiki.qt.io/Qt_5.15_Release#Known_Issues CVE-2021-3481: fixed in 5.14.4, https://bugreports.qt.io/browse/QTBUG-91507 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.509 2025/08/22 09:02:23 kikadf Exp $ d13139 1 a13139 1 libwpd-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-14226 d16157 1 a16157 1 libwpd-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-19208 @ 1.509 log @ doc/pkg-vulnerabilities: qt5-qtwebsockets alarm fine-tuning CVE-2018-21035: fixed in 5.15.0, https://github.com/qt/qtwebsockets/commit/ed93680f34e92ad0383aa4e610bb65689118ca93 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.508 2025/08/22 09:01:13 kikadf Exp $ d17047 1 a17047 1 qt5-qtbase-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-19872 d18881 1 a18881 1 qt5-qtbase-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2015-9541 d21716 1 a21716 1 qt5-qtbase-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-38593 d24758 1 a24758 1 qt5-qtbase-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-3481 @ 1.508 log @ doc/pkg-vulnerabilities: qt5-qtsvg alarm fine-tuning CVE-2021-45930: fixed in 5.12.12, https://github.com/qt/qtsvg/commit/a3b753c2d077313fc9eb93af547051b956e383fc @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.507 2025/08/22 08:59:49 kikadf Exp $ d19047 1 a19047 1 qt5-qtwebsockets-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-21035 @ 1.507 log @ doc/pkg-vulnerabilities: aspell alarm fine-tuning CVE-2019-25051: fixed in 0.60.8.1, https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.506 2025/08/22 08:57:57 kikadf Exp $ d22540 1 a22540 1 qt5-qtsvg-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2021-45930 @ 1.506 log @ doc/pkg-vulnerabilities: gdb alarm fine-tuning CVE-2017-9778: fixed in 8.3, https://github.com/bminor/binutils-gdb/commit/723adb650a31859d7cc45832cb8adca0206455ed CVE-2019-1010180: fixed in 9.1, https://github.com/bminor/binutils-gdb/commit/950b74950f6020eda38647f22e9077ac7f68ca49 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.505 2025/08/16 15:58:53 osa Exp $ d21584 1 a21584 1 aspell-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-25051 @ 1.505 log @doc: extend nginx vulnerability to www/nginx @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.504 2025/08/16 15:16:04 leot Exp $ d12468 1 a12468 1 gdb-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9778 d17781 1 a17781 1 gdb-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-1010180 @ 1.504 log @pkg-vulnerabilities: CVE-2021-27186 was fixed in fluent-bit-1.7.0 Via . @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.503 2025/08/15 21:49:39 osa Exp $ d27348 1 @ 1.503 log @doc: add nginx vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.502 2025/08/15 14:03:47 wiz Exp $ d20630 1 a20630 1 fluent-bit-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2021-27186 @ 1.502 log @doc: comment out disputed py-JWT vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.501 2025/08/15 10:00:09 leot Exp $ d27347 1 @ 1.501 log @pkg-vulnerabilities: limit last aide entries Add upper limits, via oss-security@@ advisories. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.500 2025/08/14 21:04:12 wiz Exp $ d27254 2 a27255 1 py{27,39,310,311,312,313}-JWT-[0-9]* weak-encryption https://nvd.nist.gov/vuln/detail/CVE-2025-45768 @ 1.500 log @doc: add two aide vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.499 2025/08/14 13:16:32 leot Exp $ d27344 2 a27345 2 aide-[0-9]* improper-output-neutralization https://nvd.nist.gov/vuln/detail/CVE-2025-54389 aide>=0.13 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-54409 @ 1.499 log @pkg-vulnerabilities: add (last part of) last days CVEs + jasper, libxml2 (not fixed / not easily reproducible, discussion in progress on upstream issue ), nasm (reported upstream, no responses at the moment), openjpeg (CVE-2025-54874 fixed upstream but no stable release with the fix at the moment), p5-Catalyst-Authentication-Credential-HTTP (fixed upstream, will be available in the next version not yet released), php-adodb, php-concrete-cms, poco (discussion in progress, possibly disputed, keep the wildcard for the moment), tiff (CVE-2025-8534 fixed upstream but no release with fix at the moment), u-boot (no information from upstream, unclear if reported), uv, vault @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.498 2025/08/14 12:57:51 leot Exp $ d27344 2 @ 1.498 log @pkg-vulnerabilities: add (part of) last days CVEs + ImageMagick, apache-tomcat, bison (both issue filled on GitHub, not fixed), cflow (currently lists.gnu.org is unavailable, keep the wildcard), chromium, go (for CVE-2024-8244 no further info are present, likely unfixed), gst-plugins1-{base,good}, h2o (fixed upstream, latest stable release affected), varnish @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.497 2025/08/14 12:32:17 leot Exp $ d27323 21 @ 1.497 log @pkg-vulnerabilities: use CVE for latest vim entries Now that CVEs are available and reference the corresponding GHSA use them so it is easier to deduplicate them. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.496 2025/08/14 11:57:09 kikadf Exp $ d27281 42 @ 1.496 log @ doc/pkg-vulnerabilities: poppler alarm fine-tuning CVE-2017-9083: pkgsrc's poppler isn't affected as uses external openjpeg https://gitweb.gentoo.org/repo/gentoo.git/tree/app-text/poppler/files/poppler-0.57.0-disable-internal-jpx.patch @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.495 2025/08/14 10:16:01 wiz Exp $ d27279 2 a27280 2 vim>=9.1.1231<9.1.1400 use-after-free https://github.com/vim/vim/security/advisories/GHSA-3r4f-mm4w-wgg6 vim>=9.1.1231<9.1.1406 double-free https://github.com/vim/vim/security/advisories/GHSA-5fg8-wvx3-583x @ 1.495 log @doc: add upper bounds for tiff and cairo @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.494 2025/08/14 09:33:51 kikadf Exp $ d12324 1 a12324 1 poppler-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-9083 @ 1.494 log @ doc/pkg-vulnerabilities: binutils alarm fine-tuning CVE-2018-9996: fixed in 2.32, affected codes removed, https://github.com/bminor/binutils-gdb/commit/1910070b298052d7ca8e4024891465824588c1e9 CVE-2018-12934: fixed in 2.32, https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101 CVE-2018-20657: fixed in 2.32, affected codes removed, https://github.com/bminor/binutils-gdb/commit/1910070b298052d7ca8e4024891465824588c1e9 CVE-2018-20673: fixed in 2.32, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88783 CVE-2018-20712: fixed in 2.35, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629 CVE-2019-9070: fixed in 2.35, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395 CVE-2019-9071: fixed in 2.35, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394 CVE-2019-9072: invalid, https://sourceware.org/bugzilla/show_bug.cgi?id=24232 CVE-2019-9073: fixed in 2.33, https://sourceware.org/bugzilla/show_bug.cgi?id=24233 CVE-2019-9074: fixed in 2.33, https://sourceware.org/bugzilla/show_bug.cgi?id=24235 CVE-2019-9075: fixed in 2.33, https://sourceware.org/bugzilla/show_bug.cgi?id=24236 CVE-2019-9076: fixed in 2.33, https://sourceware.org/bugzilla/show_bug.cgi?id=24238 CVE-2019-9077: fixed in 2.33, https://sourceware.org/bugzilla/show_bug.cgi?id=24243 CVE-2019-12972: fixed in 2.33, https://sourceware.org/bugzilla/show_bug.cgi?id=24689 CVE-2019-14250: fixed in 2.33, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924 CVE-2021-20197: fixed in 2.37, https://sourceware.org/bugzilla/show_bug.cgi?id=26945 CVE-2021-20284: fixed in 2.36, https://sourceware.org/bugzilla/show_bug.cgi?id=26931 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.493 2025/08/14 08:48:47 kikadf Exp $ d27259 3 a27261 3 tiff-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-13978 tiff-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-8176 tiff-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-8177 d27275 1 a27275 1 cairo-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-50422 @ 1.493 log @ doc/pkg-vulnerabilities: libsndfile alarm fine-tuning CVE-2018-13419: invalid, https://github.com/libsndfile/libsndfile/issues/398 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.492 2025/08/14 08:26:57 kikadf Exp $ d14793 1 a14793 1 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-9996 d15262 1 a15262 1 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-12934 d16527 1 a16527 1 binutils-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-20657 d16564 1 a16564 1 binutils-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2018-20673 d16586 1 a16586 1 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20712 d16859 8 a16866 8 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9070 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9071 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9072 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9073 binutils-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-9074 binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9075 binutils-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9076 binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9077 d17511 1 a17511 1 binutils-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-12972 d17716 1 a17716 1 binutils-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-14250 d20824 2 a20825 2 binutils-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2021-20197 binutils-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-20284 @ 1.492 log @ doc/pkg-vulnerabilities: avidemux alarm fine-tuning Fixed in 2.6.8 release, https://vuxml.freebsd.org/freebsd/022255be-0895-11e5-a242-5404a68ad561.html @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.491 2025/08/14 08:19:50 kikadf Exp $ d15366 1 a15366 1 libsndfile-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-13419 @ 1.491 log @ doc/pkg-vulnerabilities: cryptopp alarm fine-tuning CVE-2015-2141: Fixed in 5.6.3, https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff CVE-2016-7420: Fixed in 5.6.5, https://github.com/weidai11/cryptopp/issues/277 CVE-2016-9939: Fixed in 6.0.0, https://github.com/weidai11/cryptopp/issues/346 CVE-2019-14318: Fixed in 8.3.0, https://github.com/weidai11/cryptopp/issues/869 CVE-2021-40530: Fixed in 8.6.0, https://github.com/weidai11/cryptopp/issues/1059 CVE-2021-43398: not valid, https://github.com/weidai11/cryptopp/issues/1080 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.490 2025/08/12 17:41:33 morr Exp $ d9037 1 a9037 1 avidemux-[0-9]* multiple-vulnerabilities http://advisories.mageia.org/MGASA-2015-0233.html @ 1.490 log @Add new vulns for vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.489 2025/08/11 13:34:44 kikadf Exp $ d9114 1 a9114 1 cryptopp-[0-9]* sensitive-information-exposure http://www.mail-archive.com/cryptopp-users@@googlegroups.com/msg07835.html d10535 1 a10535 1 cryptopp-[0-9]* sensitive-information-disclosure https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7420 d11105 1 a11105 1 cryptopp-[0-9]* denial-of-service https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9939 d17748 1 a17748 1 cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2019-14318 d21999 1 a21999 1 cryptopp-[0-9]* weak-cryptography https://nvd.nist.gov/vuln/detail/CVE-2021-40530 d22318 1 a22318 1 cryptopp-[0-9]* side-channel https://nvd.nist.gov/vuln/detail/CVE-2021-43398 @ 1.489 log @ doc/pkg-vulnerabilities: KeePass fix vuln CVE-2022-0725: fixed in 2.54 release, https://keepass.info/help/kb/sec_issues.html#fdslog @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.488 2025/08/10 03:35:46 wiz Exp $ d27279 2 @ 1.488 log @doc: add 7-zip CVE @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.487 2025/08/09 07:11:09 leot Exp $ d23055 1 a23055 1 keepass-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-0725 @ 1.487 log @pkg-vulnerabilities: add last days CVEs + poppler-utils (fixed upstream but no stable release with fix), cairo (CVE says poppler but this is , fixed upstream no stable releases with patch), mupdf SOGo (no further details, unclear if reported upstream) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.486 2025/08/04 13:22:03 kikadf Exp $ d27278 1 @ 1.486 log @ doc/pkg-vulnerabilities: ImageMagick6 alarm fine-tuning CVE-2017-9499: ImageMagick6 is not affected, problematic code released in ImageMagick7, https://github.com/ImageMagick/ImageMagick/blame/7fd419441bc7103398e313558171d342c6315f44/coders/mpc.c#L564 CVE-2017-10928: Fixed in 6.9.10-6, https://github.com/ImageMagick/ImageMagick/issues/1089 CVE-2017-1116: Fixed in 6.9.8-5, https://github.com/ImageMagick/ImageMagick/issues/471 CVE-2017-11141: Fixed in 6.9.8-5, https://github.com/ImageMagick/ImageMagick/issues/469 CVE-2017-10995: Fixed in 6.9.9-1, https://github.com/ImageMagick/ImageMagick/issues/538 CVE-2017-11188: Fixed in 6.9.8-10, https://github.com/ImageMagick/ImageMagick/issues/509 CVE-2017-11170: Fixed in 6.9.8-5, https://github.com/ImageMagick/ImageMagick/issues/472 CVE-2017-11478: Fixed in 6.9.9-0, https://github.com/ImageMagick/ImageMagick/issues/528 CVE-2017-14739: Fixed in 6.9.9-17, https://github.com/ImageMagick/ImageMagick/issues/780 CVE-2017-17914: Fixed in 6.9.9-28, https://github.com/ImageMagick/ImageMagick/issues/908 CVE-2017-17934: Fixed in 6.9.9-29, https://github.com/ImageMagick/ImageMagick/issues/920 CVE-2018-5357: Fixed in 6.9.9-34, https://github.com/ImageMagick/ImageMagick/issues/941 CVE-2018-5358: Fixed in 6.9.9-34, https://github.com/ImageMagick/ImageMagick/issues/939 CVE-2018-10804: Fixed in 6.9.9-40, https://github.com/ImageMagick/ImageMagick/issues/1053 CVE-2018-10805: Fixed in 6.9.9-40, https://github.com/ImageMagick/ImageMagick/issues/1054 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.485 2025/08/03 10:45:22 wiz Exp $ d27274 4 @ 1.485 log @doc: add p5-Crypt-CBC vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.484 2025/08/03 10:05:54 leot Exp $ d12319 1 a12319 1 ImageMagick6-[0-9]* denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9499 d12543 1 a12543 1 ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10928 d12545 1 a12545 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11166 d12547 1 a12547 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11141 d12549 1 a12549 1 ImageMagick6-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-10995 d12551 1 a12551 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11188 d12553 1 a12553 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11170 d12594 1 a12594 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-11478 d13306 1 a13306 1 ImageMagick6-[0-9]* null-dereference https://nvd.nist.gov/vuln/detail/CVE-2017-14739 d13857 1 a13857 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-17914 d13859 1 a13859 1 ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2017-17934 d14114 1 a14114 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5357 d14116 1 a14116 1 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-5358 d15020 1 a15020 1 ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10804 d15022 1 a15022 1 ImageMagick6-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-10805 @ 1.484 log @pkg-vulnerabilities: add Saturday evening CVEs + iperf3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.483 2025/08/02 16:10:18 leot Exp $ d27273 1 @ 1.483 log @pkg-vulnerabilities: add last days CVEs + anubis, asterisk, binutils, glpi, go, libsoup (no further/upstream details, let the wildcard to be on the safe side), libssh (CVE-2025-8114 unclear if fixed or not, no upstream info), openexr, php-piwigo, py-JWT (no information from upstream), qemu (patch proposed, last 10.0.3 release affected), sqlite3, squid tiff (fixed upstream, no stable release with fix), vault, yarn (patch proposed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.482 2025/08/01 09:11:47 nia Exp $ d27270 3 @ 1.482 log @pkg-vulnerabilities: Mark CVE-2025-7345 locally fixed. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.481 2025/08/01 08:16:55 jperkin Exp $ d27228 42 @ 1.481 log @doc: Comment out CVE-2013-4441 vulnerability. The whole point of this mode of pwgen is to generate somewhat memorable passwords. It's not a vulnerability, it's a feature. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.480 2025/07/30 19:36:13 mrg Exp $ d27100 1 a27100 1 gdk-pixbuf2-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-7345 @ 1.480 log @adjust the location of ircii and bozohttpd to match the current world for some fairly old entries (2003 and 2010.) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.479 2025/07/29 18:46:07 kikadf Exp $ d18878 2 a18879 1 pwgen-[0-9]* weak-password-generator https://nvd.nist.gov/vuln/detail/CVE-2013-4441 @ 1.479 log @ doc/pkg-vulnerabilities: CVE-2021-34825 was fixed in quassel-0.14.0 [1] https://github.com/quassel/quassel/commit/0674fae039bbc79bfe3f7e42b12ec9015b9b879b [2] https://github.com/quassel/quassel/blob/e27561af02441e2199533f9085f24c33150b2efa/ChangeLog#L31 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.478 2025/07/28 20:06:32 wiz Exp $ d335 1 a335 1 ircII<20030313 remote-code-execution http://eterna.com.au/ircii/ d4883 1 a4883 1 bozohttpd<20100920 remote-file-view http://eterna.com.au/bozohttpd/ @ 1.478 log @doc: add new python (tarfile module) vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.477 2025/07/24 08:27:31 leot Exp $ d21493 1 a21493 1 quassel-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-34825 @ 1.477 log @pkg-vulnerabilities: add recent MFSA + firefox, thunderbird (ESR and non) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.476 2025/07/24 08:22:08 leot Exp $ d27222 5 @ 1.476 log @pkg-vulnerabilities: add Tuesday, Wednesday CVEs + libssh, viewvc, chromium, php-xdebug (maybe works as intended, i.e. exposing a debugger leads to being able to inject code/command and documentation seems to indicate that... unclear if reported upstream or authentication was added and enabled by default), apache, py-mezzanine, redis (unclear if fixed or not or if reported upstream, release changelog of last versions do not mention this CVE, assume not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.475 2025/07/22 09:47:18 leot Exp $ d27213 9 @ 1.475 log @pkg-vulnerabilities: add Monday CVEs + powerdns-recursor, py-starlette @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.474 2025/07/21 08:15:28 leot Exp $ d27205 8 @ 1.474 log @pkg-vulnerabilities: add Sunday evening CVEs + mbedtls @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.473 2025/07/20 09:04:44 leot Exp $ d27203 2 @ 1.473 log @pkg-vulnerabilities: add daily morning CVEs + ruby-thor @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.472 2025/07/20 07:43:58 leot Exp $ d27200 3 @ 1.472 log @pkg-vulnerabilities: add recent CVEs + 7-zip, gpac (fixed upstream, latest stable 2.4 affected), grafana, nodejs, opencv, p5-Catalyst-Plugin-Session, qbittorrent, wolfssl, xenkernel{415,418} (patch available, no stable release with patch) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.471 2025/07/18 18:45:22 wiz Exp $ d27199 1 @ 1.471 log @doc: add one of two new 7-zip vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.470 2025/07/17 09:38:19 leot Exp $ d27185 14 @ 1.470 log @pkg-vulnerabilities: Add recent CVEs + bind, chromium, mysql-client, mysql-cluster, mysql-server, openjdk{11,17,21}, sqlite3, unbound, vim, xenkernel{415,418} (fixed via XSA-470 patch, no stable releases with patch) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.469 2025/07/16 21:44:36 wiz Exp $ d27184 1 @ 1.469 log @doc: add two perl module vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.468 2025/07/15 09:44:19 leot Exp $ d27167 17 @ 1.468 log @pkg-vulnerabilities: Add recent CVEs + ImageMagick{6,}, php, php-pgsql, php-soap, polkit (fixed upstream, latest stable release 126 not fixed), py-aiohttp, roundup @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.467 2025/07/14 13:06:47 leot Exp $ d27165 2 @ 1.467 log @pkg-vulnerabilities: Extend CVE-2025-5283 for libvpx Noticed via pkgsrc-changes@@. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.466 2025/07/13 15:42:49 taca Exp $ d27141 24 @ 1.466 log @doc/pkg-vulnerabilities: update entries for CVE-2025-24294 * Drop ruby31-base since it was removed and it dose not exist in HEAD and pkgsrc-2025Q2 branch. * Update ruby32-base, ruby33 and ruby34 entries with latest pacakge version. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.465 2025/07/13 10:04:57 leot Exp $ d27140 1 @ 1.465 log @pkg-vulnerabilities: Add ruby resolv gem vulnerability Fixed upstream but latest stable release of Ruby affected. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.464 2025/07/13 06:33:22 kim Exp $ d27137 3 a27139 4 ruby31-base-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 ruby32-base-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 ruby33-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 ruby34-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-24294 @ 1.464 log @CVE-2025-49809: not relevant on pkgsrc We install mtr-packet setuid root (as opposed to providing sudo rules like Homebrew). Ref: https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.463 2025/07/12 18:10:01 leot Exp $ d27137 4 @ 1.463 log @pkg-vulnerabilities: add recent CVEs + guacamole-server, hdf5 (reported and triaged upstream, no fixes), liboqs, libsoup (not fixed, being analyzed upstream), libssh, LuaJIT2, mbedtls, mediawiki, mongodb, mtr, pandoc, plan9port, qt6-qtbase, redis @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.462 2025/07/12 17:43:40 leot Exp $ d27130 1 a27130 1 mtr<0.96 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-49809 @ 1.462 log @pkg-vulnerabilities: add recent CVEs + ap-modsecurity, apache, chromium, cpp-httplib, djvulibre, dpkg, gdk-pixbuf2 (fixed upstream, no stable release with fix), git-base, gnutls, gstreamer, gtar (unclear if reported and fixed upstream) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.461 2025/07/12 09:15:54 wiz Exp $ d27106 31 @ 1.461 log @doc: separate out two of the libxslt vulnerabilities those got their own CVEs now @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.460 2025/07/12 09:11:05 wiz Exp $ d27087 19 @ 1.460 log @doc: add poppler vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.459 2025/07/11 07:20:23 wiz Exp $ d26374 2 @ 1.459 log @doc: add apache and tomcat vulnerabilties @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.458 2025/07/09 13:21:40 wiz Exp $ d27084 1 @ 1.458 log @doc: add one of the new gnutls vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.457 2025/07/08 20:17:43 wiz Exp $ d27075 9 @ 1.457 log @doc: add new git vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.456 2025/07/06 05:17:11 wiz Exp $ d27074 1 @ 1.456 log @doc: add py-Pillow vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.455 2025/07/05 09:51:53 wiz Exp $ d27070 4 @ 1.455 log @doc: add SOPE vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.454 2025/07/04 01:45:53 taca Exp $ d27069 1 @ 1.454 log @doc/pkg-vulnerabilities: add several PHP securities Add CVE-2025-1220, CVE-2025-1735 and CVE-2025-6491 entries for PHP. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.453 2025/07/03 04:52:22 kim Exp $ d27068 1 @ 1.453 log @pkg-vulnerabilities: Add xz vulnerability CVE-2025-31115 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.452 2025/07/01 17:34:35 leot Exp $ d27056 12 @ 1.452 log @pkg-vulnerabilities: Add recent CVEs + hdf5 (not fixed, all reported by uptsream and triaged though) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.451 2025/07/01 05:13:18 kim Exp $ d27055 1 @ 1.451 log @Add recent sudo vulnerabilities: CVE-2025-32462 and CVE-2025-32463 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.450 2025/06/29 09:16:45 leot Exp $ d27052 3 @ 1.450 log @pkg-vulnerabilities: Add recent CVEs + hdf5 (all of them not fixed yet, but they were reported upstream) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.449 2025/06/27 14:29:18 leot Exp $ d27050 2 @ 1.449 log @pkg-vulnerabilities: Add recent CVEs + libssh, podman, moodle, chromium, vault, ruby-webrick, mongodb, cpp-httplib, py-matplotlib, git-annex, hdf5 (not fixed yet, reported and triaged upstream) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.448 2025/06/27 14:15:40 leot Exp $ d27046 4 a27049 1 hdf5-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6750 @ 1.448 log @pkg-vulnerabilities: Add recent MFSA @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.447 2025/06/23 21:20:19 leot Exp $ d27031 16 @ 1.447 log @pkg-vulnerabilities: G/C sslh duplicate entry CVE-2025-46807 entry was already present. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.446 2025/06/23 21:18:56 leot Exp $ d27028 3 @ 1.446 log @pkg-vulnerabilities: Add recent CVEs + ruby-nokogiri (not fixed, ACKed by upstream), tidy (not fixed and no feedbacks in upstream issues), sslh, hdf5 (not fixed) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.445 2025/06/22 19:46:16 leot Exp $ a26367 1 sslh<2.2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46807 @ 1.445 log @pkg-vulnerabilities: add nextcloud* CVEs Add old and new php-nextcloud and nextcloud-client vulnerabilities. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.444 2025/06/22 16:52:33 leot Exp $ d27022 7 @ 1.444 log @pkg-vulnerabilities: add gpac vulnerabilities Add old gpac vulnerabilities. CVE-2024-24265, CVE-2024-24266 and CVE-2024-24267 are probably not fixed and unclear if reported upstream or not. CVE-2024-6061, CVE-2024-6062, CVE-2024-6064, CVE-2024-6063, CVE-2024-50664, CVE-2024-50665 and CVE-2025-25723 are fixed upstream but no stable release contains fixes. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.443 2025/06/22 14:58:30 leot Exp $ d26954 68 @ 1.443 log @pkg-vulnerabilities: add 2015 CVEs + php-composer, miniupnp{c,d}, bitcoin @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.442 2025/06/22 13:58:04 leot Exp $ d26884 70 @ 1.442 log @pkg-vulnerabilities: add gtkwave old CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.441 2025/06/22 12:28:31 leot Exp $ d26880 4 @ 1.441 log @pkg-vulnerabilities: Add 2025 moodle CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.440 2025/06/22 12:17:25 leot Exp $ d26798 82 @ 1.440 log @pkg-vulnerabilities: Add old Moodle CVEs Add old pre-2025 Moodle CVEs. All the wildcard present do not contain further information from upstream and are likely not fixed. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.439 2025/06/22 11:16:40 kim Exp $ d26772 26 @ 1.439 log @CVE-2025-6141: Add fix ncurses version info @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.438 2025/06/22 09:19:06 leot Exp $ d26704 68 @ 1.438 log @pkg-vulnerabilities: add typo3 vulnerabilities Add typo3 old and new CVEs. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.437 2025/06/22 06:35:11 kim Exp $ d26401 1 a26401 1 ncurses-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-6141 @ 1.437 log @CVE-2025-50181: Fix typo in URL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.436 2025/06/22 06:19:27 kim Exp $ d26673 31 @ 1.436 log @CVE-2025-49014: Add fix jq version info @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.435 2025/06/21 17:07:33 leot Exp $ d26446 1 a26446 1 py{39,310,311,312,313}-urllib3<2.5.0 server-side-request-forgery ttps://nvd.nist.gov/vuln/detail/CVE-2025-50181 @ 1.435 log @pkg-vulnerabilities: Add chromium vulnerabilities Add 2025 chromium vulnerabilities. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.434 2025/06/21 16:33:08 leot Exp $ d26434 1 a26434 1 jq>=1.8.0 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-49014 @ 1.434 log @pkg-vulnerabilities: Add 202[345] Oracle advisories @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.433 2025/06/21 15:41:12 leot Exp $ d26641 32 @ 1.433 log @pkg-vulnerabilities: Add 2024 and 2025 MFSA Belatedly add all 2024 and 2025 MFSA based on 2024 and 2025 CVEs. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.432 2025/06/21 15:33:56 leot Exp $ d26606 35 @ 1.432 log @pkg-vulnerabilities: add missing 2022 and 2023 MFSA Belatedly add all CVEs part of 2022 and 2023 MFSA. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.431 2025/06/21 12:00:04 leot Exp $ d26507 99 @ 1.431 log @pkg-vulnerabilities: Add recent CVEs + chromium, clamav, gdk-pixbuf2, grafana, hdf5 (not fixed yet), jq (fixed upstream, no stable releases with fix), modular-xorg-server, modular-xorg-wayland, poco, py-cares, py-mezzanine, python (fixed upstream but not yet in stable releases), rabbitmq, wabt (not fixed yet) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.430 2025/06/20 19:51:21 wiz Exp $ d26457 50 @ 1.430 log @doc: new clamav out, add one of the new vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.429 2025/06/20 02:38:57 markd Exp $ d26427 30 @ 1.429 log @note konsole version with backported fix for CVE-2025-49091 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.428 2025/06/19 06:06:56 wiz Exp $ d26426 1 @ 1.428 log @doc: add another xwayland/xorg-server vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.427 2025/06/18 13:44:44 wiz Exp $ d26393 1 a26393 1 konsole<25.04.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2025-49091 @ 1.427 log @doc: add one (each) of the new xserver/xwayland vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.426 2025/06/17 14:01:53 leot Exp $ d26424 2 @ 1.426 log @pkg-vulnerabilities: + qt6-qtbase, salt, spdlog All fixed in recent releases. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.425 2025/06/17 13:44:43 leot Exp $ d26422 2 @ 1.425 log @pkg-vulnerabilities: Add recent CVEs + gimp, glib2, kafka, konsole, libarchive, libtpms, metabase, ncurses (fixed on 20250329 devel version, latest 6.5 affected), openssl, p5-CryptX, pspp (probably not fixed, no feedbacks from upstream in the bug report), py-octoprint, py-protobuf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.424 2025/06/17 10:44:12 leot Exp $ d26409 13 @ 1.424 log @pkg-vulnerabilities: Add recent CVEs + apache-tomcat, assimp (not fixed, tracked via https://github.com/assimp/assimp/issues/6128) chromium, firefox, thunderbird @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.423 2025/06/17 06:28:15 wiz Exp $ d26388 21 @ 1.423 log @doc: add a couple unfixed libxml2 and libxslt vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.422 2025/06/17 06:24:33 wiz Exp $ d26376 12 @ 1.422 log @doc: add erlang vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.421 2025/06/15 15:16:24 wiz Exp $ d26370 6 @ 1.421 log @doc: fix icu upper bound https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77 is part of 77.1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.420 2025/06/15 14:42:39 wiz Exp $ d26369 1 @ 1.420 log @doc: add one of the new sslh vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.419 2025/06/15 13:16:36 wiz Exp $ d26231 1 a26231 1 icu<78.1 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-5222 @ 1.419 log @doc: add p5-CryptX vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.418 2025/06/10 19:47:08 kim Exp $ d26367 2 a26368 1 p5-CryptX<0.087 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-40914 @ 1.418 log @CVE-2025-4516: Add python310 fix version info Release notes: https://docs.python.org/release/3.10.18/whatsnew/changelog.html gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.417 2025/06/10 19:45:22 kim Exp $ d26367 1 @ 1.417 log @CVE-2025-4516: Add python311 fix version info Release notes: https://docs.python.org/release/3.11.13/whatsnew/changelog.html#python-3-11-13 gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.416 2025/06/10 19:43:02 kim Exp $ d26194 1 a26194 1 python310-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 @ 1.416 log @CVE-2025-4516: Add python313 fix version info Release notes: https://docs.python.org/release/3.13.4/whatsnew/changelog.html#python-3-13-4 gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.415 2025/06/10 19:28:41 kim Exp $ d26195 1 a26195 1 python311-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 @ 1.415 log @CVE-2025-4516: Add python312 fix version info Pull request: https://github.com/python/cpython/pull/134337 Commit: https://github.com/python/cpython/pull/134337/commits/a75953b347716fff694aa59a7c7c2489fa50d1f5 Branch history: https://github.com/python/cpython/commits/3.12/ Commit is included in the 3.12.11 release per 3.12 branch history @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.414 2025/06/10 19:03:17 kim Exp $ d26197 1 a26197 1 python313-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 @ 1.414 log @CVE-2024-47081: Add fixed version info for py-requests https://github.com/psf/requests/security/advisories/GHSA-9hjg-9r4m-mvj7 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.413 2025/06/10 14:57:19 wiz Exp $ d26196 1 a26196 1 python312-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-4516 @ 1.413 log @doc: update py-django pattern, there was a second release for the same CVE @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.412 2025/06/09 07:47:08 leot Exp $ d26316 1 a26316 1 py{39,310,311,312}-requests-[0-9]* credential-leak https://nvd.nist.gov/vuln/detail/CVE-2024-47081 @ 1.412 log @pkg-vulnerabilities: + assimp Via pkgsrc commit message / upstream changelog. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.411 2025/06/07 19:14:41 bsiegert Exp $ d26318 3 a26320 3 py{39,310,311,312,313}-django>=4<4.2.22 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-48432 py{39,310,311,312,313}-django>=5.1<5.1.10 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-48432 py{39,310,311,312,313}-django>=5.2<5.2.2 log-injection https://nvd.nist.gov/vuln/detail/CVE-2025-48432 @ 1.411 log @pkg-vulnerabilities: note recent Go security issues @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.410 2025/06/07 16:17:36 leot Exp $ d26363 4 @ 1.410 log @pkg-vulnerabilities: + gimp @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.409 2025/06/07 13:33:24 leot Exp $ d26359 4 @ 1.409 log @pkg-vulnerabilities: + libxml2, openssl, py-mysql-connector @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.408 2025/06/07 12:48:06 leot Exp $ d26358 1 @ 1.408 log @pkg-vulnerabilities: extended to other mariadb versions @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.407 2025/06/07 12:43:16 leot Exp $ d26355 3 @ 1.407 log @pkg-vulnerabilities: extend to mariadb106 as well Extend latest mariadb105 vulnerabilities to mariadb106 as well. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.406 2025/06/07 12:40:37 leot Exp $ d26336 2 d26340 2 d26344 4 d26350 2 @ 1.406 log @pkg-vulnerabilities: + {mariadb,mysql}-{client,server} @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.405 2025/06/06 07:52:17 leot Exp $ d26334 8 a26341 4 mariadb-client<10.5.29 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30722 mariadb-server<10.5.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52969 mariadb-server<10.5.29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-52970 mariadb-server<10.5.29 unauthorized-access https://nvd.nist.gov/vuln/detail/CVE-2025-30693 @ 1.405 log @pkg-vulnerabilities: + radare2 Same as like radare2 entry, a warning regarding that was added via commit 5705d99cc1f23f36f9a84aab26d1724010b97798. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.404 2025/06/05 19:01:52 wiz Exp $ d26334 7 @ 1.404 log @doc: add CVE-2011-10007 for p5-File-Find-Rule @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.403 2025/06/05 14:22:02 leot Exp $ d26331 2 @ 1.403 log @pkg-vulnerabilities: add morning CVEs + ruby-rack, aerc, qt-qtimageformats, radare2 aerc fixed via commit 8e56e9a but latest 0.20.1 is affected. radare2 not fixed but development branch add a warning message for the "-T" flag that enable threading that is known to be crashy. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.402 2025/06/04 21:07:46 leot Exp $ d26331 1 @ 1.402 log @pkg-vulnerabilities: + wireshark Will be fixed in 4.4.7, not released yet. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.401 2025/06/04 21:06:33 wiz Exp $ d26322 9 @ 1.401 log @doc: add a couple more vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.400 2025/06/04 14:28:22 leot Exp $ d26321 1 @ 1.400 log @pkg-vulnerabilities: + python Extend latest entries to older Python versions too. Via pkgsrc-changes@@ commit messages. (I have accidentally thought that they were limited to >=3.12 by reading the security announcement.) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.399 2025/06/04 13:11:37 leot Exp $ d26315 6 @ 1.399 log @pkg-vulnerabilities: + python @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.398 2025/06/03 18:37:57 leot Exp $ d26290 3 d26295 3 d26300 3 d26305 3 d26310 3 @ 1.398 log @pkg-vulnerabilities: + ap-modsecurity2, catdoc, chromium, grafana qt*-qtbase, sslh catdoc vulnerabilities are not fixed. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.397 2025/06/02 10:45:24 leot Exp $ d26290 10 @ 1.397 log @pkg-vulnerabilities: + p5-YAML-LibYAML @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.396 2025/06/02 08:38:53 leot Exp $ d26278 12 @ 1.396 log @pkg-vulnerabilities: Use CVE ID for last roundcube entry It is easier to deduplicate and contains more references. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.395 2025/06/02 08:00:15 wiz Exp $ d26277 1 @ 1.395 log @doc: new roundcube version out fixing an RCE @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.394 2025/06/01 13:42:57 leot Exp $ d26276 1 a26276 1 php{56,74,80,81,82,83}-roundcube<1.6.11 remote-code-execution https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10 @ 1.394 log @pkg-vulnerabilities: + jq All vulnerabilities fixed in jq-1.8.0. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.393 2025/06/01 06:53:54 wiz Exp $ d26276 1 @ 1.393 log @doc: merge to perl entries for the same problem @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.392 2025/05/31 19:26:01 wiz Exp $ d26273 3 @ 1.392 log @doc: update upper bound now that perl is fixed @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.391 2025/05/31 17:07:14 leot Exp $ d26200 1 a26200 1 perl<5.40.2nb1 permission-race https://nvd.nist.gov/vuln/detail/CVE-2025-40909 a26262 1 perl>=5.13.6 race-condition https://nvd.nist.gov/vuln/detail/CVE-2025-40909 @ 1.391 log @pkg-vulnerabilities: + clamav, go1{19,20} @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.390 2025/05/31 16:50:14 leot Exp $ d26200 1 a26200 1 perl<5.41.13 permission-race https://nvd.nist.gov/vuln/detail/CVE-2025-40909 @ 1.390 log @pkg-vulnerabilities: + hdf5, jhead, liboqs, perl hdf5 vulnerabilities probably not fixed and unclear if they were reported upstream or not. jhead not fixed. perl vulnerability will be fixed in the next version. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.389 2025/05/29 21:08:48 leot Exp $ d26264 10 @ 1.389 log @pkg-vulnerabilities: + redis, yasm, tcpreplay, apache-tomcat yasm is fixed with https://github.com/yasm/yasm/pull/263 AKA https://github.com/yasm/yasm/commit/121ab150b3577b666c79a79f4a511798d7ad2432 but no stable release with that commit. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.388 2025/05/29 09:45:54 leot Exp $ d26259 5 @ 1.388 log @pkg-vulnerabilities: + rt @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.387 2025/05/29 08:58:30 leot Exp $ d26253 6 @ 1.387 log @pkg-vulnerabilities: + chromium @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.386 2025/05/29 08:47:33 leot Exp $ d26251 2 @ 1.386 log @pkg-vulnerabilities: + firefox, thunderbird Add recent MFSAs. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.385 2025/05/29 08:36:53 leot Exp $ d26243 8 @ 1.385 log @pkg-vulnerabilities: + binutils, gimp, icu, icinga and others Add recent binutils, gimp, icu, icinga2, p5-Net-CIDR-Set, kea and rt5 recent vulnerabilities. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.384 2025/05/29 08:18:55 leot Exp $ d26239 4 @ 1.384 log @pkg-vulnerabilities: + assimp Not fixed yet, all of them are tracked via: https://github.com/assimp/assimp/issues/6128 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.383 2025/05/29 08:12:01 leot Exp $ d26226 13 @ 1.383 log @pkg-vulnerabilities: Use CVE URL for last coreutils entry In that way we can easily deduplicate it because in the pkgsrc-security RT queue we get NVD URLs. CVEs also usually contains references. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.382 2025/05/29 08:09:27 leot Exp $ d26216 10 @ 1.382 log @pkg-vulnerabilities: Add recent vulnerabilities Add openssl, asterisk, grafana and cJSON vulnerabilities. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.381 2025/05/29 07:59:15 kim Exp $ d26204 1 a26204 1 coreutils<9.6nb1 heap-overflow https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633 @ 1.381 log @CVE-2025-40909 fixed in perl 5.41.13 https://github.com/Perl/perl5/issues/23010#issuecomment-2918264685 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.380 2025/05/28 09:24:10 wiz Exp $ d26205 11 @ 1.380 log @doc: add coreutils vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.379 2025/05/26 12:50:36 wiz Exp $ d26200 1 a26200 1 perl-[0-9]* permission-race https://nvd.nist.gov/vuln/detail/CVE-2025-40909 @ 1.379 log @doc: add one of the new libxslt vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.378 2025/05/24 07:14:29 kim Exp $ d26204 1 @ 1.378 log @Comment out CVE-2020-1734 - This is intended functionality, it is up to the playbook author to ensure that they use the `|quote` filter where appropriate. - https://github.com/ansible/ansible/issues/67792 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.377 2025/05/24 06:47:25 kim Exp $ d26203 1 @ 1.377 log @Update CVE-2020-10744 - It is about ansible-base before version 2.11 - Never existed in ansible-core (as 2.11 was its first release, and it was not imported into pkgsrc until version 2.12.5) - It is not about the ansible package, either - Fixed in https://github.com/ansible/ansible/pull/69578 - Not tracking backports into 2.9 or 2.10, as this is all ancient @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.376 2025/05/24 06:23:31 wiz Exp $ d19049 1 a19049 1 ansible-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2020-1734 @ 1.376 log @doc: add ghostscript vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.375 2025/05/23 14:51:39 wiz Exp $ d19325 1 a19325 1 ansible-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-10744 @ 1.375 log @doc: add perl vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.374 2025/05/22 19:52:00 rillig Exp $ d26201 2 @ 1.374 log @doc/pkg-vulnerabilities: remove trailing whitespace @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.373 2025/05/21 15:08:49 taca Exp $ d26200 1 @ 1.373 log @doc/pkg-vulnerabilities: add ruby30 and ruby31 Ruby 3.0 and 3.1 are EOL. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.372 2025/05/18 01:50:09 markd Exp $ d26155 1 a26155 1 redlib<0.36.0 denial-of-service https://github.com/redlib-org/redlib/security/advisories/GHSA-g8vq-v3mg-7mrg @ 1.372 log @note versions of bird that fixed CVE-2019-161. also remove bird6>2 entry as bird6 only relevant for version 1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.371 2025/05/16 16:13:45 wiz Exp $ d26198 2 @ 1.371 log @doc: add Python vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.370 2025/05/16 16:09:13 wiz Exp $ d18044 3 a18046 4 bird>=1.6.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird6>=1.6.4 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird>=2.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 bird6>=2.0.0 stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-16159 @ 1.370 log @doc: add one of the new chromium vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.369 2025/05/16 05:43:13 wiz Exp $ d26195 4 @ 1.369 log @doc: add one of the new webkit-gtk vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.368 2025/05/15 06:31:18 wiz Exp $ d26194 1 @ 1.368 log @doc: add a nodejs vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.367 2025/05/13 20:47:39 leot Exp $ d26188 1 a26188 1 varnish<7.7.1 request-smuggling https://varnish-cache.org/security/VSV00016.html d26193 1 @ 1.367 log @pkg-vulnerabilities: Add reference to CVE-2025-47278 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.366 2025/05/13 05:52:54 wiz Exp $ d26190 3 @ 1.366 log @doc: add some upper bounds for vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.365 2025/05/13 05:50:03 wiz Exp $ d26189 1 @ 1.365 log @doc: add varnish vulnerability (no CVE yet) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.364 2025/05/12 17:22:41 wiz Exp $ d26185 3 a26187 2 screen-[0-9]* multiple-vulnerabilities https://security.opensuse.org/2025/05/12/screen-security-issues.html open-vm-tools-[0-9]* insecure-file-handling https://nvd.nist.gov/vuln/detail/CVE-2025-22247 @ 1.364 log @doc: add open-vm-tools vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.363 2025/05/12 16:05:52 leot Exp $ d26187 1 @ 1.363 log @pkg-vulnerabilities: Adjust last screen entry type Make it just multiple-vulnerabilities to be more consistent with other entries. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.362 2025/05/12 15:49:44 wiz Exp $ d26186 1 @ 1.362 log @doc: add screen vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.361 2025/05/09 17:55:11 wiz Exp $ d26185 1 a26185 1 screen-[0-9]* multople-sceurity-problems https://security.opensuse.org/2025/05/12/screen-security-issues.html @ 1.361 log @doc: add postgresql and dropbear vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.360 2025/05/08 08:56:37 leot Exp $ d26185 1 @ 1.360 log @pkg-vulnerabilities: CVE-2023-31485 was fixed in 0.27 CVE-2023-31485 was fixed in p5-GitLab-API-v4-0.27, via: @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.359 2025/05/07 15:30:10 wiz Exp $ d26179 6 @ 1.359 log @doc: new django versions out, fixing DOS problems @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.358 2025/05/04 11:20:27 nia Exp $ d25106 1 a25106 1 p5-GitLab-API-v4-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31485 @ 1.358 log @mark CVE-2025-31344 as locally fixed @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.357 2025/05/04 11:05:29 nia Exp $ d26177 2 @ 1.357 log @two fixed wavpack bugs CVE-2021-44269 https://github.com/dbry/WavPack/commit/773f9d0803c6888ae7d5391878d7337f24216f4a CVE-2022-2476 https://github.com/dbry/WavPack/commit/25b4a2725d8568212e7cf89ca05ca29d128af7ac @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.356 2025/05/04 11:02:59 nia Exp $ d26162 1 a26162 1 giflib-[0-9]* heap-buffer-overflow https://www.openwall.com/lists/oss-security/2025/04/07/3 @ 1.356 log @x11vnc bug fixed in 0.9.17 https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.355 2025/05/03 20:18:12 jschauma Exp $ d23147 1 a23147 1 wavpack-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44269 d23811 1 a23811 1 wavpack-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-2476 @ 1.355 log @mark liboqs<0.13.0 as vulnerable to an information-disclosure vulnerability The vulnerability is in the HQC reference implementation discussed in the link added here. Note that liboqs had previously provided a security advisory for another HQC vulnerability (CVE-2024-54137): https://github.com/open-quantum-safe/liboqs/security/advisories/GHSA-gpf4-vrrw-r8v7 However, the Open Quantum Safe team has not (yet) released a security advisory for version 0.12.0. Since all versions prior to 0.13.0 are vulnerable to the discussed decryption oracle, I'm only adding a single entry and pointing to the discussion on pqc-forum; if/when OQS releases a security advisory (see https://github.com/open-quantum-safe/liboqs/issues/2132), then I'll update the vulnerabilities file here accordingly. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.354 2025/04/30 17:36:48 wiz Exp $ d20258 1 a20258 1 x11vnc-[0-9]* improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2020-29074 @ 1.354 log @doc: add dnsdist vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.353 2025/04/27 06:23:16 wiz Exp $ d26176 1 @ 1.353 log @doc: add py-h11 vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.352 2025/04/24 10:14:52 wiz Exp $ d26175 1 @ 1.352 log @doc: fcgi vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.351 2025/04/22 10:27:09 wiz Exp $ d26174 1 @ 1.351 log @doc: new mailman(2) vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.350 2025/04/18 20:07:44 wiz Exp $ d26173 1 @ 1.350 log @doc: add one of the new libarchive vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.349 2025/04/18 19:10:43 wiz Exp $ d26172 1 @ 1.349 log @doc: add some (of many more) libsoup* vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.348 2025/04/18 04:41:06 wiz Exp $ d26171 1 @ 1.348 log @doc: add erlang (-ssh) vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.347 2025/04/17 17:01:21 wiz Exp $ d26167 4 @ 1.347 log @doc: add libxml2 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.346 2025/04/14 05:28:00 wiz Exp $ d26166 1 @ 1.346 log @doc: add perl vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.345 2025/04/08 14:02:00 wiz Exp $ d26165 1 @ 1.345 log @doc: add libcares vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.344 2025/04/07 15:05:25 wiz Exp $ d26164 1 @ 1.344 log @doc: add giflib vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.343 2025/04/07 14:15:37 wiz Exp $ d26163 1 @ 1.343 log @doc: add two more vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.342 2025/04/04 20:29:41 wiz Exp $ d26162 1 @ 1.342 log @doc: add unfixed yelp vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.341 2025/04/03 07:46:15 wiz Exp $ d26160 2 @ 1.341 log @doc: add openvpn vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.340 2025/04/02 17:16:48 wiz Exp $ d26159 1 @ 1.340 log @doc: add django vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.339 2025/03/30 14:29:31 wiz Exp $ d26158 1 @ 1.339 log @doc: add trailing newline @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.338 2025/03/30 14:23:37 vins Exp $ d26157 1 @ 1.338 log @doc: add reference to redlib DoS vulnerabiliy. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.337 2025/03/26 23:29:58 wiz Exp $ d26156 1 a26156 1 redlib<0.36.0 denial-of-service https://github.com/redlib-org/redlib/security/advisories/GHSA-g8vq-v3mg-7mrg @ 1.337 log @doc: add matrix-synapse vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.336 2025/03/26 18:32:36 wiz Exp $ d26156 1 @ 1.336 log @doc: add exim vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.335 2025/03/21 20:12:31 wiz Exp $ d26155 1 @ 1.335 log @doc: add mercurial vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.334 2025/03/21 09:14:22 wiz Exp $ d26154 1 @ 1.334 log @doc: new webkit out, add new vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.333 2025/03/17 07:22:17 wiz Exp $ d26153 1 @ 1.333 log @doc: add two upper bounds for libical First one is based on a commit, second one on a report that it was already fixed six years ago, so I took the oldest distfile I had that was newer than that as an upper bound. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.332 2025/03/16 15:18:00 morr Exp $ d26152 1 @ 1.332 log @Update vim and add new vuln for it @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.331 2025/03/14 18:58:57 wiz Exp $ d10980 2 a10981 2 libical-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5825 libical-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2016-5826 @ 1.331 log @doc: add php* and expat vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.330 2025/03/13 08:03:35 wiz Exp $ d26151 1 @ 1.330 log @doc: add freetype2 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.329 2025/03/10 15:48:22 wiz Exp $ d26146 5 @ 1.329 log @doc: add tinyxml2 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.328 2025/03/10 13:57:53 wiz Exp $ d26145 1 @ 1.328 log @doc: add exemplary CVEs for firefox and thunderbird @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.327 2025/03/05 16:59:37 morr Exp $ d26144 1 @ 1.327 log @Add vim vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.326 2025/02/27 10:59:53 nia Exp $ d26140 4 @ 1.326 log @CVE-2022-34568 was patched in SDL-1.2.15nb46 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.325 2025/02/26 12:20:56 nia Exp $ d26139 1 @ 1.325 log @CVE-2020-11979 fixed in Apache Ant 1.10.9 https://ant.apache.org/security.html#Fixed%20in%20Apache%20Ant%201.10.9 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.324 2025/02/26 11:59:15 nia Exp $ d23857 1 a23857 1 SDL-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-34568 @ 1.324 log @CVE-2022-37434 was fixed in zlib-1.2.13 https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.323 2025/02/26 11:52:29 nia Exp $ d19997 1 a19997 1 apache-ant-[0-9]* insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2020-11979 @ 1.323 log @mark various polkit bugs fixed CVE-2018-19788 https://gitlab.freedesktop.org/polkit/polkit/-/commit/5230646dc6876ef6e27f57926b1bad348f636147 CVE-2019-6133 https://gitlab.freedesktop.org/polkit/polkit/-/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81 CVE-2021-4115 https://gitlab.freedesktop.org/polkit/polkit/-/commit/41cb093f554da8772362654a128a84dd8a5542a7 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.322 2025/02/26 11:45:06 nia Exp $ d23902 1 a23902 1 zlib-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-37434 @ 1.322 log @mark various avahi vulnerabilities fixed @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.321 2025/02/26 09:47:07 nia Exp $ d16312 1 a16312 1 polkit-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2018-19788 d16584 1 a16584 1 polkit-[0-9]* authorization-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-6133 d22922 1 a22922 1 polkit-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4115 @ 1.321 log @CVE-2021-36217 is marked REJECT @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.320 2025/02/25 19:53:17 wiz Exp $ d11988 1 a11988 1 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-6519 d16247 1 a16247 1 avahi-[0-9]* traffic-amplification https://nvd.nist.gov/vuln/detail/CVE-2018-1000845 d21124 1 a21124 1 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3502 d21382 1 a21382 1 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-3468 d25463 5 a25467 5 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38469 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38470 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38471 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38472 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38473 @ 1.320 log @doc: add one of multiple new x.org server vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.319 2025/02/23 11:24:45 wiz Exp $ a21497 1 avahi-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-36217 @ 1.319 log @doc: add exiv2 vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.318 2025/02/22 16:18:09 taca Exp $ d26138 2 @ 1.318 log @doc/pkg-vulnerabilities: add www/drupal11 vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.317 2025/02/21 21:46:47 wiz Exp $ d26137 1 @ 1.317 log @doc: openh264 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.316 2025/02/21 21:40:08 wiz Exp $ d26134 3 @ 1.316 log @doc: add exim vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.315 2025/02/19 10:22:33 wiz Exp $ d26133 1 @ 1.315 log @doc: add libxml2, openssh vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.314 2025/02/18 21:49:49 morr Exp $ d26132 1 @ 1.314 log @Add vim vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.313 2025/02/18 16:47:52 nia Exp $ d26128 4 @ 1.313 log @fix p7zip version selectors per https://github.com/p7zip-project/p7zip/releases/tag/v17.01 these were fixed in 17.01. i don't think there's a p7zip-18? @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.312 2025/02/17 15:47:14 nia Exp $ d26127 1 @ 1.312 log @pkg-vulnerabilities: pkgsrc strips out the "beta" from libcaca's version @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.311 2025/02/17 15:35:28 nia Exp $ d14263 1 a14263 1 p7zip<18.00 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2018-5996 d14961 1 a14961 1 p7zip<18.05 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2018-10115 @ 1.311 log @pkg-vulnerabilities: libcaca bugs fixed in 0.99.beta20 per https://github.com/cacalabs/libcaca/releases/tag/v0.99.beta20 and commit logs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.310 2025/02/17 09:28:20 nia Exp $ d16507 6 a16512 6 libcaca<0.99.beta20 floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2018-20544 libcaca<0.99.beta20 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20545 libcaca<0.99.beta20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20546 libcaca<0.99.beta20 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20547 libcaca<0.99.beta20 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20548 libcaca<0.99.beta20 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20549 d20642 1 a20642 1 libcaca<0.99.beta20 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3410 d21228 2 a21229 2 libcaca<0.99.beta20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30498 libcaca<0.99.beta20 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30499 @ 1.310 log @remove CVE marked REJECT @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.309 2025/02/17 09:12:40 nia Exp $ d16507 6 a16512 6 libcaca-[0-9]* floating-point-exception https://nvd.nist.gov/vuln/detail/CVE-2018-20544 libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20545 libcaca-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20546 libcaca-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2018-20547 libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20548 libcaca-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2018-20549 d20642 1 a20642 1 libcaca-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3410 d21228 2 a21229 2 libcaca-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30498 libcaca-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-30499 @ 1.309 log @CVE-2023-44821 fixed in gifsicle-1.95 per CVE description (and the status of the linked issue) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.308 2025/02/17 09:07:51 nia Exp $ a25587 1 p7zip-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-1576 @ 1.308 log @CVE-2019-18218 fixed in file-5.38 per: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.307 2025/02/16 22:41:13 wiz Exp $ d25551 1 a25551 1 gifsicle-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44821 @ 1.307 log @doc: add postgresql vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.306 2025/02/12 21:10:22 rillig Exp $ d18255 1 a18255 1 file-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2019-18218 @ 1.306 log @doc/pkg-vulnerabilities: migrate FTP URLs to HTTP @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.305 2025/02/12 18:27:49 rillig Exp $ d26123 5 @ 1.305 log @doc/pkg-vulnerabilities: fix patterns with lower bound > upper bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.304 2025/02/12 09:18:18 jperkin Exp $ d50 2 a51 3 pine<=4.21 remote-root-shell ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc navigator<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc navigator3<4.76 remote-root-shell ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A66.netscape.asc d75 1 a75 1 camediaplay<20010211 local-user-shell ftp://ftp.itojun.org/pub/digi-cam/C-400/unix/README d102 1 a102 1 sendmail<8.11.6 local-root-shell ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES d110 1 a110 1 mgetty<1.1.22 denial-of-service ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A71.mgetty.asc d210 1 a210 1 png<1.2.4 remote-user-shell ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207 d300 1 a300 1 png<1.2.5nb2 unknown ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-implement.200212 d439 1 a439 1 vtun<2.6nb1 privacy-leak ftp://ftp.netbsd.org/pub/NetBSD/packages/distfiles/LOCAL_PORTS/vtun-26to30.patch d1438 2 a1439 2 imake>=3<4.4.0nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc xorg-imake<6.8.2nb2 insecure-temp-files ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-009.txt.asc d1750 1 a1750 1 tin<1.8.1 buffer-overflow ftp://ftp.tin.org/pub/news/clients/tin/stable/CHANGES d2258 1 a2258 1 libarchive<1.3.1 denial-of-service http://security.freebsd.org/advisories/FreeBSD-SA-06:24.libarchive.asc d2584 3 a2586 3 libarchive<1.3.1nb1 infinite-loop http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 null-dereference http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc libarchive<1.3.1nb1 arbitrary-code-execution http://security.freebsd.org/advisories/FreeBSD-SA-07:05.libarchive.asc d23616 4 a23619 4 ruby26-base<2.6.10 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby27-base<2.7.6 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby30-base<3.0.4 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 ruby31-base<3.1.2 out-of-bounds-read https:/nvd.nist.gov/vuln/detail/CVE-2022-28739 @ 1.304 log @doc: Improve openssl version matching for CVE-2024-12797. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.303 2025/02/11 21:28:54 wiz Exp $ d2617 1 a2617 1 thunderbird{,-gtk1}>=2.0<1.5.0.13 command-injection https://www.mozilla.org/security/announce/2007/mfsa2007-27.html d6553 4 a6556 2 ffmpeg>=20121018.1.0.0<20130121.1.0.2 multiple-vulnerabilities http://secunia.com/advisories/51964/ ffmpeg>=20130128.1.1.0<20130120.1.1.1 multiple-vulnerabilities http://secunia.com/advisories/51975/ d10299 1 a10299 1 phpmyadmin>=5.0.10<4.0.10.16 code-injection https://www.phpmyadmin.net/security/PMASA-2016-17/ d10408 2 d10411 2 a10412 2 php56-gd>=5.6<5.5.37 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php55-gd>=5.5<5.6.23 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 a10413 2 php56-gd>=5.6<5.5.37 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php55-gd>=5.5<5.6.23 heap-overflow https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 d13769 1 a13769 1 slurm>=17.11<17.11.0rc2 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2017-15566 d22595 1 a22595 1 py{36,37,38,39,310}-django>=4<2.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 @ 1.303 log @doc: add openssl vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.302 2025/02/09 22:15:43 rillig Exp $ d26120 2 a26121 1 openssl<3.4.1 man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2024-12797 @ 1.302 log @doc/pkg-vulnerabilities: update URLs from http to https sed -i 's,ftp://\(ftp\.NetBSD\.org\)/,https://\1/,' pkg-vulnerabilities sed -i 's,http://\(cve\.mitre\.org\)/,https://\1/,' pkg-vulnerabilities sed -i 's,http://\(ftp\.NetBSD\.org\)/,https://\1/,' pkg-vulnerabilities sed -i 's,http://\(www\.mozilla\.org\)/,https://\1/,' pkg-vulnerabilities sed -i 's,http://\(www\.oracle\.com\)/,https://\1/,' pkg-vulnerabilities sed -i 's,http://\(xenbits\.xen\.org\)/,https://\1/,' pkg-vulnerabilities sed -i 's,http://web\.nvd\.nist\.gov/view/vuln/detail?vulnId=\(CVE-[0-9]*-[0-9]*\)$,https://nvd.nist.gov/vuln/detail/\1,' pkg-vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.301 2025/02/09 20:33:16 rillig Exp $ d26120 1 @ 1.301 log @doc/pkg-vulnerabilities: clean up The patterns for apache-2.0.x were too verbose, they can be expressed in a simple >=2<2.0.49 version comparison pattern. There never was a package named pdfTexinteTexbin in pkgsrc, so that pattern never matched. Its URL was too unspecific to be useful, the NEWS file didn't mention any integer overflow vulnerability. The entry for ffmpeg<20130510 mentioned "multiple vulnerabilities", but the Secunia URL is gone, and the Web Archive's copy only says "You need to log in to view this", making the entry useless. Further cleanup needed: * Convert all URLs to https if available. * Replace all Secunia URLs with long-lived primary sources. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.300 2025/02/06 18:39:14 wiz Exp $ d28 1 a28 1 cfengine<1.5.3nb3 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-013.txt.asc d30 1 a30 1 navigator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc d32 1 a32 1 communicator<4.74 remote-user-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-011.txt.asc d38 5 a42 5 wu-ftpd<2.6.1 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-010.txt.asc wu-ftpd<2.4.2b18.2 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc xlockmore<4.17 local-root-file-view ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2000-003.txt.asc lsof<4.41 local-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-005.txt.asc wu-ftpd<2.6.0 remote-root-shell ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA1999-003.txt.asc d65 1 a65 1 fsh<1.1 local-root-file-view http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1135 d174 1 a174 1 fetchmail<5.9.10 remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0146 d245 2 a246 2 apache-2.0.3[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache-2.0.4[0-2]* remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 d249 7 a255 7 apache<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 apache6<1.3.27 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0843 apache6<1.3.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0839 apache6<1.3.27 local-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840 gv<3.5.8nb2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569 d278 1 a278 1 windowmaker<0.80.2 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1277 d294 1 a294 1 pine<4.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320 d297 2 a298 2 wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344 wget<1.8.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 d322 3 a324 3 php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 php-4.2.3{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 d332 1 a332 1 zlib<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0107 d343 5 a347 5 apcupsd<3.8.6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 apcupsd-3.10.[0-4] remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1396 ap-php-4.1.[3-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 ap-php-4.2.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396 d350 4 a353 4 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apache-2.0.4[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132 apcupsd<3.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 apcupsd-3.10.[0-4] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099 d356 2 a357 2 mgetty+sendfax<1.1.29 file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392 mgetty+sendfax<1.1.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391 d372 2 a373 2 apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 apache-2.0.4[0-5] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245 d382 5 a386 5 ImageMagick<5.5.7.1 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0455 apache-2.0.3[7-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 apache-2.0.4[0-6] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0253 falcons-eye<1.9.3nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358 xconq<7.4.1nb1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0607 d390 6 a395 6 postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0468 postfix<1.1.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0540 xfstt<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0581 xfstt<1.5.1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0625 stunnel<3.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 stunnel-4.0[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563 d409 7 a415 7 gtkhtml<1.1.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0541 sane-backends<1.0.11 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775 sane-backends<1.0.11 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777 sane-backends<1.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778 d428 2 a429 2 marbles<1.0.2nb3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0830 ncftp3<3.1.6 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1345 d432 1 a432 1 fetchmail<6.2.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0790 d441 5 a445 5 libnids<=1.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0850 apache<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache6<1.3.28nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 apache-2.0.4[0-7] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0254 d449 2 a450 2 coreutils<5.0nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853 coreutils<5.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854 d452 3 a454 3 quagga<0.96.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 zebra<0.93bnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0795 pan<0.13.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855 d456 2 a457 2 mozilla{,-bin}<1.5 remote-code-execution http://www.mozilla.org/projects/security/known-vulnerabilities.html screen<4.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0972 d468 2 a469 2 mpg321<0.2.10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0969 mailman<2.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0965 d474 4 a477 4 jitterbug<1.6.2nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0028 mpg123<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-esound<0.59.18nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 mpg123-nas<0.59.18nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 d479 2 a480 2 mutt<1.4.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0078 metamail<2.7nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104 d484 5 a488 5 apache>=2<2.0.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache>=2<2.0.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache>=2<2.0.49 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache6<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 gdk-pixbuf<0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0111 d492 5 a496 5 ghostscript-gnu<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-nox11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 ghostscript-gnu-x11<7.07 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354 python22<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 python22-pth<2.2.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 d512 1 a512 1 neon<0.24.5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 d528 6 a533 6 apache<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache6<1.3.31 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 apache6<1.3.31 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 apache6<1.3.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 d539 5 a543 5 neon<0.24.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cvs-1.11.1[0-5] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 cadaver<0.22.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0398 ap-ssl<2.8.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 d548 3 a550 3 cvs-1.11.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 cvs-1.11.1[0-6]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416 d570 8 a577 8 mozilla{,-gtk2}{,-bin}<1.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 mozilla{,-gtk2}{,-bin}<1.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 firefox{,-gtk2}{,-bin}<0.9.3 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 MozillaFirebird{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 firefox{,-gtk2}{,-bin}<0.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 thunderbird{,-gtk2}{,-bin}<0.7.2 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 thunderbird{,-gtk2}{,-bin}<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 d581 4 a584 4 kdelibs<3.2.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 kdelibs<3.2.3nb2 local-account-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 kdelibs<3.2.3nb2 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 kdebase<3.2.3nb1 http-frame-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 d588 2 a589 2 lukemftpd-[0-9]* remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc tnftpd<20040810 remote-root-access ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc d593 1 a593 1 qt3-libs<3.3.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 d602 1 a602 1 imlib2<1.1.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802 d612 2 a613 2 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 d626 8 a633 8 xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xpm<3.4knb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 XFree86-libs<4.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 xorg-libs<6.7.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 openmotif<2.1.30nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 d635 12 a646 12 apache-2.0.[0-4]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 apache-2.0.50nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 gdk-pixbuf<0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gtk2+<2.4.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 gdk-pixbuf<0.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 gtk2+<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 wv<=1.0.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 d648 9 a656 9 apache-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 apache6-1.3.2[5-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.30* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6-1.3.31{,nb[1-4]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 apache6<1.3.33 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940 ImageMagick<6.0.6.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0827 d658 6 a663 6 squid<2.5.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832 MozillaFirebird{,-gtk2}{,-bin}<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html firefox-gtk2-bin<0.10.1 local-file-write http://www.mozilla.org/press/mozilla-2004-10-01-02.html d667 1 a667 1 tiff<3.6.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 d669 2 a670 2 ap-ssl<2.8.20 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 sox<12.17.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0557 d676 3 a678 3 samba-2.2.[1-9] remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 samba-2.2.{10,11} remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 ja-samba<2.2.12.0.9.1 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0815 d682 4 a685 4 cabextract<1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0916 mpg123<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-esound<0.59.18nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 mpg123-nas<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0982 d687 1 a687 1 ruby-base<1.6.8nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0983 d700 14 a713 14 sudo<1.6.8pl3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1051 gnats<4.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0623 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0938 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0960 freeradius<1.0.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0961 samba<2.2.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba<2.2.12nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 samba-3.0.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 samba-3.0.[0-7]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 samba-3.0.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 ja-samba-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0930 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0882 ja-samba<2.2.12.0.9.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1154 d718 2 a719 2 libxml2<2.6.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 libxml<1.8.17nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989 d727 2 a728 2 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1025 imlib<1.9.15nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1026 d744 2 a745 2 cyrus-imapd-2.2.[0-9]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 cyrus-imapd-2.2.1[0-1]{,nb*} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 d747 1 a747 1 cyrus-imapd<2.1.18 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 d750 12 a761 12 tcpdump<3.8.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989 tcpdump<3.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183 tcpdump<3.8.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 gmc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 netpbm<9.26 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0924 pwlib<1.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0097 d763 42 a804 42 lbreakout<2.4beta2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0158 ap-python<2.7.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0973 logcheck<1.1.1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0404 zope<2.5.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0688 flim<1.14.3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0422 gnome-vfs<1.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0494 cups<1.1.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 openoffice<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 openoffice-linux<1.1.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0752 imlib<1.9.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817 apache-2.0.51* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0811 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.0.1[0-8]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server-4.1.[01]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0835 mysql-server<3.23.49 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.1[0-9]nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server-4.0.20nb* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0836 mysql-server<3.23.49 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.1[0-9]nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 mysql-server-4.0.20nb* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0837 cyrus-sasl<2.1.19 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0884 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 cups<1.1.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0889 cups<1.1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0923 apache-2.0.3[5-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.3[5-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.4[0-9]nb* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2] privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 apache-2.0.5[0-2]nb[1-4] weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 d806 13 a818 13 catdoc<0.91.5.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193 gd<2.0.22 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941 gd<2.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0990 ImageMagick<6.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0981 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687 lesstif<0.93.96 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688 lesstif<0.94.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xorg-libs<6.8.1nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 XFree86-libs<4.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 xpm<3.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 groff<1.19.1nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969 zip<2.3nb3 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1010 openssl<0.9.6mnb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0975 d822 1 a822 1 cscope<15.4nb4 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0996 d824 3 a826 3 a2ps<4.13.0.2nb5 unsafe-shell-escape http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1170 a2ps<4.13.0.2nb7 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377 mc<4.6.1rc2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023 d829 1 a829 1 xzgv<0.8.0.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994 d832 1 a832 1 gpdf<2.8.1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 d835 1 a835 1 wget<1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 d837 10 a846 10 xine-lib<1rc6anb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1187 xine-lib<1rc6anb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1188 {ap-,}php<4.3.9 remote-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0958 {ap-,}php-5.0.[01]* remote-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0958 {ap-,}php<4.3.9 remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0959 {ap-,}php-5.0.[01]* remote-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0959 {ap-,}php<4.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065 {ap-,}php-5.0.[012]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065 {ap-,}php<4.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019 {ap-,}php-5.0.[012]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019 d857 1 a857 1 asp2php-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1261 d868 7 a874 7 cups<1.1.23 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 perl{,-thread}<5.6.2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452 perl{,-thread}-5.6.[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 perl{,-thread}-5.8.[0-4]{,nb*}* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452 perl{,-thread}-5.8.[0-4]{,nb*}* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448 perl{,-thread}-5.8.5{,nb[123456]} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976 perl{,-thread}-5.8.6 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976 d876 3 a878 3 xine-lib<1rc6anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300 xine-lib-1rc8{,nb1} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300 nasm<0.98.39 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1287 d883 7 a889 7 vim<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-gtk2<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-kde<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-motif<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 vim-xaw<6.3.045 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138 pcal<4.7nb1 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1289 d891 2 a892 2 napshare<1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1286 yamt<0.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1302 d894 8 a901 8 dillo<0.8.3nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0012 tiff<3.6.1nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1284 mpg123<0.59.18nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-esound<0.59.18nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 mpg123-nas<0.59.18nb6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0991 d903 2 a904 2 teTeX-bin<2.0.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 teTeX-bin<2.0.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888 d910 7 a916 7 mysql-client<3.23.58nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.[0-9]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.1[0-9]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.2[0-2]* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.0.23 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.[0-8]{,nb*} local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 mysql-client-4.1.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004 d921 1 a921 1 squid<2.5.7nb6 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094 d924 9 a932 9 unarj<2.65nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0947 unarj<2.65nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1027 suse{,32}_libtiff<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308 suse{,32}_x11<9.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0914 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 suse{,32}_gtk2<9.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 suse{,32}_gtk2<9.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 webmin<1.160 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0559 d936 3 a938 3 evolution12<1.2.4nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution14<1.4.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 evolution<2.0.3nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 d943 1 a943 1 p5-DBI<1.46nb2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0077 d951 4 a954 4 perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} local-root-exploit http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155 perl{,-thread}-5.8.{[0-4]{,nb*},5{,nb[1-7]},6{,nb[12]}} buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 gpdf<2.8.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 d968 1 a968 1 apache-2.0.5[0-2]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 d970 1 a970 1 mailman<2.1.4nb3 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202 d973 2 a974 2 sympa<=4.1.2nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0073 bidwatcher<1.3.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0158 d976 10 a985 10 emacs-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-21.3nb[0-6] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.[0-2]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs-nox11-21.3nb[0-1] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 emacs<20.7nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xemacs-nox11<21.4.17 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100 xview-lib<3.2.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0076 d999 2 a1000 2 kdebase<3.0.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0078 squid<2.5.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 d1003 11 a1013 11 squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 ja-squirrelmail-1.2.6* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0152 gcpio<2.5nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572 squid<2.5.8 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0173 squid<2.5.8 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2479 squid<2.5.7nb4 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194 squid<2.5.7nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718 php<3.0.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 php<3.0.19 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 mailman<2.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177 ap-python<2.7.9 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088 d1018 6 a1023 6 mailman<2.1.5 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1143 htdig<3.1.6nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0085 postgresql-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql73-lib<7.3.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql74-lib<7.4.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 postgresql80-lib<8.0.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245 d1025 13 a1037 13 #postgresql73-lib-7.3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql74-lib-7.4.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 #postgresql80-lib-8.0.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246 postgresql-lib-7.3.[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql73-lib<7.3.9nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql74-lib<7.4.7nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 postgresql80-lib<8.0.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247 gftp<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 gftp-gtk1<2.0.18 remote-file-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372 vim-share<6.3.046 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069 imap-uw<2004b remote-user-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0198 unace<1.2.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0160 unace<1.2.2nb1 no-path-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0161 d1039 3 a1041 3 cups<1.1.23nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206 ImageMagick<6.2.0.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 cyrus-sasl<2.1.19 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0373 d1045 25 a1069 25 firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 dialog-spoofing http://www.mozilla.org/security/announce/mfsa2005-16.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 data-leak http://www.mozilla.org/security/announce/mfsa2005-19.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 download-source-spoofing http://www.mozilla.org/security/announce/mfsa2005-23.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html firefox{,-bin,-gtk2,-gtk2-bin}<1.0.1 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 window-injection-spoofing http://www.mozilla.org/security/announce/mfsa2005-13.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 ssl-icon-spoofing http://www.mozilla.org/security/announce/mfsa2005-14.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 heap-overflow http://www.mozilla.org/security/announce/mfsa2005-15.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 possible-data-leak http://www.mozilla.org/security/announce/mfsa2005-20.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-26.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-27.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 local-file-delete http://www.mozilla.org/security/announce/mfsa2005-28.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.6 domain-name-spoofing http://www.mozilla.org/security/announce/mfsa2005-29.html thunderbird{,-bin,-gtk2}<1.0.1 source-spoofing http://www.mozilla.org/security/announce/mfsa2005-17.html thunderbird{,-bin,-gtk2}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-18.html d1074 4 a1077 4 xpm<3.4knb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 openmotif<2.1.30nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 lesstif<0.94.0nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 libexif<0.6.11nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664 d1080 9 a1088 9 mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server<4.0.24 remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server<4.0.24 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.[0-9]{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.[0-9]{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 mysql-server-4.1.10{nb*,} remote-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 mysql-server-4.1.10{nb*,} local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 d1093 3 a1095 3 xli<1.17.0nb2 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638 xli<1.17.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639 xli<1.17.0nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 d1097 9 a1105 9 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 ImageMagick<6.1.8 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 ImageMagick<6.0 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762 ipsec-tools<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-30.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-31.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-32.html d1111 11 a1121 11 {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0763 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004 {g,}mc<4.5.56 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1009 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1090 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1091 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1092 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1093 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1174 {g,}mc<4.5.56 remote-unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1175 {g,}mc<4.5.56 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176 d1123 3 a1125 3 gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1772 gsharutils<4.2.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1773 squid<2.5.9nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626 d1132 6 a1137 6 xorg-libs<6.8.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 XFree86-libs<=4.5.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 {ap-,}php-5.0.[0123]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 d1140 11 a1150 11 gsharutils<4.2.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0990 mysql-server<3.23.59 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0957 sun-{jre,jdk}15-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}14-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 kdelibs-3.4.0{,nb1,nb2} buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 kdelibs<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 gnome-vfs2-cdda-2.10.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2<2.6.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs2-cdda<2.8.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 gnome-vfs<1.0.5nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 libcdaudio<0.99.12nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 d1153 3 a1155 3 openoffice<1.1.4nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-linux<1.1.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 openoffice-bin<1.1.4nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0941 d1157 3 a1159 3 php-exif<4.3.11 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042 php-exif<4.3.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043 cvs<1.11.20 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753 d1170 18 a1187 18 firefox{-bin,-gtk2,-gtk2-bin}<1.0.3 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-gtk1}<1.0.2nb1 privacy-leak http://www.mozilla.org/security/announce/mfsa2005-33.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-34.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-35.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-36.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-37.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 cross-site-scripting http://www.mozilla.org/security/announce/mfsa2005-38.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-39.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 missing-argument-check http://www.mozilla.org/security/announce/mfsa2005-40.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.7 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-41.html gzip-base<1.2.4anb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228 gzip-base<1.2.4anb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 d1190 2 a1191 2 lsh<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0826 lsh<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0814 d1195 4 a1198 4 tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump-3.9.[0-1]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 tcpdump<3.8.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 d1200 1 a1200 1 php-curl<4.3.11 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392 d1204 2 a1205 2 p5-Convert-UUlib<1.05 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1349 gnutls<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1431 d1215 7 a1221 7 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.4 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-42.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-43.html mozilla{,-bin,-gtk2,-gtk2-bin}<1.7.8 privilege-escalation http://www.mozilla.org/security/announce/mfsa2005-44.html tiff<3.7.2nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1544 d1226 1 a1226 1 evolution<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806 d1237 2 a1238 2 net-snmp<5.1.2nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 net-snmp-5.2.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1740 d1240 1 a1240 1 squid<2.5.9nb2 weak-acl-enforcement http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345 d1248 5 a1252 5 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 gdb>6<6.2.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 gdb<5.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1705 binutils<2.16.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704 d1263 1 a1263 1 libextractor<0.3.11nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 d1266 1 a1266 1 mikmod<3.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0427 d1280 3 a1282 3 sudo<1.6.8pl9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1993 gcpio<2.6nb1 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111 gcpio<2.6nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229 d1287 3 a1289 3 p5-CGI<2.94 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615 perl{,-thread}-5.6.[0-9]* access-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323 d1297 2 a1298 2 zlib<1.2.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 net-snmp<5.2.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2177 d1309 1 a1309 1 cups<1.1.21rc1 acl-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154 d1312 1 a1312 1 ekg<1.6nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916 d1317 1 a1317 1 php<4.3.11nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 d1327 1 a1327 1 vim<6.3.082 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368 d1331 1 a1331 1 unzip<5.52nb2 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 d1336 2 a1337 2 gopher<3.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1853 gaim<1.4.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370 d1339 4 a1342 4 opera<8.02 dialog-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2405 opera<8.02 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2406 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 suse{,32}_base<9.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 d1344 5 a1348 5 acroread5<5.0.11 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625 acroread5<5.0.11 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841 apache-2.0.[0-4][0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.5[0-3]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 apache-2.0.54{,nb[12]} cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 d1369 1 a1369 1 thunderbird{,-bin,-gtk1}<1.0.5 disabled-scripting-bypass http://www.mozilla.org/security/announce/mfsa2005-46.html d1388 1 a1388 1 tor<0.1.0.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2643 d1390 3 a1392 3 apache-2.0.[1-4][0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.5[0-3]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 apache-2.0.54{,nb[123]} remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 d1396 3 a1398 3 apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.5[0-3]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 apache-2.0.54{,nb[123]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2728 d1406 1 a1406 1 php-5.0.[0-3]{,nb*} remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 d1408 1 a1408 1 php-5.0.4 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 d1416 1 a1416 1 ap-ssl<2.8.24 weak-authentication http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700 d1422 2 a1423 2 squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2794 squid<2.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2796 d1443 1 a1443 1 gtexinfo<4.8nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011 d1447 1 a1447 1 openssh<4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798 d1457 3 a1459 3 mit-krb5<1.8.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488 pam-ldap<180 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 nss_ldap<240 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069 d1466 2 a1467 2 hylafax<4.2.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3069 hylafax<4.2.1nb1 insecure-socket http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3070 d1469 4 a1472 4 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa200 firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/mfsa2005-58.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html mozilla{,-bin,-gtk2}<1.7.12 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-58.html d1475 4 a1478 4 eric3<3.7.2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3068 {ap-,}php<4.4.0nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3054 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2710 d1481 3 a1483 3 thunderbird{,-bin,-gtk1}<1.0.7 multiple-vulnerabilities http://www.mozilla.org/security/announce/mfsa2005-58.html thunderbird{,-bin,-gtk1}<1.0.7 remote-command-execution http://www.mozilla.org/security/announce/mfsa2005-57.html squid<2.5.10nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917 d1490 1 a1490 1 imap-uw<2004enb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933 d1503 1 a1503 1 lynx<2.8.5.3 remote-users-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120 d1507 2 a1508 2 graphviz<2.6 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2965 squid<2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258 d1510 1 a1510 1 sudo<1.6.8pl9nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2959 d1514 6 a1519 6 netpbm<10.25 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 xli<1.17.0nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0775 wget<1.10 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1487 wget<1.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1488 wget-1.9{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 wget-1.9.1{,nb*} symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 d1535 1 a1535 1 libgda<1.2.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2958 d1543 1 a1543 1 emacs-21.2.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232 d1551 2 a1552 2 horde-3.0.[0-6]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3759 horde<2.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3570 d1554 7 a1560 7 gtk2+<2.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+-2.8.[0-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gtk2+<2.6.10nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gtk2+-2.8.[0-6]{,nb*} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 gdk-pixbuf<0.22.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 gdk-pixbuf<0.22.0nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 d1566 1 a1566 1 gaim-encryption<2.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4693 d1575 3 a1577 3 suse{,32}_gtk2<9.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 suse{,32}_gtk2<9.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 d1581 7 a1587 7 blackdown-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 sun-{jre,jdk}13-* local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1080 fastjar<0.93nb3 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 inkscape-0.4[1-2]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3737 webmin<1.170nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 webmin<1.170nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912 unalz<0.53 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3862 d1589 2 a1590 2 centericq<4.20.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 centericq-4.21.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694 d1597 1 a1597 1 horde<3.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4080 d1611 9 a1619 9 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 gpdf<2.10.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 poppler<0.3.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 poppler-0.4.2{,nb1} arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 d1624 4 a1627 4 apache-2.0.[1-4][0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.5[0-4]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache-2.0.55{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 apache<1.3.34nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 d1629 1 a1629 1 opera<8.02 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2407 d1631 3 a1633 3 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192 libextractor<0.5.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193 d1635 1 a1635 1 perl<5.8.7nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962 d1646 2 a1647 2 realplayer<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 RealPlayerGold<10.0.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2629 d1658 1 a1658 1 openmotif<2.2.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3964 d1679 2 a1680 2 wine>20000000<20060000 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 wine<0.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106 d1690 1 a1690 1 vmware<5.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4459 d1695 1 a1695 1 antiword<0.37nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3126 d1699 1 a1699 1 mailman-2.1.[4-6]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4153 d1712 3 a1714 3 apache-2.0.[1-4][0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.5[0-4]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 apache-2.0.55{,nb[1234]} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 d1716 2 a1717 2 xine-lib<1.0.3anb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 xine-lib<1.0.3anb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048 d1720 5 a1724 5 ImageMagick<6.2.6.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4601 ImageMagick<6.2.6.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082 libast<0.6.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0224 png-1.2.[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 png-1.0.1[67]{,nb*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0481 d1729 1 a1729 1 firefox{,-bin,-gtk1}-1.5 remote-code-execution http://www.mozilla.org/security/announce/mfsa2006-04.html d1731 3 a1733 3 php>=5<5.1.0 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 php<4.4.2 inject-smtp-headers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3883 openssh<4.3.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 d1762 4 a1765 4 libextractor<0.5.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624 snort<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-mysql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 snort-pgsql<2.4.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0839 d1768 1 a1768 1 p5-Crypt-CBC<2.17 weak-encryption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0898 d1786 2 a1787 2 p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1279 p5-CGI-Session<4.09 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1280 d1789 13 a1801 13 dia>=0.87<0.94nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 mantis<1.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1577 mysql-server>=3.0<4.1.20 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 mysql-server>=5.0<5.0.20nb1 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903 php>=5.0<5.1.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 php<4.4.2nb1 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php>=5.0<5.1.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 ap-php<4.4.2nb6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 freeciv-server<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0047 lsh<1.4.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh<1.4.3nb4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 lsh>=2.0.0<2.0.2 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353 d1806 51 a1856 51 mplayer<1.0rc7nb10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 gmplayer<1.0rc7nb6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 mencoder<1.0rc7nb4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579 xscreensaver<4.16 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1294 xscreensaver<4.16 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655 php>=5.0<5.1.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php<4.4.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php>=5.0<5.1.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 ap-php<4.4.2nb6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0996 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 php>=5.0<5.1.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 php<4.4.2nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap-php<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,5,53,54}>=5.0<5.1.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 ap{,13,2,22}-php{,4}<4.4.2nb6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1608 firefox{,-bin,-gtk1}>=1.5<1.5.0.2 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html seamonkey{,-bin,-gtk1}<1.0.1 ui-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-29.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html seamonkey{,-bin,-gtk1}<1.0.1 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html thunderbird{,-bin,-gtk1}<1.5.0.2 security-bypass http://www.mozilla.org/security/announce/2006/mfsa2006-28.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-25.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-24.html firefox{,-bin,-gtk1}<1.0.8 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html seamonkey{,-bin,-gtk1}<1.0.1 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html mozilla{,-bin,-gtk2}<1.7.13 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-23.html firefox{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}<1.0.8 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html thunderbird{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html mozilla{,-bin,-gtk2}<1.7.13 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-22.html firefox{,-bin,-gtk1}>=1.5<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html seamonkey{,-bin,-gtk1}<1.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html thunderbird{,-bin,-gtk1}<1.5.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-20.html d1859 2 a1860 2 cy2-digestmd5<2.1.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1721 xzgv<0.8.0.1nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1060 d1867 1 a1867 1 adodb<4.72 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0806 d1870 5 a1874 5 unrealircd<3.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1214 firefox{,-gtk1}>=1.5<1.5.0.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 firefox-bin>=1.5<1.5.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1993 clamav<0.88.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1989 asterisk<1.2.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1827 d1880 5 a1884 5 crossfire-server<1.9.0nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1236 dovecot>0.99.99<1.0beta8 remote-file-listing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2414 php<4.4.2nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 php>=5<5.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1991 d1886 6 a1891 6 phpldapadmin<0.9.8.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2016 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 mysql-server>=4.0<4.1.19 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 mysql-server>=5.0<5.0.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518 d1893 22 a1914 22 quagga<0.98.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga>0.99<0.99.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 zebra-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2223 quagga<0.98.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga>0.99<0.99.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 zebra-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2224 quagga<0.98.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 quagga>0.99<0.99.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 zebra-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2276 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0405 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2024 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025 tiff<3.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026 tiff<3.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-2120 xine-lib<1.0.3anb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 awstats<6.6 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1945 awstats<6.6 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2237 quake3arena<1.32c remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3arena<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server<1.32c information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2236 quake3server-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2875 abcmidi<20060422 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1514 d1916 1 a1916 1 libextractor<0.5.14 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2458 d1918 3 a1920 3 dia<0.95.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480 cscope<15.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2541 binutils<2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362 d1923 1 a1923 1 netscape7-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1942 d1931 3 a1933 3 mpg123<0.59.18nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-esound<0.59.18nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 mpg123-nas<0.59.18nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1655 d1940 30 a1969 30 firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-31.html firefox{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html thunderbird{,-bin,-gtk1}<1.5.0.4 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html seamonkey{,-bin,-gtk1}<1.0.2 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-32.html firefox{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html thunderbird{,-bin,-gtk1}<1.5.0.4 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html seamonkey{,-bin,-gtk1}<1.0.2 http-response-smuggling http://www.mozilla.org/security/announce/2006/mfsa2006-33.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-34.html firefox{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html thunderbird{,-bin,-gtk1}<1.5.0.4 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html seamonkey{,-bin,-gtk1}<1.0.2 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-35.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-36.html firefox{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html thunderbird{,-bin,-gtk1}<1.5.0.4 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html seamonkey{,-bin,-gtk1}<1.0.2 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-37.html firefox{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html seamonkey{,-bin,-gtk1}<1.0.2 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-38.html thunderbird{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-40.html firefox{,-bin,-gtk1}<1.5.0.4 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html seamonkey{,-bin,-gtk1}<1.0.2 remote-file-stealing http://www.mozilla.org/security/announce/2006/mfsa2006-41.html firefox{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html thunderbird{,-bin,-gtk1}<1.5.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html seamonkey{,-bin,-gtk1}<1.0.2 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-42.html firefox{,-bin,-gtk1}<1.5.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html seamonkey{,-bin,-gtk1}<1.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-43.html d1978 8 a1985 8 firefox{,2}{,-bin,-gtk1}<2.0.0.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 seamonkey{,-bin,-gtk1}<1.1.5 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 mozilla{,-bin,-gtk2}-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 netscape7-[0-9]* remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894 courier-mta<0.53.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2659 gdm<2.8.0.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 gdm>=2.14<2.14.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2452 sge<6.0.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0408 d1987 1 a1987 1 0verkill<0.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2971 d1990 4 a1993 4 kadu<0.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0768 irssi<0.8.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0458 crossfire-server<1.9.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 crossfire-server<1.9.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1010 d1995 9 a2003 9 p5-libapreq2<2.07 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0042 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2691 amule<2.1.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2692 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1998 openttd<0.4.8rc2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999 jabberd>=2<2.0s11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1329 unalz<0.55 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0950 ap{2,22}-py{15,20,21,22,23,24,25,26,27,31}-python<3.2.8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1095 zoo<2.10.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1269 d2009 1 a2009 1 gd<2.0.33nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906 d2015 2 a2016 2 mutt<1.4.2.1nb7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 mutt>=1.5<1.5.11nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 d2019 2 a2020 2 gnupg<1.4.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 gnupg-devel<1.9.20nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 d2023 2 a2024 2 php<4.4.2nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 php>=5.0<5.1.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011 d2029 4 a2032 4 xine-lib<1.0.3anb10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802 php4-curl<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 php5-curl<5.1.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2563 sun-{jre,jdk}1{3,4,5}-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2426 d2039 1 a2039 1 phpmyadmin<2.8.1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1804 d2050 2 a2051 2 gimp>=2<2.2.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 gimp>=2.3.0<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 d2054 6 a2059 6 zoo<2.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0855 apache-tomcat>=5.5.0<5.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3510 pngcrush<1.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 ethereal-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3627 x11vnc<0.8.2 remote-authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2450 wv2<0.2.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197 d2062 1 a2062 1 freeciv-server-2.0.[0-8]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3913 d2065 37 a2101 37 firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-44.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-45.html firefox{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html seamonkey{,-bin,-gtk1}<1.0.3 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html thunderbird{,-bin,-gtk1}<1.5.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-46.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-47.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-48.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-49.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-50.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-51.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-52.html firefox{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html seamonkey{,-bin,-gtk1}<1.0.3 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html thunderbird{,-bin,-gtk1}<1.5.0.5 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-53.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-54.html firefox{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html seamonkey{,-bin,-gtk1}<1.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html thunderbird{,-bin,-gtk1}<1.5.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-55.html firefox{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html seamonkey{,-bin,-gtk1}<1.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html thunderbird{,-bin,-gtk1}<1.5.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-56.html apache<1.3.37 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 apache>2.0<2.0.59 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 d2104 1 a2104 1 gnupg<1.4.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746 d2107 10 a2116 10 mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server<4.1.21 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 mysql-server>5.0<5.0.25 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 mysql-server>5.0<5.0.25 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227 mysql-server>5.0<5.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1420 mysql-server>5.0<5.0.40 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 mysql-server<4.1.22nb1 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 authenticated-user-table-rename http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.40 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692 d2121 2 a2122 2 hobbit<4.0b6nb10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4003 sge-5.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3941 d2125 2 a2126 2 php>4.0<4.4.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 php>5.0<5.1.4nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 d2130 2 a2131 2 bomberclone<0.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4005 bomberclone<0.11.7 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4006 d2142 1 a2142 1 libwmf<0.2.8.4nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 d2147 4 a2150 4 libtunepimp<0.4.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600 mplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 gmplayer<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 mencoder<1.0rc8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 d2156 2 a2157 2 cscope<15.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4262 streamripper<1.61.26 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3124 d2159 1 a2159 1 musicbrainz<2.1.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4197 d2162 1 a2162 1 zope25-CMFPlone>2.0<2.5 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1711 d2165 2 a2166 2 gtetrinet<0.7.7nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3125 openoffice2{,-bin}<2.0.2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 d2169 4 a2172 4 gdb>6<6.2.1nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146 gtar-base<1.15.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 gtar-base<1.15.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300 openldap-server<2.3.25 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600 d2178 1 a2178 1 openssl<0.9.7inb2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 d2184 12 a2195 12 firefox{,-bin,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html thunderbird{,-gtk1}<1.5.0.7 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html seamonkey{,-bin,-gtk1}<1.0.5 buffer-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-57.html firefox-bin<1.5.0.7 auto-update-spoof http://www.mozilla.org/security/announce/2006/mfsa2006-58.html firefox{,-bin,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html thunderbird{,-gtk1}<1.5.0.7 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html seamonkey{,-bin,-gtk1}<1.0.5 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-60.html firefox{,-bin,-gtk1}<1.5.0.7 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html seamonkey{,-bin,-gtk1}<1.0.5 frame-content-spoofing http://www.mozilla.org/security/announce/2006/mfsa2006-61.html firefox{,-bin,-gtk1}<1.5.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-62.html thunderbird{,-gtk1}<1.5.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html seamonkey{,-bin,-gtk1}<1.0.5 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-63.html d2198 7 a2204 7 gnutls<1.4.4 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4790 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 gzip-base<1.2.4bnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 gzip-base<1.2.4bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 d2208 2 a2209 2 opera<9.02 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 opera<9.02 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819 d2213 11 a2223 11 ffmpeg-0.4.* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mono<1.1.13.8.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5072 php-4.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php-5.[01]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5178 php<4.3.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php>5.0<5.1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 php<4.4.4nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 php>5.0<5.1.6nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4625 openssh<4.3.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 openssh+gssapi<4.4 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052 openssh+gssapi<4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 d2234 2 a2235 2 qt3-libs<3.3.6nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 qt4-libs<4.1.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 d2238 2 a2239 2 ingo<1.1.2 procmail-local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5449 screen<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 d2241 7 a2247 7 mutt<1.4.2.2nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt<1.4.2.2nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 mutt>=1.5.0<1.5.13nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297 mutt>=1.5.0<1.5.13nb1 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298 ruby18-base<1.8.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467 php>=5.0<5.1.6nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 php>=4.0<4.4.4nb3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5465 d2250 9 a2258 9 firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-65.html firefox{,-bin,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html thunderbird{,-gtk1}<1.5.0.8 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html seamonkey{,-bin,-gtk1}<1.0.6 signature-forgery http://www.mozilla.org/security/announce/2006/mfsa2006-66.html firefox{,-bin,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html thunderbird{,-gtk1}<1.5.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html seamonkey{,-bin,-gtk1}<1.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-67.html d2265 5 a2269 5 png<1.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 suse{,32}_libpng<10.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 proftpd<1.3.0nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 gv<3.6.2nb1 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 gtexinfo<4.8nb6 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810 d2271 1 a2271 1 dovecot>=1.0rc8<1.0rc15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5973 d2275 8 a2282 8 fvwm>=2.4<2.4.19nb4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 fvwm>=2.5<2.5.18nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5969 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4806 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4807 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4808 imlib2<1.3.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4809 openldap-client<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 openldap-server<2.3.27nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779 d2287 6 a2292 6 lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 lha<114.9nb3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 lha<114.9nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 gtar-base<1.15.1nb4 overwrite-arbitrary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 libgsf<1.14.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4514 d2297 3 a2299 3 elinks<0.11.2 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5925 kile<1.9.3 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6085 evince<0.6.1nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 d2301 6 a2306 6 xine-lib<=1.1.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 xine-lib<1.1.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 gmplayer<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 mencoder<1.0rc8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4800 d2314 7 a2320 7 ImageMagick<6.3.0.3 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 GraphicsMagick<1.1.7 code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 proftpd<1.3.0a remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 wv<1.2.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4513 net-snmp>=5.3<5.3.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-6305 kronolith<2.1.4 local-file-inclusion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6175 clamav<0.88.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481 d2322 2 a2323 2 sylpheed<2.2.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 sylpheed-claws<2.2.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2920 d2325 3 a2327 3 dbus<0.92nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 dbus>=1.0<1.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 gdm<2.16.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6105 d2329 25 a2353 25 clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182 clamav<0.88.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295 libksba<0.9.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5111 libmodplug<0.8.4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4192 firefox{,-bin,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=1.5.0.4<1.5.0.9 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 rss-referer-leak http://www.mozilla.org/security/announce/2006/mfsa2006-75.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-76.html thunderbird{,-gtk1}<1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html thunderbird{,-gtk1}<1.5.0.9 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html thunderbird{,-gtk1}<1.5.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html seamonkey{,-bin,-gtk1}<1.0.7 memory-corruption http://www.mozilla.org/security/announce/2006/mfsa2006-68.html seamonkey{,-bin,-gtk1}<1.0.7 privilege-escalation http://www.mozilla.org/security/announce/2006/mfsa2006-70.html seamonkey{,-bin,-gtk1}<1.0.7 cross-site-scripting http://www.mozilla.org/security/announce/2006/mfsa2006-72.html seamonkey{,-bin,-gtk1}<1.0.7 remote-code-execution http://www.mozilla.org/security/announce/2006/mfsa2006-73.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-74.html pam-ldap<183 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-5170 mono<1.2.2 source-code-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6104 d2363 1 a2363 1 w3m<0.5.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6772 d2369 1 a2369 1 bzip2<1.0.4 permissions-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953 d2374 9 a2382 9 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 modular-xorg-server<1.1.1nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102 xorg-server<6.9.0nb14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103 mplayer<1.0rc9nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 gmplayer<1.0rc9nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 mencoder<1.0rc9nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6172 d2386 1 a2386 1 mit-krb5<1.4.2nb4 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6143 d2392 1 a2392 1 ap{,13,2,22}-auth-kerb<5.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5989 d2395 4 a2398 4 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0456 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0457 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0458 wireshark<0.99.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0459 d2403 9 a2411 9 poppler<0.5.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 php>5<5.2.1 bypass-security-restrictions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 php>5<5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 php>5<5.2.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 php>5<5.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 php>5<5.2.1 unspecified-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 snort{,-mysql,-pgsql}<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6931 d2416 6 a2421 6 libsoup-devel<2.2.99 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5876 gd<2.0.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 rar-bin<3.7beta1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 unrar<3.7.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0855 xine-ui<0.99.4nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254 amarok<1.4.5nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979 d2423 24 a2446 24 firefox{,-bin,-gtk1}<1.5.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-01.html firefox{,-bin,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html thunderbird{,-gtk1}-1.5.0.10 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}<1.0.8 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html nss<3.11.5 ssl-buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-06.html firefox{,-bin,-gtk1}<1.5.0.10 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html seamonkey{,-bin,-gtk1}<1.0.8 hostname-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-07.html firefox{,-bin,-gtk1}-1.5.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}-2.0.0.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}<1.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-08.html firefox{,-bin,-gtk1}<1.5.0.10 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html firefox{,-bin,-gtk1}>=2.0<2.0.0.2 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-09.html seamonkey{,-bin,-gtk1}<1.0.8 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html seamonkey{,-bin,-gtk1}>=1.1<1.1.1 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html thunderbird{,-gtk1}<1.5.0.10 buffer-overflow http://www.mozilla.org/security/announce/2007/mfsa2007-10.html php<4.4.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 d2453 1 a2453 1 libwpd<0.8.9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 d2458 3 a2460 3 asterisk<1.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1306 asterisk<1.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1561 file<4.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 d2466 2 a2467 2 qt3-libs<3.3.8nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 qt4-libs<4.2.3nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 d2469 14 a2482 14 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice<2.1.0nb5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0002 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0238 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0239 openoffice2-bin<2.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1466 freetype2<2.3.2nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351 xmms<1.2.10nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0653 ipsec-tools<0.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841 fetchmail<6.3.8 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870 lighttpd<1.4.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869 d2486 17 a2502 17 postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql73-server<7.3.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql74-server<7.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql80-server<8.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql81-server<8.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 postgresql82-server<8.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 postgresql74-server<7.4.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql80-server<8.0.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql81-server<8.1.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 postgresql82-server<8.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 php4-gd<4.4.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 php5-gd<5.2.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 zziplib<0.10.82nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1614 d2504 1 a2504 1 squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 d2506 4 a2509 4 ja-squirrelmail<=1.4.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 zoo<2.10.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1669 php4-mssql<4.4.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 php5-mssql<5.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1411 d2514 2 a2515 2 clamav<0.90.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 clamav<0.90.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2029 d2517 2 a2518 2 quagga<0.98.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 quagga>0.99<0.99.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 d2521 4 a2524 4 ap{2,22}-modsecurity{,2}>2<2.1.1 bypass-request-rules http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1359 gimp>2.2<2.2.13nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-base<1.2.5nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 gimp-2.2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 d2526 2 a2527 2 mutt<1.4.2.3 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 mutt<1.4.2.3 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683 d2529 19 a2547 19 ap{,2,22}-jk>=1.2.19<=1.2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774 apache-tomcat<=5.5.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 apache-tomcat<5.5.22 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 jakarta-tomcat4<=4.1.24 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 jakarta-tomcat5<=5.0.19 http-response-smuggling http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 firefox{,-bin,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}>=2.0<2.0.0.4 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}<1.0.9 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-12.html thunderbird{,-gtk1}<1.5.0.12 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html thunderbird{,-gtk1}>=2.0<2.0.0.4 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}<1.0.9 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 password-exposure http://www.mozilla.org/security/announce/2007/mfsa2007-15.html firefox{,-bin,-gtk1}<1.5.0.12 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html firefox{,-bin,-gtk1}>=2.0<2.0.0.4 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}<1.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html seamonkey{,-bin,-gtk1}>=1.1<1.1.2 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-16.html d2549 1 a2549 1 apache>=2.2.4<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1862 d2553 5 a2557 5 mplayer<1.0rc9nb7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 gmplayer<1.0rc9nb2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2948 spamassassin<3.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 spamassassin-3.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2873 file<4.21 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799 d2559 1 a2559 1 gnupg<1.4.7 signature-spoof http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263 d2565 4 a2568 4 bitchx<1.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3360 xvidcore<1.1.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3329 evolution-data-server<1.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257 proftpd<1.3.1rc2nb1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165 d2588 1 a2588 1 clamav<0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725 d2598 10 a2607 10 firefox{,-bin,-gtk1}<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}<1.5.0.13 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html thunderbird{,-gtk1}>=2.0<2.0.0.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html firefox{,-bin,-gtk1}<2.0.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html firefox{,-bin,-gtk1}<2.0.0.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html firefox{,-bin,-gtk1}<2.0.0.5 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html seamonkey{,-bin,-gtk1}<1.1.3 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-18.html seamonkey{,-bin,-gtk1}<1.1.3 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-19.html seamonkey{,-bin,-gtk1}<1.1.3 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-21.html seamonkey{,-bin,-gtk1}<1.1.3 unauthorized-access http://www.mozilla.org/security/announce/2007/mfsa2007-24.html d2610 20 a2629 20 bind>9.4.0<9.4.1pl1 weak-default-acls http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 bind>9.4.0<9.4.1pl1 cryptographically-weak-query-ids http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 firefox{,-bin,-gtk1}<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}<1.5.0.13 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html thunderbird{,-gtk1}>=2.0<2.0.0.6 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html seamonkey{,-bin,-gtk1}<1.1.4 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-26.html firefox{,-bin,-gtk1}<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<1.5.0.13 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html thunderbird{,-gtk1}>=2.0<2.0.0.6 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html seamonkey{,-bin,-gtk1}<1.1.4 command-injection http://www.mozilla.org/security/announce/2007/mfsa2007-27.html acroread-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages acroread5-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gaim-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wmmail-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mozilla-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>5.0<5.2.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 php<4.4.7nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3806 qt3-libs<3.3.8nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 tcpdump<3.9.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 ethereal-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d2634 1 a2634 1 rsync<2.6.9nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 d2639 3 a2641 3 xfce4-terminal<0.2.6nb1 remote-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3770 apache>=2.0<2.0.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 apache>=2.2.0<2.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 d2644 3 a2646 3 bind>8<8.9.9 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt3-libs<3.3.8nb5 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 qt4-libs<4.3.2 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 d2649 5 a2653 5 ImageMagick<6.3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987 ImageMagick<6.3.5.9 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 fetchmail<6.3.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565 d2663 5 a2667 5 dircproxy<1.2.0beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5226 spamassassin<3.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451 gnucash<2.0.5 local-symlink-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0007 chmlib<0.39 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0619 GConf2<2.16.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6698 d2673 5 a2677 5 firefox{,-bin,-gtk1}<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html seamonkey{,-bin,-gtk1}<1.1.5 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird{,-gtk1}>=2.0<2.0.0.8 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-29.html firefox{,-bin,-gtk1}<2.0.0.8 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html seamonkey{,-bin,-gtk1}<1.1.5 privilege-escalation http://www.mozilla.org/security/announce/2007/mfsa2007-35.html d2682 1 a2682 1 cups<1.2.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 d2684 2 a2685 2 perl<5.8.8nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116 mono<1.1.13.8.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5197 d2692 3 a2694 3 samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572 samba>=3.0.0<3.0.26anb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398 openldap-server<2.3.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707 d2696 2 a2697 2 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450 d2699 3 a2701 3 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 poppler<0.6.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 d2703 2 a2704 2 php>=5<5.2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4887 net-snmp<5.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846 d2706 3 a2708 3 firefox{,-bin,-gtk1}<2.0.0.10 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html firefox{,-bin,-gtk1}<2.0.0.10 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html firefox{,-bin,-gtk1}<2.0.0.10 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html d2710 1 a2710 1 micq-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d2712 4 a2715 4 cairo<1.4.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 seamonkey{,-bin,-gtk1}<1.1.7 cross-site-scripting http://www.mozilla.org/security/announce/2007/mfsa2007-37.html seamonkey{,-bin,-gtk1}<1.1.7 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-38.html seamonkey{,-bin,-gtk1}<1.1.7 cross-site-request-forgery http://www.mozilla.org/security/announce/2007/mfsa2007-39.html d2718 1 a2718 1 ruby18-actionpack<1.13.6 www-session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077 d2722 1 a2722 1 mysql-server>5.0<5.0.51 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 d2727 2 a2728 2 cups<1.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{4352,5392,5393} clamav<0.92 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5759 d2731 1 a2731 1 php<4.4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378 d2733 17 a2749 17 libsndfile<1.0.17nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4974 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql80-server<8.0.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql80-server<8.0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql81-server<8.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql81-server<8.1.11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 postgresql82-server<8.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 postgresql82-server<8.2.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 horde<3.1.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 d2755 26 a2780 26 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache<1.3.41 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.0.35<2.0.63 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 apache>=2.2.0<2.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 apache>=2.2.0<2.2.8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 libXfont<1.3.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 modular-xorg-server<1.3.0nb5 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 modular-xorg-server<1.3.0nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 modular-xorg-server<1.3.0nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 mplayer<1.0rc10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} mencoder<1.0rc10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} gmplayer<1.0rc10nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-{0485,0486} xine-lib<1.1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664 firefox{,-bin,-gtk1}<2.0.0.12 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html firefox{,-bin,-gtk1}<2.0.0.12 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html firefox{,-bin,-gtk1}<2.0.0.12 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html seamonkey{,-bin,-gtk1}<1.1.8 memory-corruption http://www.mozilla.org/security/announce/2008/mfsa2008-01.html seamonkey{,-bin,-gtk1}<1.1.8 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-03.html seamonkey{,-bin,-gtk1}<1.1.8 privacy-leak http://www.mozilla.org/security/announce/2008/mfsa2008-06.html SDL_image<1.2.6nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544 SDL_image<1.2.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697 d2782 2 a2783 2 thunderbird{,-gtk1}>=2.0<2.0.0.12 heap-overflow http://www.mozilla.org/security/announce/2008/mfsa2008-12.html pcre<7.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 d2785 5 a2789 5 evolution<2.8.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1266 sylpheed<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 sylpheed-claws<2.2.8 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1267 mutt<1.5.14 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1268 GNUMail<1.1.2 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1269 d2800 3 a2802 3 thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-01.html thunderbird{,-gtk1}>=2.0<2.0.0.12 remote-user-shell http://www.mozilla.org/security/announce/2008/mfsa2008-03.html thunderbird{,-gtk1}>=2.0<2.0.0.12 directory-traversal http://www.mozilla.org/security/announce/2008/mfsa2008-05.html d2805 1 a2805 1 dbus<1.0.2nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 d2808 1 a2808 1 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5663 d2810 3 a2812 3 acroread{,5,7}-[0-9]* multiple-unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0655 acroread{,5,7}-[0-9]* remote-printing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0667 acroread{,5,7}-[0-9]* remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0726 d2816 3 a2818 3 turba<2.1.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0807 kdepim<3.5.7 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1265 lighttpd<1.4.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 d2822 4 a2825 4 icu<3.6nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 icu<3.6nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 e2fsprogs<1.40.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 splitvt<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0162 d2829 2 a2830 2 evolution<2.12.3nb2 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072 silc-toolkit<1.1.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1227 d2834 2 a2835 2 synce-dccm<0.10.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6703 synce-dccm>=0.9.2<0.10.1 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1136 d2842 28 a2869 28 webmin<1.330 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1276 webmin<1.350 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3156 webmin<1.370 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5066 webmin<1.370nb3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0720 apache-tomcat<5.5.21 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358 apache-tomcat<5.5.25 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386 apache-tomcat<5.5.25 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-{3382,3385} apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 apache-tomcat>=5.5.9<5.5.26 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342 apache-tomcat>=5.5.0<5.5.26 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 apache-tomcat>=5.5.11<5.5.26 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mplayer<1.0rc10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 mencoder<1.0rc10nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629 gmplayer<1.0rc10nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 xine-lib<1.1.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0238 xine-lib<1.1.10.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486 p5-Net-DNS<0.63 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6341 roundup<1.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474 roundup<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111 lighttpd<1.4.19 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270 sarg<2.2.5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1167 sarg<2.2.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1168 liblive<2007.11.18 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6036 d2871 15 a2885 15 wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0665 wml<2.0.9nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0666 userppp-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1215 jasper<1.900.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721 png<1.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268 plone3<3.1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0164 maradns<1.2.12.06nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0061 xine-lib<1.1.10.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 quagga>=0.99<0.99.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4826 jakarta-tomcat4<4.1.37 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5461 nss_ldap<259 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5794 nagios-plugins<1.4.3nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5198 nagios-plugin-snmp<1.4.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5623 openoffice2<2.3.1nb5 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 openoffice2<2.3.1nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 d2887 1 a2887 1 mit-krb5<1.3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0948 d2892 3 a2894 3 silc-client<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 silc-toolkit<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3728 unzip<5.52nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 d2896 4 a2899 4 maradns<1.2.12.06 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3114 qemu<0.9.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1320 qemu<0.9.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6227 qemu<0.10.0 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 d2901 1 a2901 1 freetype2<2.3.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3506 d2905 10 a2914 10 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065 libvorbis<1.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066 vlc<0.8.6dnb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 silc-client<1.1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-server<1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 silc-toolkit<1.1.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1552 mysql-client<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<5.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d2917 8 a2924 8 firefox{,2}{,-bin,-gtk1}<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html firefox{,2}{,-bin,-gtk1}<2.0.0.13 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html thunderbird{,-gtk1}>=2.0<2.0.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-14.html seamonkey{,-bin,-gtk1}<1.1.9 popup-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-19.html seamonkey{,-bin,-gtk1}<1.1.9 cross-site-request-forgery http://www.mozilla.org/security/announce/2008/mfsa2008-16.html centerim<4.22.4 shell-command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1467 d2926 4 a2929 4 xpdf<3.02pl1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 xpdf<3.02pl2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 d2932 7 a2938 7 gtar-base<1.15.1nb5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 eterm<0.9.4nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692 rxvt<2.7.10nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 rxvt-unicode<8.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 aterm<1.0.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 wterm<6.2.9nb8 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 mrxvt<0.5.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142 d2941 9 a2949 9 comix<3.6.4nb2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568 thunderbird<1.5.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2007/mfsa2007-29.html thunderbird<1.5.0.14 memory-corruption http://www.mozilla.org/security/announce/2007/mfsa2007-40.html php<4.4.5 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 php>=5.0<5.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0931 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 cups<1.3.7 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373 lighttpd<1.4.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531 openssh<4.7.1nb3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 d2951 3 a2953 3 gnome-screensaver<2.21.6 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 gnome-screensaver<2.22.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887 sympa<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1648 d2955 2 a2956 2 acroread7<7.0.9 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5857 libgtop<2.14.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 d2962 2 a2963 2 ed<0.2nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6939 GeoIP<1.4.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0159 d2968 12 a2979 12 xscreensaver<5.02 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859 xscreensaver<5.04 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5585 neon>=0.26.0<0.26.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0157 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224 libevent<1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1030 openssl<0.9.8f side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3108 openssl<0.9.8f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4995 sqlitemanager<1.2.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1232 sqlitemanager<1.2.0 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0516 dropbear<0.49 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1099 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1218 tcpdump<3.9.7 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 d2984 16 a2999 16 m4<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 python15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python20-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python21-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python22-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1797 ktorrent<2.1.2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1384 ktorrent<2.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799 netperf<2.3.1nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1444 imp<4.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1515 nas<1.9 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 nas<1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 lookup<1.4.1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0237 asterisk>=1.4<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1594 asterisk>=1.4<1.4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2293 asterisk>=1.4<1.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2488 d3001 16 a3016 16 inkscape<0.45.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1463 mgv-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864 ap-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 ap13-perl<1.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 {ap2,ap22}-perl<2.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1349 mit-krb5<1.4.2nb5 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5>=1.6<1.6.1 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957 mit-krb5<1.4.2nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 mit-krb5>=1.6<1.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216 openpbs<2.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5616 xorg-server<1.1.1 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003 libXfont<1.2.0 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352 libX11<1.0.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667 p5-Archive-Tar<1.37 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4829 d3019 25 a3043 25 sun-{jdk,jre}14<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}15<5.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 sun-{jdk,jre}6<6.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.0.235 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.1.039 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953 lftp<3.5.9 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348 elinks<0.11.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5034 python24<2.4.5 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 python25<2.5.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052 libexif<0.6.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2645 libexif<0.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 mysql-server<4.1.23 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server<4.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0<5.0.44 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 mysql-server>5.0<5.0.44 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5925 mysql-server>5.0.9<5.0.51 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0226 bochs<2.3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2894 findutils<4.2.31 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2452 phppgadmin<4.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5728 base<1.3.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5578 mail-notification<4.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3209 dspam<3.8.0 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6418 exiv2<0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6353 libexif<0.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 gd<2.0.35 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472 d3046 7 a3052 7 openoffice2-bin<2.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4077 curl>=7.14.0<7.16.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3564 libcdio<0.80 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613 firefox-bin-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 ns-flash<9.0.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456 firefox-bin-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 ns-flash<9.0.48 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022 d3057 13 a3069 13 modular-xorg-server<1.3.0.0nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4730 php<5.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3806 kdebase<3.5.8 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820 asterisk<1.2.22 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk>=1.4<1.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 asterisk<1.2.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 asterisk>=1.4<1.4.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4103 teamspeak-server<2.0.23.19 remote-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3956 mldonkey<2.9.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4100 t1lib<5.1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4033 gdm<2.18.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381 tor<0.1.2.14 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3165 tor<0.1.2.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4174 d3073 4 a3076 4 mksh<33d privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1845 rsync>=3.0.0<3.0.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720 xine-lib<1.1.12 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 cups<1.3.7nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722 d3079 31 a3109 31 firefox{,-bin,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html seamonkey{,-bin,-gtk1}<1.1.10 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html thunderbird{,-gtk1}<2.0.0.14 remote-system-access http://www.mozilla.org/security/announce/2008/mfsa2008-20.html vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 vlc<0.8.6e arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0225 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681 vlc<0.8.6f arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 vlc<0.8.6f denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489 vlc<0.8.6f remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 poppler<0.8.0nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 xpdf<3.02pl2nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 streamripper<1.61.27nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4337 sudo<1.6.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3149 po4a<0.23nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4462 bugzilla<2.22.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla<2.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 bugzilla>3<3.0.1 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4538 bugzilla>3<3.0.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4543 konversation<1.0.1nb8 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4400 id3lib<3.8.3nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4460 sylpheed<2.4.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 claws-mail<3.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2958 subversion-base<1.4.5 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3846 bitchx<1.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4584 bitchx<1.1nb3 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5839 star<1.4.3nb4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4134 claws-mail<3.2.0 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 samba>3.0.25<3.0.26 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138 kdebase>=3.3.0<3.5.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569 d3111 1 a3111 1 fuse-chironfs<1.0RC7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5101 d3115 4 a3118 4 pwlib<1.8.3nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897 wesnoth<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 wesnoth>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917 bacula<2.2.4nb4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5626 d3123 9 a3131 9 3proxy<0.5.3j denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5622 phpmyadmin<2.11.5.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924 vobcopy<1.1.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5718 liferea<1.4.6 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5751 perdition<1.17nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5740 emacs{,-nox11}>=22<22.1nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5795 dbmail<2.2.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6714 blender<2.45nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102 blender<2.45nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103 d3133 8 a3140 8 vorbis-tools<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 SDL_sound<1.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 sweep<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 emacs{,-nox11}>=20<20.7nb11 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=21<21.4anb13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 emacs{,-nox11}>=22<22.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}<21.4.17nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 xemacs{,-nox11}>=21.5<21.5.27nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694 d3142 7 a3148 7 ikiwiki<2.42 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0165 py{15,20,21,22,23,24,25,26,27,31}-moin<1.6.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1937 swfdec<0.6.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1834 php5-apc<5.2.5.3.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1488 xine-lib<1.1.11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482 wyrd<1.4.1nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0806 imp<4.1.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 d3150 8 a3157 8 graphviz<2.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 scponly<4.8 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350 boost-libs<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 boost-headers<1.34.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 glib2<2.14.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 plone25<2.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 plone3<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5741 speex<1.0.5nb1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686 d3160 2 a3161 2 php>=5<5.2.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 php>=5<5.2.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 d3163 4 a3166 4 php5-pear-MDB2<2.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_mysql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 php5-pear-MDB2_Driver_pgsql<1.4.1nb1 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5934 pioneers<0.11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6010 d3169 1 a3169 1 rsync<2.6.9nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 d3178 1 a3178 1 php<5 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 d3183 10 a3192 10 php<5 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 php>=5<5.2.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 licq<1.3.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996 php>=4<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server<4.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5<5.0.51bnb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 mysql-server>=5.1<5.1.24 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079 qemu-0.9.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004 ganglia-webfrontend<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465 kdebase<3.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963 d3196 3 a3198 3 RealPlayerGold-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0098 qt4-libs>=4.3.0<4.3.3 certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5965 mongrel>=1.0.4<1.1.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6612 d3200 3 a3202 3 libxml2<2.6.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 bind<8.4.7pl1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 bind>=9<9.4.1pl1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 d3207 1 a3207 1 tk<8.4.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553 d3210 30 a3239 30 clamav<0.92.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 GraphicsMagick<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 vmware<5.5.6 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 vmware>=6<6.0.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 tcl<8.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 mplayer<1.0rc10nb7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 gmplayer<1.0rc10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 acroread<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread{5,7}-[0-9]* arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 acroread8<8.1.2 arbitrary-file-reading http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1199 duplicity<0.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5201 flex<2.5.33 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459 quake3arena-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3400 xdm<1.0.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214 libX11>=1.0.2<1.1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5397 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5906 xenkernel3<3.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907 xentools3-hvm<3.1.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0928 sarg<2.2.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922 mysql-server<4.1.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 mysql-server>=5<5.0.45 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3781 mysql-server>=5<5.0.42 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3782 mt-daapd-0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1771 mt-daapd<0.2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5824 mt-daapd<0.2.4.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5825 mantis<1.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 libvorbis<1.2.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423 d3244 1 a3244 1 WordNet<3.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2149 d3246 1 a3246 1 libid3tag<0.15.1bnb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2109 d3250 7 a3256 7 nagios-base<2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5803 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 gnutls<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950 libxslt<1.1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 snort<2.8.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1804 perl<5.8.8nb8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1927 d3259 1 a3259 1 samba<3.0.28anb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105 d3261 7 a3267 7 imlib2<1.4.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 emacs{,-nox11}>=20<20.7nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=21<21.4anb12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 emacs{,-nox11}>=22.1<22.1nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 xemacs-packages<1.16nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 apache-tomcat>=6<6.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 d3270 4 a3273 4 openssl<0.9.8gnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672 websvn<1.61nb8 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 evolution<2.12.3nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 evolution>=2.22<2.22.2nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108 d3278 1 a3278 1 asterisk<1.2.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2119 d3285 4 a3288 4 net-snmp<5.4.1nb4 spoof-authenticated-packets http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960 freetype2<2.3.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 apache>2.0<2.0.63nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 apache>=2.2.0<2.2.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364 d3297 1 a3297 1 vim{,-gtk,-gtk2,-motif,-xaw,-share}<7.1.299 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 d3301 3 a3303 3 roundcube<0.2alpha cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6321 clamav<0.93.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 fetchmail<6.3.8nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 d3314 6 a3319 6 firefox{,-bin,-gtk1}<2.0.0.15 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 firefox{,-bin,-gtk1}<2.0.0.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 seamonkey{,-bin,-gtk1}<1.1.10 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 seamonkey{,-bin,-gtk1}<1.1.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 d3322 2 a3323 2 vlc<0.8.6fnb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2430 openldap-client<2.4.9nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952 d3325 12 a3336 12 thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 thunderbird{,-gtk1}<2.0.0.16 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-24.html thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 thunderbird{,-gtk1}<2.0.0.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811 pcre<7.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 #vte-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 libzvt-[0-9]* utmp-entry-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0023 bind>9.5.0<9.5.0pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.4.0<9.4.2pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind>9.3.0<9.3.5pl1 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 bind-8.[0-9]* cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 poppler<0.8.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 d3344 3 a3346 3 sun-j{re,dk}14<2.18 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}15<5.0.16 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] sun-j{re,dk}6<6.0.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-[3103-3115] d3348 5 a3352 5 zsh<4.2.6nb1 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 zsh>=4.3<4.3.4nb2 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6209 firefox{,-bin,-gtk1}<2.0.0.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html firefox3{,-bin}<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html seamonkey{,-bin,-gtk1}<1.1.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-34.html d3354 4 a3357 4 py{26,27,34,35,36}-mercurial<1.0.1nb1 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2942 firefox{,-bin,-gtk1}<2.0.0.16 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html firefox3{,-bin}<3.0.1 remote-information-exposure http://www.mozilla.org/security/announce/2008/mfsa2008-35.html byacc<20050813nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196 d3359 6 a3364 6 dnsmasq<2.45 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk<1.2.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3263 asterisk>=1.4<1.4.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3264 openssh<5.0.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3259 d3367 3 a3369 3 newsx<1.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3252 trac<0.10.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3328 RealPlayerGold<11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5400 d3371 3 a3373 3 gnutls>=2.3.5<2.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2377 fprot-workstation-bin-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3447 pan<0.133 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 d3375 9 a3383 9 python24<2.4.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python25<2.5.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 python24<2.4.5nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 python25<2.5.2nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 apache-tomcat<5.5.27 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947 jakarta-tomcat4<4.1.39 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 jakarta-tomcat4<4.1.39 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 jakarta-tomcat5-[0-9]* directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370 d3387 2 a3388 2 powerdns<2.9.21nb2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337 pidgin<2.5.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532 d3390 5 a3394 5 apache-2.0.[0-5]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.6[0-2]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache-2.0.63{,nb[12]} cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 apache>=2.2.0<2.2.9nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 python25<2.5.2nb3 weak-cryptography http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 d3397 9 a3405 9 amarok<1.4.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699 ipsec-tools<0.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651 ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652 vim{,-gtk,-gtk2,-kde,-motif,-xaw,-share}<7.2.69 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 isc-dhcpd<3.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0062 postfix<2.5.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix<2.5.4 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 postfix>=2.6.20080000<2.6.20080814 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 postfix>=2.6.20080000<2.6.20080814 information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937 d3408 1 a3408 1 yelp>=2.19.90<2.22.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3533 d3414 1 a3414 1 awstats<6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3714 d3416 3 a3418 3 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc<0.9.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 sqlitemanager-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d3421 2 a3422 2 tiff<3.8.2nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2327 ruby18-base<1.8.7.72nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 d3424 1 a3424 1 openoffice{,2}<2.4.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3282 d3427 1 a3427 1 libxml2<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 d3438 1 a3438 1 png>=1.2.30beta04<1.2.32beta01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964 d3440 2 a3441 2 vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3732 vlc08<0.8.6i arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3794 d3443 2 a3444 2 mysql-server>=5<5.0.66 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 mysql-server>=5.1<5.1.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3963 d3447 2 a3448 2 proftpd<1.3.2rc2 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 ffmpeg<20080727 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3230 d3450 17 a3466 17 firefox{,-bin,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 seamonkey{,-bin,-gtk1}<1.1.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 thunderbird{,-gtk1}<2.0.0.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0016 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3836 firefox{,-bin,-gtk1}<2.0.0.17 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4059 firefox3{,-bin}<3.0.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058 firefox{,-bin,-gtk1}<2.0.0.17 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox3{,-bin}<3.0.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063 seamonkey{,-bin,-gtk1}<1.1.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 firefox{,-bin,-gtk1}<2.0.0.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4066 firefox3{,-bin}<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065 seamonkey{,-bin,-gtk1}<1.1.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 thunderbird{,-gtk1}<2.0.0.17 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4070 d3468 2 a3469 2 aegis<4.24.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4938 samba>3.2<3.2.3 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3789 d3471 8 a3478 8 tnftpd<20080929 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 firefox3<3.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4324 gmplayer<1.0rc10nb6 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mencoder<1.0rc10nb3 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 mplayer<1.0rc10nb8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 xerces-c<3.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4482 xentools3-hvm-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1945 libxml2<2.7.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4409 d3480 1 a3480 1 mysql-client>=5.0<5.0.67nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456 d3490 7 a3496 7 gtar-base<1.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476 dbus<1.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3834 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3639 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3640 cups<1.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3641 vlc<0.9.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 mantis<1.1.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3102 d3499 1 a3499 1 jhead<2.84 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4575 d3504 4 a3507 4 mantis<1.1.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4687 apache-tomcat<5.5.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat4<4.1.32 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 jakarta-tomcat5-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271 d3511 4 a3514 4 websvn<2.1.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5918 websvn<2.1.0 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5919 websvn<2.1.0 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0240 enscript<1.6.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863 d3516 1 a3516 1 libspf2<1.2.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2469 d3519 1 a3519 1 jhead<2.86 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4641 d3522 1 a3522 1 lynx<2.8.6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7234 d3525 2 a3526 2 openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2237 openoffice2{,-bin}<2.4.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2238 d3528 2 a3529 2 crossfire-maps-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 crossfire-server>=1.11.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4908 d3531 2 a3532 2 ed<1.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 kdelibs-3.[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5698 d3534 1 a3534 1 net-snmp<5.4.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309 d3536 2 a3537 2 silc-server<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1429 nagios-base<3.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5027 d3542 2 a3543 2 lmbench-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4968 gnutls<2.6.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989 d3548 4 a3551 4 nagios-base<3.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5028 fwbuilder{,21}-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4956 scilab<4.1nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983 optipng<0.6.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101 d3554 5 a3558 5 streamripper<1.61.27nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4829 libxml2<2.7.2nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225 libxml2<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226 imlib2<1.4.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 mailscanner<4.55.11 insecure-temporary-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5140 d3560 19 a3578 19 blender<2.49bnb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863 vmware<5.5.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4915 firefox{,-bin,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-48.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-49.html firefox3{,-bin}<3.0.4 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-51.html firefox{,-bin,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox3{,-bin}<3.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html thunderbird{,-gtk1}<2.0.0.18 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html seamonkey{,-bin,-gtk1}<1.1.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2008/mfsa2008-52.html firefox{,-bin,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html firefox3{,-bin,-gtk1}<3.0.4 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html thunderbird{,-gtk1}<2.0.0.18 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-56.html seamonkey{,-bin,-gtk1}<1.1.13 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html thunderbird{,-gtk1}<2.0.0.18 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-59.html libcdaudio<0.99.12nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5030 d3587 4 a3590 4 squirrelmail<1.4.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2379 ImageMagick<6.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 GraphicsMagick<1.1.8 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1096 powerdns<2.9.21.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5277 d3592 7 a3598 7 sun-j{re,dk}14<2.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}15<5.0.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 sun-j{re,dk}6<6.0.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2086 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.10.0{,nb1,nb2} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302 perl-5.8.8{,nb*} privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5303 d3601 1 a3601 1 mgetty<1.1.36nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4936 d3606 2 a3607 2 phppgadmin<4.2.2 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5587 mailscanner<4.74.6.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5313 d3609 5 a3613 5 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5249 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5250 mediawiki<1.13.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5252 roundcube<0.2beta2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5619 roundcube<0.2beta2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5620 d3620 1 a3620 1 cmus<2.2.0nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5375 d3622 7 a3628 7 firefox{,-bin}-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox-gtk1-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imap-uw<2007e denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5514 avahi<0.6.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081 openvpn>=2.1rc1<2.1rc9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3459 pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5743 pdfjam<1.21 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5843 d3630 1 a3630 1 courier-authlib<0.62.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2380 d3632 6 a3637 6 qemu<0.10.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2382 aview<1.3.0.1nb12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4935 gitweb>=1.6<1.6.0.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.6<1.5.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.5.5<1.5.5.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 gitweb>=1.4.3<1.5.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5916 d3639 33 a3671 33 firefox{,-bin,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-62.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox{,-bin,-gtk1}<2.0.0.19 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox{,-bin,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox{,-bin,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox{,-bin,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-69.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html firefox3{,-bin}<3.0.5 information-disclosure http://www.mozilla.org/security/announce/2008/mfsa2008-63.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html firefox3{,-bin}<3.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html firefox3{,-bin}<3.0.5 security-bypass http://www.mozilla.org/security/announce/2008/mfsa2008-66.html firefox3{,-bin}<3.0.5 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-67.html firefox3{,-bin}<3.0.5 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html firefox3{,-bin}<3.0.5 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-69.html seamonkey{,-bin,-gtk1}<1.1.14 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html seamonkey{,-bin,-gtk1}<1.1.14 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html seamonkey{,-bin,-gtk1}<1.1.14 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html seamonkey{,-bin,-gtk1}<1.1.14 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html thunderbird{,-gtk1}<2.0.0.19 denial-of-service http://www.mozilla.org/security/announce/2008/mfsa2008-60.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-61.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-64.html thunderbird{,-gtk1}<2.0.0.19 cross-site-scripting http://www.mozilla.org/security/announce/2008/mfsa2008-65.html thunderbird{,-gtk1}<2.0.0.19 ui-spoofing http://www.mozilla.org/security/announce/2008/mfsa2008-66.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-67.html thunderbird{,-gtk1}<2.0.0.19 privilege-escalation http://www.mozilla.org/security/announce/2008/mfsa2008-68.html xterm<238 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383 libaudiofile<0.2.6nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824 d3674 2 a3675 2 samba>=3.2.0<3.2.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0022 openssl<0.9.8j signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 d3681 3 a3683 3 bind>=9.4.0<9.4.3pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.5.0<9.5.1pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 bind>=9.6.0<9.6.0pl1 dnssec-validation-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 d3688 3 a3690 3 roundcube<0.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0413 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5516 gitweb<1.5.6.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5517 d3692 1 a3692 1 xdg-utils<1.1.0rc1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0386 d3694 1 a3694 1 #xdg-utils-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0068 d3697 1 a3697 1 devIL>=1.6.7<1.7.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5262 d3699 1 a3699 1 ap{,2,22}-auth-mysql>=4<4.3.9nb1 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2384 d3702 2 a3703 2 ntp<4.2.4p6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 dia-python<0.97.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5984 d3708 4 a3711 4 netsaint-base-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugins-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-cluster-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages netsaint-plugin-snmp-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d3718 2 a3719 2 sudo<1.7.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034 squid<2.7 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d3722 13 a3734 13 firefox3{,-bin}<3.0.6 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html firefox3{,-bin}<3.0.6 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html firefox3{,-bin}<3.0.6 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html seamonkey{,-bin,-gtk1}<1.1.15 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-02.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-03.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-04.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-05.html seamonkey{,-bin,-gtk1}<1.1.15 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-06.html thunderbird{,-gtk1}<2.0.0.21 remote-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-01.html d3739 1 a3739 1 evolution-data-server<2.24.4.1nb2 smime-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0547 d3745 7 a3751 7 boinc-[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0126 mpack<1.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1425 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755 poppler<0.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240 xine-lib<1.1.16.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0385 d3753 1 a3753 1 djbdns<1.05nb9 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4392 d3765 1 a3765 1 trickle>=1.07 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0415 d3767 1 a3767 1 squid<3.2.0.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801 d3769 2 a3770 2 curl<7.18.0nb4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 curl>=7.19.0<7.19.4 remote-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 d3776 15 a3790 15 firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html firefox3{,-bin}<3.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html firefox3{,-bin}<3.0.7 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html firefox3{,-bin}<3.0.7 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html firefox3{,-bin}<3.0.7 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html seamonkey{,-bin,-gtk1}<1.1.15 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html seamonkey{,-bin,-gtk1}<1.1.15 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html seamonkey{,-bin,-gtk1}<1.1.15 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-07.html thunderbird{,-gtk1}<2.0.0.21 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-08.html thunderbird{,-gtk1}<2.0.0.21 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-09.html thunderbird{,-gtk1}<2.0.0.21 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-10.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-11.html d3796 3 a3798 3 py{15,20,21,22,23,24,25,26,27,31}-amkCrypto<2.0.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0544 wesnoth<1.5.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0366 icu<4.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036 d3801 1 a3801 1 evolution-data-server<2.24.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0587 d3806 4 a3809 4 gst-plugins0.10-base<0.10.22nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0586 firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html firefox3{,-bin}<3.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-13.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-12.html d3813 1 a3813 1 bugzilla>=3.2<3.2.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1213 d3815 2 a3816 2 openssl<0.9.8k denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 eog<2.25.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983 d3818 1 a3818 1 ghostscript<8.64nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 d3821 7 a3827 7 jakarta-tomcat4>=4.0.0<4.0.7 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat4>=4.1.0<4.1.37 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 jakarta-tomcat5>=5.0.0<5.0.31 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 apache-tomcat>=5.5.0<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5519 lcms<1.18nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0793 tunapie<2.1.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1253 tunapie<2.1.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1254 d3829 2 a3830 2 ap13-perl<1.29nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 ap{2,22}-perl<2.0.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0796 d3832 1 a3832 1 ntp<4.2.4p7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 d3836 4 a3839 4 ghostscript<8.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 ghostscript<8.64nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 ghostscript<8.64nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 d3841 55 a3895 55 compiz-fusion-plugins-main<0.6.0nb2 local-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6514 ldns<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1086 phpmyadmin<2.11.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1150 phpmyadmin<2.11.9.5 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1151 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0846 mit-krb5<1.4.2nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0847 sun-{jdk,jre}14<2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 sun-{jdk,jre}14<2.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 sun-{jdk,jre}15<5.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 sun-{jdk,jre}6<6.0.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 sun-{jdk,jre}14<2.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}15<5.0.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}6<6.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 sun-{jdk,jre}14<2.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}6<6.0.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 sun-{jdk,jre}15<5.0.18 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 sun-{jdk,jre}6<6.0.13 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 xpdf<3.02pl3 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 xpdf<3.02pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 poppler<0.10.6 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187 poppler<0.10.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 ruby18-base<1.8.7.160 password-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 ruby18-base<1.8.7.160 cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 d3898 25 a3922 25 firefox3{,-bin}<3.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html firefox3{,-bin}<3.0.9 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html firefox3{,-bin}<3.0.9 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-20.html firefox3{,-bin}<3.0.9 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html firefox3{,-bin}<3.0.9 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html firefox3{,-bin}<3.0.10 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-23.html seamonkey{,-bin,-gtk1}<1.1.16 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html seamonkey{,-bin,-gtk1}<1.1.15 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html seamonkey{,-bin,-gtk1}<1.1.17 information-disclosure http://www.mozilla.org/security/announce/2009/mfsa2009-21.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-16.html seamonkey{,-bin,-gtk1}<1.1.17 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-18.html seamonkey{,-bin,-gtk1}<2.0 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-19.html seamonkey{,-bin,-gtk1}<2.0 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2009-22.html thunderbird{,-gtk1}<2.0.0.22 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-14.html thunderbird{,-gtk1}<2.0.0.21 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-15.html thunderbird{,-gtk1}<2.0.0.22 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-17.html libmodplug<0.8.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 freetype2<2.3.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 gnutls>=2.5.0<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1416 gnutls<2.6.6 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1417 d3928 4 a3931 4 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 suse{,32}_freetype2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946 d3937 1 a3937 1 amule<2.2.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1440 d3940 3 a3942 3 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 cyrus-sasl<2.1.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0688 d3946 3 a3948 3 apache>=2.2.0<2.2.11nb3 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191 plone3<3.2.2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0662 file<5.03 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515 d3950 2 a3951 2 memcached<1.2.8 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1255 cscope<15.7a remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0148 d3953 5 a3957 5 ntp>=4<4.2.4p7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 openssl<0.9.8knb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 pango<1.24 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 d3959 1 a3959 1 ipsec-tools<0.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 d3961 1 a3961 1 quagga<0.99.12 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1572 d3963 4 a3966 4 pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374 pidgin<2.5.6 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375 pidgin<2.5.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 d3971 1 a3971 1 apache>=2.2<2.2.11nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 d3975 14 a3988 14 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1788 libsndfile<1.0.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1791 apache-tomcat>=6<6.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=6<6.0.20 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=6<6.0.20 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 apache-tomcat>=5<5.5.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 apache-tomcat>=5<5.5.28 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 apache-tomcat>=5<5.5.28 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 jakarta-tomcat4-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 jakarta-tomcat4-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 jakarta-tomcat4-[0-9]* information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 d3991 1 a3991 1 apr-util<1.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023 d3998 1 a3998 1 xfig<3.2.5b privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1962 d4000 3 a4002 3 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 suse{,32}_openssl<11.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 d4004 1 a4004 1 scmgit-base<1.6.3.3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2108 d4006 21 a4026 21 icu<4.0.1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153 firefox3{,-bin}<3.0.11 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html firefox3{,-bin}<3.0.11 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html firefox3{,-bin}<3.0.11 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-28.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-30.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html firefox3{,-bin}<3.0.11 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html thunderbird{,-gtk1}<2.0.0.22 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html thunderbird{,-gtk1}<2.0.0.22 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html thunderbird{,-gtk1}<2.0.0.22 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html seamonkey{,-bin,-gtk1}<1.1.17 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-24.html seamonkey{,-bin,-gtk1}<1.1.17 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-25.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-26.html seamonkey{,-bin,-gtk1}<1.1.17 sensitive-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2009-27.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-29.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-31.html seamonkey{,-bin,-gtk1}<1.1.17 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-32.html d4029 4 a4032 4 ruby18-base<1.8.7.72nb3 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0642 jakarta-tomcat{4,5}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages tiff<3.8.2nb5 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285 samba>=3.0.31<3.0.34nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 d4035 1 a4035 1 nagios-base<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2288 d4037 4 a4040 4 apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890 apache>=2.2<2.2.11nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 tor<0.2.0.35 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2425 tor<0.2.0.35 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2426 d4042 3 a4044 3 pidgin<2.5.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1889 wxGTK-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 amaya<11.3.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2369 d4046 3 a4048 3 ruby18-actionpack<2.3.2nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422 dillo<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2294 mysql-server<5.0.67nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2446 d4050 4 a4053 4 mimetex<1.71 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382 mimetex<1.71 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459 isc-dhclient>=4<4.1.0p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 isc-dhcp-client<3.1.2p1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0692 d4056 15 a4070 15 tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2347 xmlsec1<1.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 xml-security-c<1.5.1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 mono<2.4.2.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 sun-{jdk,jre}6<6.0.15 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 libmodplug<0.8.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 gst-plugins0.10-bad<0.10.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1438 gst-plugins0.10-bad<0.10.11 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1513 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0945 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1687 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690 kdelibs-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698 kdegraphics-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1709 p5-DBD-postgresql<2.0.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0663 p5-DBD-postgresql<2.0.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1341 d4074 7 a4080 7 pulseaudio<0.9.14nb3 local-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1894 firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-34.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-35.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-36.html firefox3{,-bin}<3.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-37.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-39.html firefox3{,-bin}<3.0.12 security-bypass http://www.mozilla.org/security/announce/2009/mfsa2009-40.html d4082 3 a4084 3 bind<9.4.3pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.5.0<9.5.1pl3 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 bind>=9.6.0<9.6.1pl1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696 d4087 11 a4097 11 webkit-gtk<1.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2419 suse{,32}_openssl<11.3 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 suse{,32}_openssl<11.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 suse{,32}_libcups<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 suse{,32}_gtk2<11.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295 py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.0 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2265 python24<2.4.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 python25<2.5.4 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 adobe-flash-plugin<10.0.32.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 ns-flash<9.0.246.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862 d4100 8 a4107 8 apr-util<1.3.9 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 subversion-base<1.6.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411 apr<0.9.19 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 apr>=1.0<1.3.8 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 GraphicsMagick<1.3.5nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1097 openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720 openexr<1.6.1nb1 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721 openexr<1.6.1nb1 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722 d4112 3 a4114 3 firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 firefox3{,-bin}<3.0.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2404 firefox3{,-bin}<3.0.13 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2654 d4119 1 a4119 1 irssi<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1959 d4121 8 a4128 8 kdelibs<3.5.10nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1725 firefox3{,-bin}<3.0.12 denial-of-service http://www.mozilla.org/security/announce/2009/mfsa2009-38.html firefox3{,-bin}<3.0.13 www-address-spoof http://www.mozilla.org/security/announce/2009/mfsa2009-44.html firefox3{,-bin}<3.0.13 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-45.html zope29<2.9.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope210<2.10.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope211<2.11.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 zope3<3.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0668 d4133 2 a4134 2 xerces-c<2.8.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885 camlimages<3.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660 d4138 1 a4138 1 gnutls<2.8.2 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730 d4141 11 a4151 11 curl<7.19.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417 samba-3.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml2<2.7.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414 libxml<1.8.17nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416 p5-Compress-Raw-Bzip2<2.0.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1884 libvorbis<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663 ntop<4.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2732 isc-dhcp-server<3.1.2p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892 cogito-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d4156 1 a4156 1 expat<2.0.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 d4160 13 a4172 13 neon<0.28.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2473 neon<0.28.6 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2474 squid<2.7.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2855 libpurple<2.5.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694 libpurple-2.6.0{,nb[0-9]*} denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025 libpurple<2.6.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026 ikiwiki<3.1415926 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2944 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3047 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3046 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3045 opera<10.0 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3044 opera<10.0 html-form-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3048 opera<10.0 url-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3049 d4174 19 a4192 19 qt4-libs<4.5.2nb3 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice2{,-bin}<2.4.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0200 openoffice3{,-bin}<3.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0201 dnsmasq<2.50 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 dnsmasq<2.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 freeradius<1.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3086 rails<2.3.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3009 libpurple>=2.5.2<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085 libpurple>=2.6.0<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083 libpurple<2.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703 apache<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache>=2.2.0<2.2.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 apache-2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 kdelibs-3.[0-9]* ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2702 cyrus-imapd<2.2.13p1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2632 d4194 17 a4210 17 slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159 slic-server<1.1.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160 seamonkey{,-bin,-gtk1}<1.1.18 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html seamonkey{,-bin,-gtk1}<1.1.18 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html thunderbird{,-gtk1}<2.0.0.23 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html thunderbird{,-gtk1}<2.0.0.23 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-47.html firefox<3.5.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html xulrunner<1.9.1.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox3<3.0.14 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html firefox<3.5.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xulrunner<1.9.1.3 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html firefox3<3.0.14 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-51.html xapian-omega<1.0.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2947 bugzilla<3.2.5 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165 d4216 10 a4225 10 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4631 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4632 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4633 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4634 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4635 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4636 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4637 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4638 ffmpeg<0.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4639 ffmpeg<0.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4640 d4227 9 a4235 9 nginx<0.5.38 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.6<0.6.39 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.7<0.7.62 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx>=0.8<0.8.15 buffer-underflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2629 nginx<0.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.6<0.6.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.7<0.7.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 nginx>=0.8<0.8.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3896 fprot-workstation-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d4240 2 a4241 2 nginx<0.7.63 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 nginx>=0.8<0.8.17 security-restrictions-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3898 d4247 20 a4266 20 apache>=2.0<2.0.64 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache>=2.2.0<2.2.13nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 apache<1.3.42 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 tkman-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5137 horde<3.3.5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236 horde<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237 glib2<2.2.21 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3289 puppet<0.24.9 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 aria2<1.2.0 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3575 py{15,20,21,22,23,24,25,26,27,31}-django<1.0.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 py{15,20,21,22,23,24,25,26,27,31}-django>=1.1<1.1.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3695 unbound<1.3.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3602 py{15,20,21,22,23,24,25,26,27,31}-postgresql<4.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2940 gd<2.0.35nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 php5-gd<5.2.11nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 d4270 14 a4283 14 firefox3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox<3.5.4 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-52.html firefox<3.5.4 insecure-temp-files http://www.mozilla.org/security/announce/2009/mfsa2009-53.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-54.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html firefox<3.5.4 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-57.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html firefox<3.5.4 same-origin-violation http://www.mozilla.org/security/announce/2009/mfsa2009-60.html firefox<3.5.4 local-filename-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-61.html firefox<3.5.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html xulrunner<1.9.1.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4 proftpd<1.3.3 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3639 bftpd<2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4593 d4288 2 a4289 2 squidGuard<1.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3700 squidGuard-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3826 d4291 4 a4294 4 p5-HTML-Parser<3.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3627 seamonkey{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html seamonkey{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html seamonkey{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html d4300 5 a4304 5 openssl<0.9.8l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 sun-{jdk,jre}14-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk,jre}15-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gnutls<2.10.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 libwww<5.4.0nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 d4306 2 a4307 2 mysql-server<5.0.88 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4019 mysql-client<5.0.88 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4028 d4320 3 a4322 3 bind>=9.0<9.4.3pl5 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.5<9.5.2pl2 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 bind>=9.6<9.6.1pl3 dns-cache-poisoning http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 d4325 3 a4327 3 kdelibs<3.5.10nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 kdelibs>4<4.3.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 rt<3.8.6 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3585 d4334 13 a4346 13 libvorbis<1.2.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 apr<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2699 vmware-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vmware-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages phpmyadmin<2.11.9.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3696 phpmyadmin<2.11.9.6 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3697 xpdf<3.02pl4 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 poppler<0.11.0 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 poppler-glib<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 poppler<0.12.1 local-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 d4349 15 a4363 15 libpurple<2.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3615 automake<1.11.1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 automake14<1.4.6nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4029 centerim<4.22.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776 devIL<1.7.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3994 ntp<4.2.4p8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html firefox<3.5.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.6 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html firefox<3.5.6 url-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-69.html firefox<3.5.6 privilege-escalation http://www.mozilla.org/security/announce/2009/mfsa2009-70.html firefox<3.5.6 privacy-leak http://www.mozilla.org/security/announce/2009/mfsa2009-71.html xulrunner<1.9.1.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6 seamonkey<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.1 d4370 1 a4370 1 coreutils<6.12nb3 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4135 d4373 8 a4380 8 ghostscript<8.70nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4270 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557 php<5.2.11nb2 arbitrary-fifo-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558 php<5.2.11nb2 arbitrary-file-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017 php<5.2.12 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142 php<5.2.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143 horde<3.3.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3701 kdegraphics<4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 d4383 1 a4383 1 proftpd<1.3.2c man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 d4388 2 a4389 2 sunbird-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 thunderbird{,-gtk1}-2.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 d4391 2 a4392 2 qt4-libs<4.5.3nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2816 qt4-libs<4.5.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3384 d4397 1 a4397 1 kdegraphics-3.[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035 d4399 4 a4402 4 trac<0.11.6 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 ja-trac<0.11.5pl1nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4405 php{5,53,54,55}-jpgraph-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4422 openttd<0.7.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4007 d4404 1 a4404 1 ruby18-base<1.8.7.174nb3 escape-sequence-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4492 d4406 1 a4406 1 libthai<0.1.13 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4012 d4409 2 a4410 2 Transmission<1.77 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0012 openssl<0.9.8lnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4355 d4412 5 a4416 5 cherokee<0.99.32 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4489 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7251 phpmyadmin<2.11.10 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7252 phpmyadmin<2.11.10 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 lib3ds<2.0rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0280 d4418 8 a4425 8 gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2624 gzip<1.3.12nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0001 apache-tomcat<5.5.29 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat<5.5.29 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat<5.5.29 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 apache-tomcat>=6<6.0.21 arbitrary-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693 apache-tomcat>=6<6.0.21 insecure-partial-deploy http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901 apache-tomcat>=6<6.0.21 unexpected-file-deletion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902 d4429 1 a4429 1 mit-krb5<1.4.2nb9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4212 d4431 1 a4431 1 acroread7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d4433 2 a4434 2 acroread8-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages maildrop<2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0301 d4437 4 a4440 4 apache<1.3.42 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0010 ircd-hybrid<7.2.3nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4016 fuse>=2.0<2.8.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0789 samba<3.3.10 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 d4444 1 a4444 1 apache-1.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d4447 5 a4451 5 lighttpd<1.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0295 fetchmail<6.3.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0562 gmime<2.2.25nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 gmime24<2.4.15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0409 GraphicsMagick<1.3.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882 d4456 1 a4456 1 mysql-server>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 d4458 2 a4459 2 bugzilla-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla<3.2.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3989 d4461 9 a4469 9 ejabberd<2.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0305 libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995 libmikmod<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996 nss<3.12.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 samba<3.3.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0926 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0292 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0293 chrony<1.23.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0294 gnome-screensaver<2.28.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0414 d4471 4 a4474 4 netpbm<10.35.72 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274 openoffice2{,-bin}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0668 py{15,20,21,22,23,24,25,26,27,31}-moin<1.8.7 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0669 d4477 14 a4490 14 sudo>=1.6.9<1.7.2p4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0426 sudo-1.6.[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0427 openoffice2-bin-[0-9]* signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice3-bin<3.2 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 openoffice2{,-bin}-[0-9]* remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice3{,-bin}<3.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2949 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2950 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3301 openoffice2{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 openoffice3{,-bin}<3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3302 d4493 4 a4496 4 gnome-screensaver<2.28.3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0422 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277 libpurple<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420 pidgin<2.6.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423 d4499 16 a4514 16 thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-65.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-66.html thunderbird>=3<3.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-67.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html firefox>=3.5<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html firefox<3.5.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html firefox<3.5.8 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html xulrunner<1.9.1.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.8 seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-02.html seamonkey<2.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-04.html seamonkey<2.0.3 cross-site-scripting http://www.mozilla.org/security/announce/2009/mfsa2010-05.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-01.html thunderbird<3.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-03.html d4516 2 a4517 2 gnome-screensaver<2.28.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4641 openldap-client<2.4.18 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3767 d4520 2 a4521 2 png<1.2.43 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 cups<1.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0393 d4524 3 a4526 3 apache>=2.2<2.2.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408 apache>=2.2<2.2.15 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 apache-2.0.[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 d4528 2 a4529 2 gtar-base<1.23 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 gcpio<2.6nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624 d4532 2 a4533 2 samba<3.3.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0728 spamass-milter<0.3.1nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1132 d4535 1 a4535 1 unbound<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0969 d4538 5 a4542 5 seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-49.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-59.html seamonkey{,-bin}<1.1.19 ntlm-authentication-hijack http://www.mozilla.org/security/announce/2009/mfsa2009-68.html seamonkey{,-bin}<1.1.19 remote-information-exposure http://www.mozilla.org/security/announce/2009/mfsa2010-06.html seamonkey{,-bin}<1.1.19 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2010-07.html d4544 6 a4549 6 nss<3.12.3 ssl-cert-spoofing http://www.mozilla.org/security/announce/2009/mfsa2009-42.html nss<3.12.3 heap-overflow http://www.mozilla.org/security/announce/2009/mfsa2009-43.html openssl<0.9.8mnb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245 spice-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages seamonkey{,-bin}-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages dpkg<1.14.29 remote-manipulation-data http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0396 d4552 9 a4560 9 php5-xmlrpc<5.2.13nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 php53-xmlrpc<5.3.2nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0397 pango<1.26.2nb2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0421 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0439 deliver-[0-9]* insecure-lock-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1123 ctorrent-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ctorrent-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1759 sun-{jre,jdk}6<6.0.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0847 firefox<3.6.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-25.html d4562 1 a4562 1 py{15,20,21,22,23,24,25,26,27,31}-moin<1.9.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828 d4570 1 a4570 1 expat<2.0.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 d4573 2 a4574 2 kdebase<4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 kdebase-workspace<4.3.5nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0436 d4576 6 a4581 6 teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 dvipsk<5.98nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160 nano<2.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1155 irssi<0.8.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1156 d4583 4 a4586 4 erlang<13.2.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2371 memcached<1.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1152 clamav<0.96 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098 clamav<0.96 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311 d4588 1 a4588 1 mediawiki<1.15.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1150 d4591 1 a4591 1 p5-Crypt-OpenSSL-DSA<0.13nb6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0129 d4594 5 a4598 5 libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1192 libesmtp<1.0.6 ssl-certificate-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1194 apache-tomcat<5.5.30 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 apache-tomcat>=6<6.0.27 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157 smalltalk<3.1nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 d4601 13 a4613 13 gcc44<4.4.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc34<3.4.6nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 gcc3-java-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050 qt4-libs<4.6.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052 qt4-libs<4.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054 memcached<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2415 postgresql82-server<8.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql83-server<8.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 postgresql84-server<8.4.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0442 d4618 1 a4618 1 fetchmail<6.3.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1167 d4620 2 a4621 2 dvipng<1.12nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829 openttd<1.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0402 d4623 16 a4638 16 gnustep-base<1.20.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1620 gnustep-base<1.20.0 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1457 ghostscript<8.71 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1869 modular-xorg-server<1.6.5nb11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1166 p5-POE-Component-IRC<6.32 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3438 mysql-server>=5.0<5.0.91 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.1<5.1.47 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1848 mysql-server>=5.0<5.0.91 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.1<5.1.47 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1849 mysql-server>=5.0<5.0.91 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 mysql-server>=5.1<5.1.47 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1850 libtheora<1.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3389 aria2<1.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1512 kdenetwork4<4.3.5nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1000 kdenetwork4<4.3.5nb2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1511 libpurple<2.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624 d4640 1 a4640 1 mysql-client>=5.0<5.0.90 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484 d4642 7 a4648 7 postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql82-server<8.2.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql83-server<8.3.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 postgresql84-server<8.4.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 mit-krb5<1.4.2nb10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 d4650 1 a4650 1 libprelude<1.0.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736 d4652 1 a4652 1 heimdal<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 d4657 1 a4657 1 camlimages<3.2.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296 d4661 1 a4661 1 gnutls<1.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7239 d4665 1 a4665 1 freeciv-server<2.2.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2445 d4668 2 a4669 2 teTeX-bin<3.0nb24 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 dvipsk<5.98nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440 d4674 11 a4684 11 ghostscript<8.71nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628 apache>=2.2.9<2.2.15nb3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068 isc-dhcpd<4.1.1p1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156 tiff<3.9.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411 bozohttpd>=20090522<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195 bozohttpd<20100617 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320 samba<3.0.37nb4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 samba>=3.3.0<3.3.13 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2063 plone25-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 plone3-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2422 opera<10.54 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2421 d4689 6 a4694 6 python24-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python25<2.5.5nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26<2.6.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python26-2.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python27<2.7.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 python31<3.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 d4696 5 a4700 5 firefox<3.6.7 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206 sendmail<8.14.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565 w3m<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 w3m-img<0.5.2nb5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074 unrealircd<3.2.8.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4893 d4705 3 a4707 3 perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168 perl<5.10.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 irrtoolset-nox11-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d4713 2 a4714 2 xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 xmlrpc-c-ss<1.06.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 d4716 2 a4717 2 squirrelmail<1.4.21 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637 tiff<3.9.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2067 d4722 1 a4722 1 qt4-libs<4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2621 d4727 6 a4732 6 xulrunner<1.9.2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4 php<5.2.14 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 php>=5.3.0<5.3.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225 bind>=9.0<9.4.3pl4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.5<9.5.2pl1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 bind>=9.6<9.6.1pl2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 d4737 29 a4765 29 suse{,32}<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gdk-pixbuf<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libidn<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt3<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_resmgr<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby-base19>=1.9<1.9.1.429 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489 d4767 1 a4767 1 ghostscript<8.71nb6 local-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2055 d4769 2 a4770 2 mono-xsp<2.6.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1459 pango<1.27.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0421 d4772 15 a4786 15 postgresql8{0,1}{,-server,-client}<8.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0070 vte<0.24.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2713 openldap-server<2.4.23 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0211 openldap-server<2.4.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0212 pulseaudio<0.9.21nb3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1299 firefox<3.6.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 xulrunner<1.9.2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7 seamonkey<2.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.6 thunderbird>=3.1<3.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.1 thunderbird<3.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.6 ocaml-mysql<1.1.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2942 qemu<0.12.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0741 libpurple<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2528 openttd<1.0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2534 d4788 3 a4790 3 squirrelmail<1.4.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813 php<5.2.14 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 php>=5.3.0<5.3.3 privacy-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531 d4792 2 a4793 2 apache>=2.0<2.0.64 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 apache>=2.2<2.2.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 d4796 1 a4796 1 gnupg2<2.0.14nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2547 d4799 1 a4799 1 firefox<3.6.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2010/mfsa2010-48.html d4804 2 a4805 2 mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2539 mapserver<5.6.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2540 d4808 22 a4829 22 wget<1.12nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2252 mantis<1.2.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2574 freetype2<2.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797 bugzilla-3.0* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages bugzilla>=2.19.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2756 bugzilla>=2.22rc1<3.2.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.3.1<3.4.8 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.5.1<3.6.2 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=3.7<3.7.3 notification-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2757 bugzilla>=2.17.1<3.2.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.3.1<3.4.8 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.5.1<3.6.2 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=3.7<3.7.3 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2758 bugzilla>=2.23.1<3.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.3.1<3.4.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.5.1<3.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 bugzilla>=3.7<3.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2759 cabextract<1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2801 acroread8-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2862 d4831 1 a4831 1 openssl<0.9.8onb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 d4834 1 a4834 1 glpng<1.46 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1519 d4844 2 a4845 2 ruby{,-base,14,14-base,16,16-base}<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ssmtp<2.63 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7258 d4847 2 a4848 2 phpmyadmin<2.11.10.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3055 phpmyadmin<2.11.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3056 d4860 1 a4860 1 p5-libwww<5.835 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2253 d4863 2 a4864 2 zope210<2.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 zope211<2.11.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3198 d4866 5 a4870 5 xulrunner<1.9.2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 firefox<3.6.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9 thunderbird>=3.1<3.1.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.3 thunderbird<3.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.7 seamonkey<2.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7 d4873 2 a4874 2 apache-tomcat<5.5.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 apache-tomcat>=6<6.0.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227 d4878 6 a4883 6 adobe-flash-plugin<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 ns-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 seamonkey-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 firefox-bin-flash<10.1.82.76 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 mailman<2.1.12nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3089 python26<2.6.6nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492 d4889 3 a4891 3 scmgit-base<1.7.0.7 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.1<1.7.1.2 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 scmgit-base>=1.7.2<1.7.2.1 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2542 d4896 4 a4899 4 ffmpeg<20100927 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 gmplayer<1.0rc20100913nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mencoder<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 mplayer<1.0rc20100913nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429 d4901 1 a4901 1 suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2939 d4904 5 a4908 5 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 apr-util<1.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 ap{2,22}-subversion>=1.5<1.5.8 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 ap{2,22}-subversion>=1.6<1.6.13 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3315 d4914 11 a4924 11 sun-j{re,dk}6<6.0.22 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html gnome-subtitles<1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3357 postgresql90-plperl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql90-pltcl<9.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-plperl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql84-pltcl<8.4.5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-plperl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql83-pltcl<8.3.12 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-plperl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82-pltcl<8.2.18 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 postgresql82{,-server,-client,-adminpack,-plperl,-plpython,-pltcl,-tsearch2}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d4927 4 a4930 4 libpurple<2.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 firefox<3.6.12 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 thunderbird<3.1.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3765 cvs<1.12.13 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3846 d4934 6 a4939 6 libsmi<0.4.8nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2891 python26<2.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 adobe-flash-plugin<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 ns-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 seamonkey-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 firefox-bin-flash<10.1.102.64 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 d4945 8 a4952 8 bugzilla<3.2.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.3<3.4.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.5<3.6.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=3.7<4.0rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3172 bugzilla>=2.12<3.2.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.3<3.4.9 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.5<3.6.3 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 bugzilla>=3.7<4.0rc1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3764 d4960 1 a4960 1 cups<1.4.3nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2941 d4963 1 a4963 1 mono<2.8nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4159 d4965 2 a4966 2 openssl<0.9.8p remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 suse{,32}_openssl<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864 d4968 3 a4970 3 ap{2,22}-fcgid<2.3.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3872 libtlen<20041113nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 d4972 2 a4973 2 libxml2<2.7.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 openttd>=1.0.0<1.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4168 d4977 4 a4980 4 mit-krb5<1.4.2nb11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 suse{,32}_krb5<11.3nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1324 suse{,32}_krb5<11.3nb1 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4020 d4984 5 a4988 5 bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.6<9.6.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613 bind>=9.7<9.7.2pl3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614 bind>=9.7<9.7.2pl3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615 d4995 1 a4995 1 mit-krb5<1.4.2nb11 signature-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1323 d4997 1 a4997 1 ImageMagick<6.6.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4167 d5004 1 a5004 1 suse{,32}_libxml2<11.3nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008 d5006 6 a5011 6 phpmyadmin<2.11.11.1nb1 ui-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4480 phpmyadmin<2.11.11.1nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4481 dbus<1.2.4.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 xulrunner<1.9.2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13 php5-intl<5.2.15.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 php53-intl<5.3.4.1.1.2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4409 d5013 1 a5013 1 fontforge<20100501nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4259 d5026 2 a5027 2 libxml2<2.7.8nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 suse{,32}_libxml2<11.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494 d5033 18 a5050 18 ap{2,22}-subversion<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4539 subversion-base<1.6.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4644 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542 gimp<2.6.11nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543 typolight28<2.8.4nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 contao29<2.9.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0508 php<5.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 php>=5.3.0<5.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4645 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642 evince<2.30.3nb5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643 dpkg<1.14.31 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1679 mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 mono-xsp>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 ap{2,22}-mono>=2.8<2.8.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225 d5053 1 a5053 1 exim<4.73 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345 d5059 3 a5061 3 maradns<1.4.06 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0520 dpkg<1.14.31 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0402 suse{,32}_openssl<11.3nb2 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4180 d5069 1 a5069 1 awstats<7.0 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4367 d5074 4 a5077 4 postgresql83-datatypes>=8.3<8.3.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql84-datatypes>=8.4<8.4.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 postgresql90-datatypes>=9.0<9.0.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 openssh>=5.6<5.8 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539 d5081 3 a5083 3 plone25-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 plone3-[0-9]* remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0720 mediawiki<1.16.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0047 d5088 1 a5088 1 bind<9.6 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5099 3 a5101 3 phpmyadmin<2.11.11.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0986 phpmyadmin<2.11.11.3 script-insertion http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987 qemu<0.11.0 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0011 d5103 7 a5109 7 apache-tomcat>=5.5.0<5.5.32 arbitrary-script-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=5.5.0<5.5.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 wireshark<1.4.3nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0538 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 apache-tomcat>=6<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013 apache-tomcat>=6.0.12<6.0.30 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172 apache-tomcat>=6<6.0.30 restriction-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718 d5113 8 a5120 8 ruby1{8,9}-actionpack>=3.0<3.0.4 cross-site-request-forgeries http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0449 ruby1{8,9}-activerecord>=3.0<3.0.4 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0448 php5-zip<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php5-exif<5.2.17nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php53-zip<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421 php53-exif<5.3.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0708 php>=5<5.3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages telepathy-gabble<0.11.7 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1000 d5125 1 a5125 1 bind>=9.7.1<9.7.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414 d5135 1 a5135 1 mailman<2.1.14.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0707 d5137 4 a5140 4 asterisk<1.4.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=1.6<1.6.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages clamav<0.97 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1003 avahi<0.6.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1002 d5144 2 a5145 2 suse{,32}_base<11.3nb3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 wireshark<1.4.4 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713 d5148 1 a5148 1 pango<1.28.3nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0064 d5154 1 a5154 1 ap{2,22}-subversion<1.6.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715 d5157 1 a5157 1 py{24,25,26,27,31}-moin<1.9.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1058 d5160 9 a5168 9 TeXmacs-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3394 patch<2.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651 tiff<3.9.4nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5022 suse{,32}_libtiff<11.3nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3087 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192 suse{,32}_libtiff<11.3nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 xulrunner<1.9.2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.14 apache-tomcat>=6<6.0.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534 d5176 3 a5178 3 php5-shmop<5.2.17nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php53-shmop<5.3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1092 php>=5.3<5.3.6 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1153 d5183 1 a5183 1 php{5,53}-pear<1.9.2nb2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1144 d5186 5 a5190 5 xenkernel33<3.3.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 xenkernel3<3.1.4nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 openslp<1.2.1nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3609 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1674 quagga<0.99.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1675 d5192 2 a5193 2 vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3275 vlc<1.1.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3276 d5196 3 a5198 3 loggerhead<1.18.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0728 python23-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5202 2 a5203 2 tiff<3.9.4nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167 suse{,32}_openssl<11.3nb3 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0014 d5205 2 a5206 2 xmlsec1<1.2.17 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425 gdm>=2.28.0<2.32.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0727 d5216 1 a5216 1 libvpx<0.9.6 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489 d5220 1 a5220 1 rsync<3.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097 d5226 4 a5229 4 kdelibs4<4.5.5nb2 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1168 xulrunner<1.9.2.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html firefox<3.6.16 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-11.html vlc<1.1.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1684 d5234 2 a5235 2 vsftpd<2.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0762 php<5.3.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148 d5239 4 a5242 4 adobe-flash-plugin<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 ns-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 seamonkey-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 firefox-bin-flash<10.2.159.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611 d5251 1 a5251 1 suse{,32}_base<12.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1659 d5254 6 a5259 6 xulrunner<1.9.2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox<3.6.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.17 firefox>=4<4.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 seamonkey<2.0.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.14 thunderbird<3.1.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird31.html#thunderbird3.1.10 xulrunner>=2<2.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox40.html#firefox4.0.1 d5268 3 a5270 3 suse{,32}_gtk2<11.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4352 exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407 exim<4.76 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764 d5273 2 a5274 2 apr<0.9.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 apr>=1.0<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419 d5280 2 a5281 2 cyrus-imapd<2.3.16nb4 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 cyrus-imapd>=2.4<2.4.7 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926 d5287 1 a5287 1 openssh<5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161 d5289 5 a5293 5 p5-libwww<6.00 ssl-cert-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0633 dovecot<1.2.17 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 dovecot>=2<2.0.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929 viewvc<1.1.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5024 apr<1.4.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928 d5297 1 a5297 1 qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1751 d5305 2 a5306 2 ruby18-base<1.8.7.334nb3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 ruby19-base<1.9.2pl180nb1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0188 d5310 4 a5313 4 ejabberd<2.1.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1753 jabberd<1.4.2nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1754 jabberd>=2<2.2.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755 libxml2<2.7.8nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944 d5321 1 a5321 1 unbound<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4008 d5323 1 a5323 1 asterisk>=1.8<1.8.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2216 d5343 1 a5343 1 vte<0.26.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2198 d5347 3 a5349 3 png>=1.2.23<1.5.3rc02 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 pngcrush<1.7.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2501 perl<5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0761 d5351 2 a5352 2 php<5.2.17nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 php>=5.3<5.3.6nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 d5355 1 a5355 1 tomboy<1.2.1nb5 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005 d5359 1 a5359 1 fabric<1.1.0 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2185 d5361 1 a5361 1 groff<1.20.1nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5044 d5374 2 a5375 2 curl>=7.10.6<7.21.7 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 suse{,32}_libcurl<12.1 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 d5378 2 a5379 2 apache-tomcat>=5.5<5.5.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 apache-tomcat>=6<6.0.33 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204 d5382 1 a5382 1 drupal-5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5387 2 a5388 2 amaya<11.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6005 {firefox-bin,seamonkey-bin,ns}-flash-9.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5394 2 a5395 2 qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2212 qemu<0.15.0 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2527 d5399 1 a5399 1 freetype2<2.4.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0226 d5402 3 a5404 3 libsndfile<1.0.24nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2696 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2587 vlc<1.1.10nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2588 d5407 4 a5410 4 foomatic-filters>=4<4.0.6nb1 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964 foomatic-filters<4 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697 ioquake3<1.36.20200125 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764 phpmyadmin<3 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5414 2 a5415 2 freeradius-2.1.11 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2701 opensaml<2.4.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1411 d5422 1 a5422 1 libsoup24<2.34.2nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524 d5426 1 a5426 1 bugzilla<3.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5429 1 a5429 1 gdk-pixbuf<0.22.0nb15 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2897 d5433 1 a5433 1 mplayer<1.0rc20100913nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3362 d5437 2 a5438 2 mplayer<1.0rc20100913nb8 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3625 gimp<2.6.11nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 d5440 4 a5443 4 thunderbird<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-31.html firefox{,-bin}<3.6.20 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-30.html firefox{,-bin}>=4<6 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-29.html seamonkey{,-bin}<2.3 multiple-vulnerabilities http://www.mozilla.org/security/announce/2011/mfsa2011-33.html d5447 1 a5447 1 gdk-pixbuf2<2.22.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485 d5450 11 a5460 11 ruby1{8,9}-actionpack>=3.0<3.0.10 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2929 ruby1{8,9}-activerecord>=3.0<3.0.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-activerecord<2.3.14 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2930 ruby1{8,9}-actionpack>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby1{8,9}-actionpack<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2931 ruby18-activesupport>=3.0<3.0.10 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby18-activesupport<2.3.14 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2932 ruby1{8,9}-actionpack<2.3.14 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3186 apache>=2.0<2.0.64nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 apache>=2.2<2.2.19nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 RealPlayerGold-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5462 2 a5463 2 cups<1.4.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 cups<1.4.8nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3170 d5468 2 a5469 2 xenkernel33<3.3.2nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 xenkernel3<3.1.4nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 d5473 8 a5480 8 firefox<6.0.1 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox36<3.6.21 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html thunderbird<3.1.13 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html seamonkey<2.3.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-34.html firefox<6.0.2 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html firefox36<3.6.22 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html thunderbird<3.1.14 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html seamonkey<2.3.3 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html d5486 1 a5486 1 p5-FCGI>=0.70<0.74 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2766 d5488 2 a5489 2 mozilla-rootcerts<1.0.20110902 man-in-the-middle-attack http://www.mozilla.org/security/announce/2011/mfsa2011-35.html apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 d5496 5 a5500 5 swi-prolog-packages<5.11.18nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896 firefox<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 firefox36<3.6.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.23 thunderbird<7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird7 seamonkey<2.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.4 d5506 1 a5506 1 ldns<1.6.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3581 d5519 2 a5520 2 apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 apache>=2.2<2.2.21nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368 d5522 4 a5525 4 typolight28<2.8.4nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao29<2.9.5nb5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 contao210<2.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4335 qemu<0.15.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3346 d5545 2 a5546 2 qt4-libs<4.7.3nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3193 qt4-tiff<4.7.3nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 d5550 4 a5553 4 modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4028 modular-xorg-server<1.6.5nb14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4029 mit-krb5<1.8.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529 empathy<3.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3635 d5558 1 a5558 1 suse{,32}_freetype2<11.3nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256 d5561 4 a5564 4 libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821 libxml2<2.7.8nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834 libxml2<2.7.8nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905 libxml2<2.7.8nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919 d5567 1 a5567 1 openldap-server<2.4.24nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4079 d5573 1 a5573 1 qt4-tiff<4.7.3nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194 d5578 3 a5580 3 apache>=2.2<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 apache<2.0.65 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 apache>=2.2<2.2.21nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607 d5582 2 a5583 2 caml-light<0.74nb2 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 moscow_ml<2.01nb1 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4119 d5587 1 a5587 1 gnutls<2.12.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4128 d5590 2 a5591 2 firefox<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox8 thunderbird<8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird8 d5594 3 a5596 3 freetype2<2.4.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 suse{,32}_freetype2<12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 python25-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5600 1 a5600 1 nginx<1.0.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4315 d5603 1 a5603 1 apache>=2.2.12<2.2.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348 d5608 3 a5610 3 apache>=2.0<2.2.21nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639 apache<2.2.21nb5 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317 lighttpd<1.4.29nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362 d5613 1 a5613 1 p5-Proc-ProcessTable<0.47 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4363 d5615 3 a5617 3 p5-PAR<1.003 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4114 libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777 libarchive<2.8.4nb4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1778 d5619 1 a5619 1 chasen-base>=2.4<2.4.4nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4000 d5625 1 a5625 1 firefox<31 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4688 d5634 1 a5634 1 icu<4.8.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599 d5640 5 a5644 5 firefox<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9 thunderbird<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird9 seamonkey<2.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.6 xulrunner192<1.9.2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox7 xulrunner>=2<9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html d5655 4 a5658 4 mit-krb5-appl<1.0.1nb3 remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 heimdal<1.4nb2 remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 mit-krb5<1.8 remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 kth-krb4-[0-9]* remote-root-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862 d5669 17 a5685 17 mpack<1.6nb3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4919 bugzilla>=2.0<3.4.13 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3668 bugzilla>=2.0<3.4.12 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.5.1<3.6.7 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=3.7.1<4.0.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=4.1.1<4.2rc1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3669 bugzilla>=2.17.1<3.4.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.5.1<3.6.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=3.7.1<4.0.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=4.1.1<4.2rc1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3657 bugzilla>=2.23.3<3.4.13 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.5.1<3.6.7 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=3.7.1<4.0.3 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 bugzilla>=4.1.1<4.2rc1 unauthorized-account-creation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3667 d5690 1 a5690 1 firefox<10.0.3 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455 d5695 3 a5697 3 gnutls>=3<3.0.11 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0390 mysql-client-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5701 4 a5704 4 emacs>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs-nox11>=23<23.3bnb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 emacs>=24<24.0.93 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 powerdns<2.9.22.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0206 d5710 2 a5711 2 apache<2.0.65 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 apache>=2.2.0<2.2.21nb6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031 d5717 3 a5719 3 ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893 ffmpeg<20120112.0.7.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895 php<5.3.9 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0057 d5727 2 a5728 2 qemu<1.0.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 qemu<1.3.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 d5733 4 a5736 4 openssh<5.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814 apache>=2.2.17<2.2.21nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021 apache<2.0.65 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 apache>=2.2.0<2.2.21nb7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053 d5741 8 a5748 8 firefox<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 thunderbird<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10 seamonkey<2.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7 xulrunner192<1.9.2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 xulrunner>=2<10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10 php>=5.3.9<5.3.9nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830 xentools33<3.3.2nb10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 xentools41<4.1.2nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 d5752 1 a5752 1 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0834 d5754 9 a5762 9 bugzilla>=3.5.1<3.6.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=3.7.1<4.0.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=4.1.1<4.2rc2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0440 bugzilla>=2.0<3.4.14 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.5.1<3.6.8 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=3.7.1<4.0.4 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 bugzilla>=4.1<4.2rc2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0448 ocaml<4.00.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0839 imp<4.3.11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0791 d5766 34 a5799 34 apr<1.4.5nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840 suse{,32}<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<11.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_vmware<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<11.4 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.7.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0247 ImageMagick<6.7.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248 firefox>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox10.0.1 thunderbird>=10<10.0.1 arbitrary-code-execution http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird10.0.1 seamonkey>=2.7<2.7.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.7.1 firefox36<3.6.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.24 firefox36<3.6.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.26 d5801 2 a5802 2 mysql-server<5.1.62 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 mysql-server>=5.5<5.5.22 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882 d5805 5 a5809 5 python25<2.5.6nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python26<2.6.7nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python27<2.7.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 python31<3.1.4nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845 libvorbis<1.3.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444 d5812 3 a5814 3 openjdk7-icedtea-plugin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 png<1.5.8nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026 d5816 6 a5821 6 phpmyadmin<3.4.10.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190 firefox>=4<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html thunderbird<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html seamonkey<2.7.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html firefox36<3.6.27 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html xulrunner>=2<10.0.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-11.html d5824 2 a5825 2 samba<3.0.37nb9 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 samba>=3.1<3.3.16nb3 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870 d5827 9 a5835 9 powerdns-recursor<3.5 spoofing-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1193 libxml2<2.7.8nb8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841 csound5<5.16.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0270 bugzilla>=4.0.2<4.0.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 bugzilla>=4.1.1<4.2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0453 contao29<2.9.5nb6 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao210<2.10.4nb2 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 contao211<2.11.2nb1 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1297 dropbear<2012.55 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920 d5844 2 a5845 2 openssl<0.9.8tnb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7250 p5-XML-Atom<0.39 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1102 d5855 1 a5855 1 kadu>=0.9.0<0.11.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1410 d5857 21 a5877 21 py{24,25,26,27,31}-sqlalchemy<0.7.0 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0805 ruby{18,19,193}-rails-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activesupport-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activerecord-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionmailer-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-activeresource-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby{18,19,193}-actionpack>3<3.0.12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 ruby{18,19,193}-actionpack>3.1<3.1.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1099 p5-YAML-LibYAML<0.38nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1152 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1114 phpldapadmin<1.2.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1115 p5-DBD-postgresql<2.19.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1151 libxslt<1.1.26nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3970 openssl<0.9.8u man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884 openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4619 openldap-server<2.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164 python25-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python26<2.6.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python27<2.7.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 python31<3.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150 d5879 9 a5887 9 firefox>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox11 thunderbird>=4<10.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird11 seamonkey<2.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.8 firefox36<3.6.28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.28 xulrunner>=2<11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner10>=2<10.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html xulrunner192<1.9.2.28 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-19.html libpurple<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178 pidgin<2.10.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939 d5905 3 a5907 3 libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1162 libzip<0.10.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1163 inspircd<2.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1836 d5909 3 a5911 3 libreoffice3-bin<3.4.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 gnutls<2.12.17 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1573 libtasn1<2.12 local-system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1569 d5913 2 a5914 2 raptor-[0-9]* sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 raptor2<2.0.7 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0037 d5920 2 a5921 2 nginx>=0.1.0<0.7.65 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 nginx>=0.8.0<0.8.22 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 d5926 1 a5926 1 file<5.11 heap-based-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571 d5928 2 a5929 2 phppgadmin<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1600 png<1.5.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048 d5932 3 a5934 3 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1147 expat<2.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148 d5938 3 a5940 3 jdbc-postgresql80-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql81-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jdbc-postgresql82-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5944 7 a5950 7 tiff<4.0.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 suse{,32}_libtiff<12.1nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 ImageMagick<6.7.5.10nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1610 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0259 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0260 ImageMagick<6.7.5.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1798 ap{2,22}-fcgid>=2.3.6<2.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1181 d5952 2 a5953 2 gajim<0.15 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2085 gajim<0.15 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2086 d5959 4 a5962 4 samba<3.0.37nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.3<3.3.16nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.5<3.5.14 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 samba>=3.6<3.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182 d5966 2 a5967 2 openssl<0.9.8u denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 openssl>=1.0<1.0.0h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1165 d5969 4 a5972 4 gcc<4.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gcc44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d5991 1 a5991 1 gajim<0.15 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2093 d5994 11 a6004 11 openssl<0.9.8v denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0<1.0.0i denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 openssl>=1.0.1<1.0.1a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110 php{5,53}-owncloud<3.0.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2269 php{5,53}-owncloud<3.0.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2270 bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0465 bugzilla>=2.17.4<3.6.9 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=3.7.1<4.0.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 bugzilla>=4.1.1<4.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0466 d6006 15 a6020 15 ruby1{8,9,93}-rubygems<1.8.23 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby19-base<1.9.2pl320 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 ruby193-base<1.9.3p194 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2126 mysql-server>=5.1<5.1.61 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0583 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1688 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1690 mysql-server>=5.5<5.5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1696 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1697 mysql-server>=5.1<5.1.62 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 mysql-server>=5.5<5.5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1703 apache>=2.0<2.2.22nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 apache>=2.4<2.4.2 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883 d6029 2 a6030 2 firefox36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner192-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6033 8 a6040 8 firefox10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.4 firefox<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox12 thunderbird10<10.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.4 thunderbird<12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird12 seamonkey<2.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.9 xulrunner<12 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html xulrunner10<10.0.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-20.html openssl<0.9.8w denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131 d6043 1 a6043 1 python32<3.2.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2135 d6045 2 a6046 2 samba>=3.5<3.5.15 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111 d6048 1 a6048 1 p5-Config-IniFiles<2.71 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2451 d6050 1 a6050 1 libpurple<2.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214 d6053 2 a6054 2 php{5,53}-orangehrm<2.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1506 php{5,53}-orangehrm<2.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1507 d6056 1 a6056 1 openssl<0.9.8x denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333 d6060 1 a6060 1 pidgin-otr<3.2.1 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2369 d6075 5 a6079 5 py{25,26,27,31,32}-crypto<2.6 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2417 apache-ant<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098 py{25,26,27,31,32}-feedparser<5.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2921 xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2625 xentools41<4.1.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4544 d6086 1 a6086 1 asterisk<1.8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6102 18 a6119 18 mit-krb5<1.8.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1013 xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner<13 privilege-escalation http://www.mozilla.org/security/announce/2012/mfsa2012-35.html xulrunner<13 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner<13 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html nss<3.13.5 denial-of-service http://www.mozilla.org/security/announce/2012/mfsa2012-39.html xulrunner<13 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-34.html xulrunner10<10.0.5 cross-site-scripting http://www.mozilla.org/security/announce/2012/mfsa2012-36.html xulrunner10<10.0.5 information-disclosure http://www.mozilla.org/security/announce/2012/mfsa2012-37.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-38.html xulrunner10<10.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-40.html firefox10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.5 firefox<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox13 thunderbird10<10.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.5 thunderbird<13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird13 seamonkey<2.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.10 d6147 1 a6147 1 ioquake3<1.36.20200125 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3345 d6151 2 a6152 2 mini_httpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4490 thttpd-[0-9]* escape-sequence-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4491 d6163 3 a6165 3 libpurple<2.10.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3374 at-spi2-atk<2.5.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3378 mono<2.10.9nb12 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3382 d6167 2 a6168 2 libreoffice3{,-bin}<3.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 openoffice3{,-bin}-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713 d6171 1 a6171 1 bash>4.2<4.2nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410 d6173 1 a6173 1 openjpeg<1.5.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3358 d6175 8 a6182 8 firefox10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.6 firefox<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox14 thunderbird10<10.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.6 thunderbird<14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird14 seamonkey<2.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.11 xulrunner<14 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html xulrunner10<10.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-42.html tiff<4.0.2nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 d6184 1 a6184 1 php<5.3.15 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3365 d6208 2 a6209 2 openttd<1.2.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3436 libxml2<2.8.0nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807 d6211 9 a6219 9 ImageMagick<6.7.6.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3437 GraphicsMagick<1.3.16nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3438 openldap-client<2.4.32 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668 py{25,26,27,31,32}-django<1.4.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442 py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443 py{25,26,27,31,32}-django<1.4.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444 mit-krb5>=1.8<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1014 mit-krb5>=1.10<1.10.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1015 libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3445 d6221 2 a6222 2 icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422 icedtea-web<1.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423 d6224 2 a6225 2 libreoffice3-bin<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 libreoffice<3.5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 d6230 3 a6232 3 ntop<5.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4165 openoffice3<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 openoffice3-bin<3.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665 d6235 3 a6237 3 gnome-screensaver>=3.4.2<3.4.4 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3452 emacs24{,-nox11}<24.1nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 emacs{,-nox11}>23.1<23.4nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479 d6259 2 a6260 2 gimp<2.8.0nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481 gimp<2.8.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403 d6266 11 a6276 11 jabberd>=2<2.2.17 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3525 xetex<0.9998 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702 firefox10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7 firefox<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox15 thunderbird10<10.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.7 thunderbird<15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird15 seamonkey<2.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.12 xulrunner<15 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html xulrunner10<10.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-57.html openjpeg<1.5.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3535 mono<2.10.9nb12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3543 d6282 1 a6282 1 sun-{jdk,jre}6<6.0.35 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681 d6289 2 a6290 2 wireshark<1.6.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 wireshark>=1.8.0<1.8.2nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3548 d6301 1 a6301 1 mcrypt<2.6.8nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4409 d6305 2 a6306 2 freeradius>=2<2.1.12nb4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 openslp<1.2.1nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4428 d6309 1 a6309 1 isc-dhcp<4.2.4p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955 d6316 1 a6316 1 dbus>=1.5<1.6.6 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3524 d6319 1 a6319 1 optipng<0.7.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4432 d6324 1 a6324 1 ghostscript<8.71nb10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405 d6328 8 a6335 8 apache-tomcat-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.8 firefox<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16 thunderbird10<10.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.8 thunderbird<16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16 seamonkey<2.13 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13 xulrunner<16 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html xulrunner10<10.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-74.html d6340 6 a6345 6 thunderbird10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox10<10.0.9 security-bypass http://www.mozilla.org/security/announce/2012/mfsa2012-89.html firefox<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox16.0.1 thunderbird<16.0.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird16.0.1 seamonkey<2.13.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.13.1 xulrunner<16.0.1 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-88.html d6350 4 a6353 4 xlockmore-lite>=5.0<5.38nb2 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore-lite>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.0<5.38nb7 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 xlockmore>=5.39<5.41 local-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4524 d6362 7 a6368 7 py{25,26,27,31,32}-django<1.4.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4520 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 tiff<4.0.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 suse{,32}_libtiff<12.1nb3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 viewvc<1.1.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4533 exim<4.80.1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671 d6384 2 a6385 2 libproxy<0.3.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4505 libproxy<0.3.1nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5580 d6397 2 a6398 2 gegl<0.2.0nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4433 icedtea-web<1.2.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540 d6415 7 a6421 7 firefox10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.11 firefox<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox17 thunderbird10<10.0.11 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.11 thunderbird<17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17 seamonkey<2.14 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.14 xulrunner<17 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html xulrunner10<10.0.11 arbitrary-code-execution http://www.mozilla.org/security/announce/2012/mfsa2012-91.html d6423 1 a6423 1 lighttpd-1.4.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533 d6432 5 a6436 5 mysql-server>=5.1<5.1.67 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5611 mysql-server>=5.5<5.5.29 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5612 mysql-server>=5.1<5.5 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 mysql-server>=5.5<5.6 valid-account-enumeration http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615 d6445 1 a6445 1 bogofilter<1.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5468 d6449 1 a6449 1 gimp<2.8.2nb7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576 d6454 2 a6455 2 libxml2<2.9.0nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 suse{,32}_libxml2<12.1nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 d6458 5 a6462 5 drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal<6.27 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5652 drupal<6.27 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 drupal>=7.0<7.18 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5651 drupal>=7.0<7.18 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5653 d6465 7 a6471 7 tiff<4.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 qt4-libs<4.8.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5624 horde-3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages imp-4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages turba-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ingo-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages kronolith-2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6473 6 a6478 6 php{53,54}-owncloud<4.5.5 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5665 php{53,54}-owncloud<4.5.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5666 grep<2.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5667 freetype2<2.4.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5668 freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669 freetype2<2.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5670 d6481 1 a6481 1 gnupg<1.4.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 d6494 10 a6503 10 ruby{18,19,193}-activerecord>3.0<3.0.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.1<3.1.10 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activerecord>3.2<3.2.11 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-actionpack>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 ruby{18,19,193}-activesupport>=3<3.0.19 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.1<3.1.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 ruby{18,19,193}-activesupport>=3.2<3.2.11 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0156 php{53,54}-concrete5<5.6.0.2nb1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5181 d6506 8 a6513 8 nginx<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968 firefox10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.12 firefox<18 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox18 thunderbird10<10.0.12 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird10.0.12 thunderbird<17.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.2 seamonkey<2.15 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.15 xulrunner<18 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html xulrunner10<10.0.12 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-01.html d6516 1 a6516 1 freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4966 d6522 3 a6524 3 gnupg2<2.0.19nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 couchdb<1.2.1 remote-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5649 couchdb<1.2.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5650 d6527 9 a6535 9 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183 ruby{18,193}-rack<1.2.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.3<1.3.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 ruby{18,193}-rack>=1.4<1.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184 d6538 1 a6538 1 xentools41<4.1.4nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075 d6551 2 a6552 2 ruby{18,19,193}-activesupport>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 ruby{18,19,193}-activemodel>=3<3.0.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0333 d6570 1 a6570 1 latd>=1.25<1.31 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0251 d6575 2 a6576 2 miniupnpd<1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0229 samba<3.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6581 1 a6581 1 ruby19-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6587 1 a6587 1 qt4-libs<4.8.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0254 d6590 21 a6610 21 ruby{18,193}-rack<1.2.8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.3<1.3.10 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263 ruby{18,193}-rack>=1.4<1.4.5 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262 roundcube<0.8.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6121 postgresql83-server<8.3.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql84-server<8.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql90-server<9.0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql91-server<9.1.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 postgresql92-server<9.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0255 polarssl<1.2.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 gnutls<3.0.28 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619 ffmpeg<20130206.1.1.2 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0862 ffmpeg<20130206.1.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0863 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0864 ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0865 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0866 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0867 ffmpeg<20130206.1.1.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 ffmpeg<20130206.1.1.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0869 ffmpeg010<0.10.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0868 d6614 7 a6620 7 ruby{18,193}-activerecord<3.1.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-activerecord>3.2<3.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276 ruby{18,193}-rails<3.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277 ruby{18,193}-json<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby{18,193}-json-pure<1.7.7 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ruby193-base<1.9.3p385nb2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269 ganglia-webfrontend-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275 d6623 4 a6626 4 libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271 libpurple<2.10.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272 libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273 libpurple<2.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274 d6628 1 a6628 1 sun-{jdk,jre}6-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6630 14 a6643 14 lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 lighttpd<1.4.30 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 firefox10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html firefox17<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.3 firefox<19 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19 thunderbird10-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html thunderbird<17.0.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.3 seamonkey<2.16 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16 xulrunner10-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner17<17.0.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html xulrunner<19 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-21.html firefox10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner10-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6662 2 a6663 2 mit-krb5>=1.6.3<1.10.3nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1415 mit-krb5>=1.6.3<1.10.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1016 d6665 8 a6672 8 apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.2<2.2.24 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 apache>=2.4.0<2.4.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 sudo<1.7.10p6 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1776 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789 poppler<0.22.1 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790 d6675 2 a6676 2 libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338 libxml2<2.9.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339 d6681 9 a6689 9 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0872 ffmpeg<20130223.1.1.3 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0873 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0874 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0875 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0876 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0877 ffmpeg<20130223.1.1.3 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-0878 ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2276 ffmpeg<20130223.1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-2277 d6703 6 a6708 6 firefox17<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.4 firefox<19.0.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox19.0.2 thunderbird<17.0.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.4 seamonkey<2.16.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.16.1 webkit-gtk<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 webkit-gtk3<2.1.1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0912 d6711 4 a6714 4 ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg<20130315.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2495 ffmpeg010<20150312.0.10.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2496 d6722 2 a6723 2 squid>=3.2<3.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1839 php{53,54}-owncloud<4.5.8 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1851 d6731 4 a6734 4 ruby{18,19,193}-ruby-activerecord<3.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1854 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855 ruby{18,19,193}-ruby-activesupport<3.2.13 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1856 ruby{18,19,193}-ruby-actionpack<3.2.13 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857 d6744 1 a6744 1 tnftpd<20130322 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0418 d6755 2 a6756 2 libxslt<1.1.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6139 roundcube<0.8.6 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1904 d6760 1 a6760 1 pixman<0.28.2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1591 d6762 8 a6769 8 firefox17<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.5 firefox<20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox20 thunderbird<17.0.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.5 seamonkey<2.17 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.17 xulrunner17<17.0.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html xulrunner<20 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-30.html samba>=3.6<3.6.5 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0454 postgresql83-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6784 3 a6786 3 php{53,54}-owncloud<5.0.4 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1942 php{53,54}-owncloud<5.0.4 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1941 php{53,54}-owncloud<5.0.4 remote-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1939 d6790 2 a6791 2 qemu<1.4.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1922 mit-krb5<1.10.4nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1416 d6803 1 a6803 1 libxmp<4.1.0 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1980 d6809 1 a6809 1 memcached<1.4.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4971 d6813 1 a6813 1 nginx>=1.3.9<1.4.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2028 d6815 9 a6823 9 qemu<1.4.2 data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2007 telepathy-idle<0.1.16 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6746 mit-krb5<1.10.4nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 mit-krb5>=1.10.5<1.10.5nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2443 firefox17<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.6 firefox<21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox21 thunderbird<17.0.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.6 xulrunner17<17.0.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html xulrunner<21 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-41.html d6826 3 a6828 3 apache-tomcat>=7<7.0.33 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 session-hijack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067 apache-tomcat>=6<6.0.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544 d6835 3 a6837 3 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2486 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2487 wireshark<1.8.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 d6842 2 a6843 2 xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2072 d6849 1 a6849 1 libXinerama<1.1.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985 d6868 3 a6870 3 apache<2.0.65 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 apache>=2.2<2.2.24nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 gnutls>=2.12.23<3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2116 d6879 29 a6907 29 suse{,32}<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_alsa<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_aspell<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_base<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_compat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_expat<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_fontconfig<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_freetype2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_glx<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_gtk2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_krb5<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcups<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libcurl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libdrm<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libjpeg<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libpng<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libsigc++2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libtiff<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_libxml2<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_locale<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openmotif<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_openssl<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_qt4<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_slang<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages suse{,32}_x11<12.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2149 php{53,54}-owncloud<5.0.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2150 php>=5.3<5.3.26 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 php>=5.4<5.4.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110 d6922 6 a6927 6 firefox17<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.7 firefox<22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox22 thunderbird<17.0.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.7 xulrunner17<17.0.7 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html xulrunner<22 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-49.html acroread9-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6939 3 a6941 3 xentools41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 xentools42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2211 curl>=7.7<7.30.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174 d6943 2 a6944 2 xenkernel41<4.1.6.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 xenkernel42<4.2.3 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1432 d6947 2 a6948 2 ruby18-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gallery-1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6957 1 a6957 1 quagga<0.99.22.3 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2236 d6959 1 a6959 1 libkdcraw-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2126 d6967 2 a6968 2 subversion16{,-base}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages adove-flash-plugin-10.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d6970 5 a6974 5 vlc<2.0.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3245 libxml2>2.8.0<2.9.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877 squid<3.3.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4115 php<5.3.27 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 nagstamon<0.9.10 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4114 d6976 2 a6977 2 apache<2.2.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896 apache-ant<1.9.2 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 d6993 1 a6993 1 php>=5.4<5.4.17nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4113 d7006 2 a7007 2 gnupg<1.4.14 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 libgcrypt<1.5.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4242 d7012 3 a7014 3 libvirt-[0-9]* privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4153 libvirt-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4154 apache-2.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d7019 6 a7024 6 firefox<23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox23 firefox17<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8 thunderbird<17.0.8 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird17.0.8 seamonkey<2.20 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.20 xulrunner17<17.0.8 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html xulrunner<23 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-63.html d7027 5 a7031 5 libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 libmodplug<0.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4233 vlc<2.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4234 vlc<2.0.8 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388 d7033 1 a7033 1 polarssl<1.2.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4623 d7043 1 a7043 1 ruby193-puppet<3.2.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761 d7045 2 a7046 2 py{26,27,32,33}-django>=1.5<1.5.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 py{26,27,32,33}-django<1.4.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4249 d7063 4 a7066 4 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232 tiff<4.0.3nb6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243 ImageMagick<6.7.8.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4298 d7084 6 a7089 6 firefox<24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox24 firefox17<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.9 thunderbird<17.0.9 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.9 seamonkey<2.21 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.21 xulrunner17<17.0.9 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html xulrunner<24 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-76.html d7091 2 a7092 2 hplip<3.13.10 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 polkit<0.112 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4288 d7097 3 a7099 3 ruby1{8,9,93}-rubygems<2.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby193-base<1.9.3p448nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 ruby200-base<2.0.0p247nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4363 d7115 1 a7115 1 vino<3.9.92 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5745 d7120 2 a7121 2 modular-xorg-server<1.12.4nb3 system-compromise http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4396 polarssl<1.2.9 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5915 d7128 1 a7128 1 icu<51.2nb1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924 d7130 1 a7130 1 openldap-server<2.4.39nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449 d7134 1 a7134 1 nodejs<0.10.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4450 d7136 1 a7136 1 roundcube<0.9.5 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6172 d7138 8 a7145 8 mantis<1.2.16 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4460 firefox<25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox25 firefox24<24.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html#thunderbird17.0.10 seamonkey<2.22 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.22 xulrunner17<17.0.10 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html xulrunner<25 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-93.html d7154 2 a7155 2 python26-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages openssh>=6.2<6.4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548 d7161 2 a7162 2 blender<2.71 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5105 freeradius<2.2.0 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547 d7164 2 a7165 2 libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 lighttpd<1.4.34 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559 d7167 2 a7168 2 mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1418 mit-krb5<1.10.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6800 d7170 3 a7172 3 nss<3.15.3 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741 nss<3.14.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605 nss<3.15.3 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606 d7176 2 a7177 2 nginx>=0.8.41<1.4.4 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 nginx>=1.5<1.5.7 remote-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4547 d7180 1 a7180 1 dovecot>=2<2.2.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6171 d7183 1 a7183 1 thunderbird<24.1.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.1.1 d7191 4 a7194 4 links{,-gui}<2.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6050 gimp<2.8.10nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978 pixman<0.32.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6425 ruby{193,200}-i18n<0.6.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492 d7199 8 a7206 8 openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg<1.5.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg<1.5.2 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg<1.5.2 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887 xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 xenkernel41<4.1.6.1nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6885 d7211 1 a7211 1 gimp<2.8.10nb2 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913 d7213 11 a7223 11 xenkernel42<4.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6400 firefox17<17.0.10 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.10 thunderbird17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 thunderbird<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.2 seamonkey<2.23 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.23 xulrunner17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner17-[0-9]* arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner24<24.2 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html xulrunner<26 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2013-104.html modular-xorg-server<1.12.4nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6424 d7229 3 a7231 3 php>=5.3<5.3.28 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.4<5.4.23 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 php>=5.5<5.5.7 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 d7238 1 a7238 1 asterisk>=10<11 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d7241 5 a7245 5 qt4-libs<4.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4549 gnumeric<1.12.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6836 firefox<26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox26 firefox24<24.2 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.2 gnupg<1.4.16 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576 d7252 1 a7252 1 memcached<1.4.17 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239 d7258 6 a7263 6 p5-Proc-Daemon<0.14nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7135 libXfont>=1.1<1.4.6nb1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462 kwallet<4.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7252 freerdp-[0-9]* unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0791 ntp<4.2.7p26 traffic-amplification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 flite<2.1 local-symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 d7266 1 a7266 1 py{33,32,27,26}-jinja2<2.7.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1402 d7272 2 a7273 2 nss<3.15.4 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740 libxslt<1.1.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4520 d7278 1 a7278 1 ejabberd<2.1.12 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6169 d7283 2 a7284 2 moodle<2.5.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0009 moodle<2.5.4 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0010 d7299 13 a7311 13 contao211<2.11.14 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao31-[0-9]* php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 contao32<3.2.5 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1860 libyaml<0.1.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 p5-YAML-LibYAML<0.41nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393 firefox17-[0-9]* multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.1 firefox17-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox24<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.3 firefox<27 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox27 thunderbird<24.3 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.3 seamonkey<2.24 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.24 xulrunner24<24.3 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html xulrunner<27 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-01.html d7316 1 a7316 1 curl>=7.10.6<7.35.0 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015 d7318 4 a7321 4 apache-tomcat>=6<6.0.39 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 mysql-client<5.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.5<5.5.37 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 mysql-client>5.6<5.6.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0001 d7324 1 a7324 1 py{33,32,27,26}-denyhosts<2.6nb5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890 d7329 4 a7332 4 python31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages horde-[0-9]* remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1691 apache-tomcat>=7<7.0.51 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050 ap{2,22,24}-subversion<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032 d7342 6 a7347 6 contao210-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao29-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao30-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.8.8.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2030 d7350 2 a7351 2 gnutls<3.2.11 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959 php55-gd<5.5.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7226 d7355 2 a7356 2 png<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954 flite<1.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0027 d7358 2 a7359 2 file<5.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 file<5.17 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 d7364 2 a7365 2 ruby{193,200}-actionpack<3.2.17 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081 ruby{193,200}-actionpack<3.2.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082 d7374 14 a7387 14 libvirt>=1.0.1<1.2.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6456 apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=6<6.0.39 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=6<6.0.39 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 apache-tomcat>=6.0.33<6.0.39 session-fixation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033 apache-tomcat>=7<7.0.40 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071 apache-tomcat>=7<7.0.47 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286 apache-tomcat>=7<7.0.50 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322 apache-tomcat>=7<7.0.50 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590 gnutls<3.2.12 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943 libssh<0.63 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0017 d7392 2 a7393 2 icedtea-web<1.4.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6493 png<1.6.10rc01 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0333 d7397 8 a7404 8 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg<20140305.1.2.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2097 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2098 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2099 ffmpeg2<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2263 d7416 3 a7418 3 mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2242 mediawiki<1.22.3 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2243 mediawiki<1.22.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2244 d7421 3 a7423 3 mutt>=1.5<1.5.23 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 lighttpd<1.4.35 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323 lighttpd<1.4.35 path-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324 d7425 10 a7434 10 php55-gd<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7327 php>=5.5<5.5.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php>=5.4<5.4.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 php<5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270 samba-3.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages samba>=3.4<3.6.23 brute-force-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 imapsync<=1.564 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4279 imapsync<1.584 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2014 gnutls<2.7.6 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5138 oath-toolkit<2.4.1 unauthorized-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7322 d7440 3 a7442 3 php53-gd<5.3.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php54-gd<5.4.28nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 php55-gd<5.5.12nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497 d7444 11 a7454 11 mutt-kz<1.5.22.1rc1nb1 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467 firefox<28 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox28 firefox24<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.4 thunderbird<24.4 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.4 seamonkey<2.25 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.25 apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.4<2.4.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 apache>=2.2<2.2.27 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098 xulrunner24<24.4 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html xulrunner<28 arbitrary-code-execution http://www.mozilla.org/security/announce/2013/mfsa2014-15.html d7456 1 a7456 1 ruby{193,200,21}-rack-ssl<1.3.3nb2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2538 d7458 7 a7464 7 openssl>=1.0.1<1.0.1fnb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssh<6.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti<0.8.8c cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7106 icinga-base<1.9.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7108 d7469 2 a7470 2 libyaml<0.1.5nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 p5-YAML-LibYAML<0.41nb1 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525 d7472 11 a7482 11 couchdb<1.5.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2668 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7009 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7010 ffmpeg010<20130927.0.10.9 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7014 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7015 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7018 ffmpeg010<20130927.0.10.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7023 ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2098 ffmpeg010<20140310.0.10.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2099 ffmpeg010<20140310.0.10.12 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 {ap22,ap24}-modsecurity<2.7.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705 d7487 1 a7487 1 icinga-base<1.9.6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 d7490 1 a7490 1 openssl>=1.0.1<1.0.1g sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 d7492 2 a7493 2 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 d7495 1 a7495 1 jbigkit<2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369 d7499 4 a7502 4 py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{27,26}-imaging<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 py{33,27,26}-Pillow<2.3.1 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 py{27,26}-imaging<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 d7506 15 a7520 15 openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4289 openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4290 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052 openjpeg15<1.5.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053 openjpeg15<1.5.2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6054 openjpeg15<1.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6087 cups<1.5.4nb11 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856 openafs<1.6.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openafs>=1.7<1.7.31 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0159 openssh<6.6.1nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653 file<5.15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 nagios-base<3.5.1nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 qemu>=1.4.0<1.7.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377 d7522 9 a7530 9 sun-{jdk,jre}7<7.0.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA openjdk7{,-bin}<1.7.55 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA mysql-server>5.5<5.5.37 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL mysql-server>5.6<5.6.17 arbitrary-code-execution http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixMSQL qemu<2.0 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894 qemu<2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544 json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370 json-c<0.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6371 rsync<3.1.0nb1 remote-denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855 d7540 7 a7546 7 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4151 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4535 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4536 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6399 qemu<2.0.0nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0182 gnustep-base<1.24.0nb11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2980 poco<1.4.6p4 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0350 d7549 6 a7554 6 firefox<29 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox29 firefox24<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.5 thunderbird<24.5 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.5 seamonkey<2.26 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26 xulrunner24<24.5 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html xulrunner<29 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-34.html d7556 1 a7556 1 py{33,32,27,26}-lxml<3.3.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146 d7560 6 a7565 6 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198 python32-[0-9]* insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python33<3.3.5nb2 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python34<3.4.0nb1 insecure-file-permissions http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667 python32-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d7568 18 a7585 18 python33<3.3.4rc1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7338 python26-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python27<2.7.6nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python32-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python33<3.3.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 python34<3.4rc1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912 cacti<0.8.8c cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 cacti-spine-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2326 cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 cacti-spine-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 cacti-spine-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 sks<1.1.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3207 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298 libxml2<2.9.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191 d7587 111 a7697 111 openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772 openjdk7{,-bin}<1.7.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}7<7.0.40 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jdk,jre}6<6.0.60 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15<5.0.51 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802 sun-{jre,jdk}15>=5.0.55<5.0.56 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jre,jdk}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openssl>=1.0.0<1.0.0l man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 openssl>=1.0.1<1.0.1f man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450 p5-LWP-Protocol-https>=6.04<6.04nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 p5-LWP-Protocol-https>=6.06<6.06nb1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3230 jpeg>=6b<6c sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 libjpeg-turbo<1.3.1 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0448 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0449 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461 openjdk7{,-bin}>=1.7.51<1.7.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}7>=7.0.51<7.0.52 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}8>=8.0.0<8.0.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2401 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2409 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2420 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427 sun-{jdk,jre}6>=6.0.71<6.0.72 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 openjdk7{,-bin}>=1.7.51<1.7.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}7>=7.0.51<7.0.52 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 sun-{jdk,jre}8>=8.0.0<8.0.1 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2428 fish>=1.16.0<2.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2905 d7701 94 a7794 94 tiff<4.0.3nb4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5907 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368 libvirt>=0.7.5<1.2.5 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0179 rxvt-unicode<9.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3121 mediawiki<1.19.14 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.20<1.21 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.21<1.21.8 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 mediawiki>=1.22<1.22.5 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665 ruby{193,200,21}-actionpack>=3.2<3.2.18 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130 bind>=9.10<9.10.0pl1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3214 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0410 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0415 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0422 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424 sun-{jdk,jre}6>=6.0.65<6.0.66 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 openjdk7{,-bin}>=1.7.45<1.7.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 sun-{jdk,jre}7>=7.0.45<7.0.46 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0428 libvirt<1.1.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7336 png<1.5.14beta08 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353 png<1.5.14rc03 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354 py{34,33,32,27,26}-jinja2<2.7.2nb1 temporary-files-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0012 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 emacs23<23.3nb27 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs23-nox11<23.3nb3 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24<24.3nb14 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 emacs24-nox11<24.3nb1 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 d7797 17 a7813 17 qt4-libs<4.8.6nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 qt5-qtbase<5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0190 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210 libXfont<1.4.7nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211 ldns<1.6.16nb4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 php53-fpm-[0-9]* local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php54-fpm<5.4.28 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 php55-fpm<5.5.12 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 nagios-base<3.5.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.9.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 dovecot<1.2.17nb15 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 dovecot>=2<2.2.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430 py{34,33,32,27,26}-django>=1.5<1.6.5 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django<1.4.13 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418 py{34,33,32,27,26}-django>=1.5<1.6.5 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 py{34,33,32,27,26}-django<1.4.13 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730 d7823 2 a7824 2 chicken<4.8.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4385 chicken<4.8.0.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3776 d7830 1 a7830 1 gnutls<3.2.15 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466 d7836 18 a7853 18 openssl<0.9.8za man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1<1.0.0m man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl>=1.0.1<1.0.1h man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 openssl<0.9.8za arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1<1.0.0m arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl>=1.0.1<1.0.1h arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 openssl<0.9.8za denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1<1.0.0m denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl>=1.0.1<1.0.1h denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470 openssl<0.9.8za sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 openssl>=1<1.0.0m sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1927 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1928 py{34,33,32,27,26}-gnupg<0.3.6 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929 d7855 38 a7892 38 php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.4<5.4.29 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 php>=5.5<5.5.13 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 mediawiki<1.22.7 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966 libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 libtasn1<3.6 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 libtasn1<3.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469 openpam<20140912 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3879 chkrootkit<0.50 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476 bottle<0.12.6 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3137 mupdf<1.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2013 sendmail<8.14.9 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956 dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3864 dpkg<1.16.15 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3865 firefox<30 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox30 firefox24<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.6 thunderbird<24.6 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html#thunderbird24.6 xulrunner24<24.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html xulrunner<30 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-48.html file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 nspr<4.10.6 arbitrary-code-execution http://www.mozilla.org/security/announce/2014/mfsa2014-55.html emacs24{,-nox11}<24.5 temporary-file-race http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423 icinga-base<1.9.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7107 icinga-base>1.9.5<1.10.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 icinga-base<1.10.3 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2386 tor<0.2.4.20 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295 gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 gnupg2<2.0.22 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 gnupg<1.4.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 py{34,33,32,27,26}-django>=1.5<1.6.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{33,32,27,26}-django<1.4.11 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 py{34,33,32,27,26}-django>=1.5<1.6.3 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 cross-site-request-forgery http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 py{33,32,27,26}-django<1.4.11 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474 d7902 1 a7902 1 libarchive>=2.9<3.1.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1779 d7908 2 a7909 2 ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240 ap{22,24}-py{33,32,27,26}-wsgi<3.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242 d7911 5 a7915 5 xalan-j>=2.7.0<2.7.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107 gnutls>=3.0<3.1.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 gnutls>=3.2<3.2.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465 lighttpd<1.4.34 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560 lighttpd>=1.4.24<1.4.34 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508 d7917 2 a7918 2 mysql-client-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d7923 12 a7934 12 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0179 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7290 memcached<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7291 kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2527 kdirstat-[0-9]* arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2528 seamonkey<2.26.1 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html#seamonkey2.26.1 iodine<0.7.0 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4168 samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493 samba>=3.6<3.6.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 p5-Email-Address<1.905 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0477 php>=5.4<5.4.30 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 php>=5.5<5.5.14 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 d7936 6 a7941 6 openafs>=1.6.8<1.6.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4044 gnupg2<2.0.24 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 gnupg<1.4.17 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 php-5.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php{53,54,55}-piwigo<2.6.3 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4649 kdelibs4<4.13.3 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3494 d7949 7 a7955 7 lzo<2.0.7 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 pulseaudio<5.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3970 cacti<0.8.8c multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002 dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532 dbus<1.8.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3533 libreoffice4>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 libreoffice4-bin>=4.1.4<4.2.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247 d7958 32 a7989 32 openttd>=0.3.6<1.3.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6411 vlc<2.0.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868 vlc<2.0.5 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954 dbus>1.6.20<1.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 dbus<1.6.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698 php>=5.4<5.4.30nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 php>=5.5<5.5.14nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 ffmpeg<20140623.1.2.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg2<2.2.4 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2263 ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4609 ffmpeg010<20140629.0.10.14 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4610 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 file<5.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 php>=5.4<5.4.30 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 php>=5.5<5.5.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 d7993 53 a8045 53 samba>=3.6.6<3.6.24 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 samba>=4.1<4.1.8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178 ruby{193,200,21}-activerecord>=3.2<3.2.19 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482 transmission<2.84 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4909 polarssl<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4911 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 sun-{jdk,jre}7<7.0.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4227 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4219 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2490 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4216 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4247 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4283 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4223 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4262 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4209 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4220 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4218 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4266 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4268 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4264 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4221 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4244 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4263 openjdk7{,-bin}<1.7.65 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4208 ruby1{8,9,93}-rubygems<1.8.23 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2125 ruby1{8,9,93}-rubygems<2.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby200-base<2.0.0p247nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 ruby193-base<1.9.3p448nb4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4287 mit-krb5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 mit-krb5>=1.7<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 mit-krb5>=1.10<1.10.7nb3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343 mit-krb5>=1.5<1.10.7nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657 ansible<1.6.6 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4678 d8048 15 a8062 15 php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2484 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4214 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4233 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4228 mysql-server>=5.6<5.6.19 remote-data-manipulation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4240 mysql-server>=5.6<5.6.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.5<5.5.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4243 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 mysql-server>=5.6<5.6.19 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 mysql-server>=5.5<5.5.38 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260 d8069 3 a8071 3 php>=5.5<5.5.14 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php>=5.4<5.4.30 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 php<5.3.29 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981 d8074 9 a8082 9 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523 apache>=2.4.6<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 apache>=2.2<2.2.28 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 apache>=2.4<2.4.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 softhsm<1.3.7nb2 sensitive-information-exposure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3209 d8087 2 a8088 2 firefox<31 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox31 firefox24<24.7 multiple-vulnerabilities http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox24.7 d8092 4 a8095 4 tor<0.2.4.23 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 tor>=0.2.5<0.2.5.7 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117 mysql-server>=5.6<5.6.20 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 mysql-server>=5.5<5.5.39 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 d8101 7 a8107 7 gpgme<1.4.4 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564 file<5.1.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 nginx>=1.5.6<1.6 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.6<1.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 nginx>=1.7<1.7.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3556 php>=5.4<5.4.32 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 php>=5.5<5.5.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 d8114 1 a8114 1 nss<3.15.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491 d8122 5 a8126 5 ruby{18,193,200,21}-puppet<3.3.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=3.4<3.4.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby{18,193,200,21}-puppet>=2.8.4<3.1.1 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969 ruby18-base>=1.8.7<1.8.7.331 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4481 curl>=7.27.0<7.35.1 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522 d8131 7 a8137 7 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 readline>=6.2<6.3 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524 openssl>=0.9.8<0.9.8y sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.0<1.0.0k sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 openssl>=1.0.1<1.0.1d sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169 d8140 7 a8146 7 wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.8<3.8.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 php{53,54,55}-ja-wordpress>=3.7<3.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 py{34,33,27,26}-ipython<1.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3429 serf<1.3.7 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504 subversion-base>=1.8<1.8.10 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3522 d8153 7 a8159 7 poppler<0.13.3 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110 php-5.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages subversion-base>=1.8<1.8.10 spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3528 qemu>=1.6<2.0.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263 py{34,33,27,26}-Pillow<2.5.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 cacti<0.8.8c arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5261 cacti<0.8.8c sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-5262 d8162 1 a8162 1 py{27,26}-imaging<1.1.7nb9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589 d8168 2 a8169 2 squid<3.4.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609 bozohttpd<20140708 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5015 d8176 15 a8190 15 ImageMagick<6.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1958 ImageMagick<6.9 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 ImageMagick<6.8.8 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1947 php>=5.4<5.4.32 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.5<5.5.16 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 php>=5.4<5.4.32 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php>=5.5<5.5.16 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597 php54-gd>=5.4<5.4.32 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 php55-gd>=5.5<5.5.16 remote-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5120 net-snmp>=5.7<5.7.2.1nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.6<=5.6.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.5<=5.5.2.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 net-snmp>=5.4<=5.4.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565 lua51<5.1.5nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 lua52>=5.2<5.2.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461 d8192 3 a8194 3 thunderbird24<24.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 thunderbird<31.5.0nb1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 seamonkey<2.32.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5369 d8197 7 a8203 7 bugzilla<4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1546 libvncserver<0.9.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607 file<=5.19 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537 cups<1.7.4 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 cups<2.0 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 cups<2.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031 d8208 5 a8212 5 ruby193-base<1.9.3p547nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby200-base<2.0.0p481nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 ruby21-base<2.1.2nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4975 libgcrypt<1.5.4 side-channel http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270 pppd<2.4.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158 d8219 1 a8219 1 haproxy<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-6269 d8238 2 a8239 2 bash>=4.3<4.3.025 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=4.3<4.3.025nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 d8258 2 a8259 2 wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 php{53,54,55}-ja-wordpress<3.8.3 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6242 d8261 2 a8262 2 bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271 bash>=2.05<2.05.2.9nb1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169 d8267 1 a8267 1 elasticsearch<1.4.0 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6439 d8275 2 a8276 2 bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186 bash>=4.3<4.3.027 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187 d8278 1 a8278 1 apache>=2.4<2.4.10nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3581 d8280 9 a8288 9 php>=5.5<5.5.18 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php55-exif<5.5.18 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php55-xmlrpc<5.5.18 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.4<5.4.34 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php54-exif<5.4.34 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php54-xmlrpc<5.4.34 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 php>=5.3<5.3.29nb1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3669 php53-exif<5.3.29nb1 heap-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3670 php53-xmlrpc<5.3.29nb1 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-3668 d8294 3 a8296 3 libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3633 libvirt<1.2.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3657 kdelibs4<4.14 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033 d8305 5 a8309 5 mysql-server>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-client>=5.5<5.5.40 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL sun-{jdk,jre}7<7.0.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA openjdk7<1.7.72 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA d8316 1 a8316 1 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 d8318 1 a8318 1 python27<2.7.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185 d8320 1 a8320 1 file<5.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710 d8326 12 a8337 12 claws-mail<3.10.0 remote-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2576 ejabberd<14.07nb4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8760 wget<1.16 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4877 ruby193-base<1.9.3p550 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby200-base<2.0.0p594 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 ruby21-base<2.1.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8080 tnftp<20141031 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8517 wireshark<1.10.11 remote-user-shell http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713 wireshark<1.10.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714 d8345 2 a8346 2 qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689 qemu<2.2.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815 d8351 4 a8354 4 ap{22,24}-auth-mellon<0.8.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566 ap{22,24}-auth-mellon<0.8.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567 libvirt<1.2.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7823 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8131 d8356 7 a8362 7 gnutls>=3.3<3.3.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.2<3.2.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 gnutls>=3.1<3.1.18 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8627 polarssl>=1.2<1.2.12 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 polarssl>=1.3<1.3.9 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 d8368 5 a8372 5 zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7202 zeromq<4.0.5 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7203 tcpdump>=3.8<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8769 tcpdump>=3.5.0<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8768 tcpdump>=3.9.6<4.7.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8767 d8418 1 a8418 1 mit-krb5<1.10.7nb4 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5351 d8425 1 a8425 1 ImageMagick<6.8.9.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8716 d8427 1 a8427 1 qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840 d8431 1 a8431 1 gcpio-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9112 d8433 1 a8433 1 clamav<0.98.5 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050 d8435 1 a8435 1 icecast<2.4.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018 d8441 1 a8441 1 p5-Plack<1.0031 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5269 d8449 1 a8449 1 libjpeg-turbo<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9092 d8454 2 a8455 2 wpa_supplicant<2.3 arbitrary-command-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686 mutt<1.5.23nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9116 d8467 1 a8467 1 qemu<2.2.0 local-privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8106 d8483 2 a8484 2 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660 d8494 4 a8497 4 rpm<4.11.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6435 rpm<4.12.0.1nb1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8118 libyaml<0.1.6nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 p5-YAML-LibYAML<0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 d8503 3 a8505 3 git-base<2.2.1 client-code-execution-from-hostile-server http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390 c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7401 c-icap<0.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7402 d8510 1 a8510 1 rrdtool<1.4.9 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2131 d8516 4 a8519 4 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8135 libvirt<1.2.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8136 varnish<3.0.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0345 varnish<3.0.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4484 d8525 3 a8527 3 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140 unzip<6.0nb2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141 d8539 3 a8541 3 libreoffice4>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 libreoffice4-bin>=4.3<4.3.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093 apache>=2.4<2.4.10nb3 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109 d8543 4 a8546 4 png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495 png>=1.5<1.5.21 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 png>=1.6<1.6.16 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973 d8554 5 a8558 5 pwgen<2.07 weak-password-generator http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4440 pwgen<2.07 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4442 mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5353 file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116 file<5.22 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117 d8578 1 a8578 1 xdg-utils>=1.1.0rc2<1.1.0rc4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9622 d8589 4 a8592 4 mysql-server>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.5<5.5.42 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-server>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL mysql-client>=5.6<5.6.23 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL d8597 3 a8599 3 sun-{jdk,jre}7<7.0.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA openjdk7<1.7.76 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA d8611 2 a8612 2 icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923 icu<54.1nb2 memory-corruption http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926 d8616 4 a8619 4 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1830 py{34,33,27,26}-requests<2.3.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1829 openldap>=2.4.13<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545 openldap<2.4.41 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546 d8636 1 a8636 1 vorbis-tools<1.4.0nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640 d8639 2 a8640 2 modular-xorg-server<1.12.4nb8 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0255 cabextract<1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9556 d8642 1 a8642 1 elasticsearch<1.4.3 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1427 d8644 1 a8644 1 antiword<0.37nb2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8123 d8646 4 a8649 4 contao33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages contao32<3.2.19 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao33<3.3.7nb1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 contao34<3.4.4 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0269 d8655 2 a8656 2 roundcube<1.0.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1433 gcpio<2.13 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1197 d8668 1 a8668 1 suse{,32}_base<13.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 d8671 6 a8676 6 php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231 php>=5.4<5.4.36 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.5<5.5.20 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 php>=5.6<5.6.4 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427 d8680 9 a8688 9 sun-{jdk,jre}7>=6.0.85<6.0.86 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA sun-{jdk,jre}7>=7.0.72<7.0.73 unspecified http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA mit-krb5<1.10.7nb5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5355 php>=5.4<5.4.36 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.5<5.5.20 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.6<5.6.4 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142 php>=5.4<5.4.37 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.5<5.5.21 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 php>=5.6<5.6.5 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232 d8692 2 a8693 2 mysql-client>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL mysql-server>5.6<5.6.21 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixMSQL d8695 1 a8695 1 openjdk7-bin-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d8699 21 a8719 21 xentools45<4.5.0nb2 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools42<4.2.5nb3 unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools41-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools33-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools3-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xentools3-hvm-[0-9]* possibly-unexpected-backend http://xenbits.xen.org/xsa/#XSA-119 xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-121.html xenkernel45<4.5.0nb1 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel42<4.2.5nb4 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel41<4.1.6.1nb14 information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel33-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel3-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-122.html xenkernel45<4.5.0nb2 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel42<4.2.5nb5 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel41<4.1.6.1nb15 memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel33-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html xenkernel3-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-123.html d8734 1 a8734 1 tcl-snack-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6303 d8745 7 a8751 7 openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209 openssl>1.0.2<1.0.2a denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288 tcpdump<4.6.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9140 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0261 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2153 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2154 tcpdump<4.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2155 d8753 3 a8755 3 libssh2<1.5.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1782 cups-filters<1.0.66 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4336 cups-filters<1.0.53 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4337 d8759 5 a8763 5 py{26,27,33,34}-django<1.7.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2241 percona-toolkit<2.2.13 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1027 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803 libXfont<1.5.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804 d8852 1 a8852 1 e2fsprogs<1.42.12 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572 d8882 5 a8886 5 tor<0.2.5.12 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2928 ntp<4.2.8p2 spoofing-attacks http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 ntp<4.2.8p2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 pigz<2.3.3 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1191 chrony<1.31.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1853 d8891 12 a8902 12 dpkg<1.16.16 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0840 icecast<2.4.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026 php55-gd<5.5.21 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 php56-gd<5.6.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 gd<2.1.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9709 arj<3.10.22nb2 symlink-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0556 arj<3.10.22nb2 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0557 arj<3.10.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2782 coreutils<8.22nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9471 less<475 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9488 gtk3+<3.11.4 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949 erlang<17.0 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693 d8904 1 a8904 1 jetty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0254 d8910 5 a8914 5 xenkernel45<4.5.0nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-127.html xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel41<4.1.6.1nb16 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel42<4.2.5nb6 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html xenkernel45<4.5.0nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-125.html d8928 4 a8931 4 sun-{jdk,jre}6-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk7<1.7.80 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA openjdk8<1.8.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA d8948 2 a8949 2 mysql-server>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL mysql-client>=5.5<5.5.43 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL d8977 3 a8979 3 glusterfs<3.5.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 glusterfs-3.6.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3619 ffmpeg<2.6.2 array-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3395 d9010 2 a9011 2 firefox24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird24-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9019 2 a9020 2 xentools42<4.2.5nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html xentools45<4.5.0nb4 privilege-escalation http://xenbits.xen.org/xsa/advisory-133.html d9029 1 a9029 1 fcgi<2.4.0nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6687 d9056 3 a9058 3 jdbc-mysql<5.1.35 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2575 xentools42<4.2.5nb12 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html xentools45<4.5.3 heap-overflow http://xenbits.xen.org/xsa/advisory-135.html d9061 23 a9083 23 xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-128.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-129.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-130.html xentools33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools42<4.2.5nb12 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools45<4.5.1 denial-of-service http://xenbits.xen.org/xsa/advisory-131.html xentools3-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools33-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools41-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-136.html d9091 2 a9092 2 cacti<0.8.8d sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2665 libmimedir-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3205 d9094 8 a9101 8 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4146 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4145 xentools42<4.2.5nb12 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xenkernel42<4.2.5nb8 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xentools45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html xenkernel45<4.5.1 null-dereference http://xenbits.xen.org/xsa/advisory-134.html wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4142 wpa_supplicant<2.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4143 d9114 1 a9114 1 haproxy<1.5.14 information-leak http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3281 d9119 1 a9119 1 contao34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9134 2 a9135 2 cups-filters<1.0.71 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3279 cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 d9142 2 a9143 2 cacti<0.8.8d cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2967 ruby{18,193,200,21,22}-redcarpat<3.3.2 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5147 d9146 12 a9157 12 mysql-server>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.5<5.5.44 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-server>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL mysql-client>=5.6<5.6.25 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL db5-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixBDB sun-{jdk,jre}7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA oracle-{jdk,jre}8<8.0.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk7-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA openjdk8<1.8.51 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA xentools41-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-137.html d9177 5 a9181 5 ruby{18,193,200,21,22}-redmine<3.1.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3227 ruby{18,193,200,21,22}-redmine<3.1.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-activesupport-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3226 ruby{18,193,200,21,22}-rack<1.5.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 ruby{18,193,200,21,22}-rack>=1.6<1.6.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3225 d9189 2 a9190 2 ghostscript-gpl<9.06nb7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 ghostscript-agpl<9.16 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3228 d9193 3 a9195 3 openssh<6.9 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352 wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 php{54,55,56}-ja-wordpress<4.1.2 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3438 d9200 2 a9201 2 libxml2<2.9.2nb3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819 gnutls<2.9.10 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8155 d9206 1 a9206 1 gdk-pixbuf2<2.30.8nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491 d9208 6 a9213 6 xentools42<4.2.5nb12 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html xentools45<4.5.1nb5 privilege-escalation http://xenbits.xen.org/xsa/advisory-139.html xentools42<4.2.5nb12 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html xentools45<4.5.1nb5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-138.html xentools42<4.2.5nb12 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html xentools45<4.5.1nb5 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html d9215 2 a9216 2 jabberd>=2<999 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2058 clutter<1.16.2 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3213 d9222 1 a9222 1 gnutls<3.3.17 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251 d9229 1 a9229 1 qemu<2.4.0 insecure-temp-files http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4037 d9238 11 a9248 11 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6818 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6826 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6819 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6825 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6824 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6823 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6821 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6822 ffmpeg<2.7.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6820 xentools44-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-141.html xentools45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-141.html d9251 3 a9253 3 libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198 libvdpau<1.1.1 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199 libvdpau<1.1.1 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200 d9285 1 a9285 1 qemu<2.4.0 information-disclosure http://xenbits.xen.org/xsa/advisory-140.html d9287 4 a9290 4 qemu<2.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5154 firefox31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages thunderbird31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xulrunner31-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9302 2 a9303 2 bugzilla<5.0.1 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4499 phpmyadmin<4.3.13.2 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6830 d9305 2 a9306 2 adobe-flash-plugin<11.2.202.521 multiple-vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575 vorbis-tools<1.4.0nb6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6749 d9321 1 a9321 1 icu<53.1 unknown-impact http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5922 d9326 3 a9328 3 php{54,55,56}-matcha-sns<1.3.7 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5644 php{54,55,56}-matcha-sns<1.3.7 privilege-escalation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5645 p5-Email-Address<1.912 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7686 d9330 2 a9331 2 php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5640 php{54,55,56}-basercms<3.0.8 remote-information-modification http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5641 d9346 2 a9347 2 postgresql84-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql90-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9350 6 a9355 6 mysql-client>=5.5<5.5.45 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL mysql-server>=5.6<5.6.26 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixMSQL openjdk8<1.8.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA oracle-{jdk,jre}8<8.0.65 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA openjdk7-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages sun-{jdk7,jre7}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9360 1 a9360 1 asterisk>=1.8<10 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9371 3 a9373 3 xenkernel41<4.1.6.1nb17 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html xenkernel42<4.2.5nb9 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html xenkernel45<4.5.1nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-148.html d9375 3 a9377 3 gdk-pixbuf2<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 gdk-pixbuf2-jasper<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 gdk-pixbuf2-xlib<2.32.0 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7673 d9382 16 a9397 16 jasper<1.900.1nb12 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 jasper<1.900.1nb12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522 jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516 jasper<1.900.1nb6 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517 jasper<1.900.1nb9 double-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137 jasper<1.900.1nb8 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029 xenkernel33-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-152.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-149.html xenkernel41<4.1.6.1nb17 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html xenkernel42<4.2.5nb9 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-151.html d9407 6 a9412 6 xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel45<4.5.1nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-150.html xenkernel41-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-153.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-153.html d9414 3 a9416 3 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2695 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2696 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2697 d9424 1 a9424 1 roundcube<1.1.3 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8105 d9455 1 a9455 1 mit-krb5<1.14 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2698 d9463 25 a9487 25 pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 pcre<8.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 pcre<8.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 pcre<8.38 uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 pcre<8.38 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 pcre<8.38 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre2<10.20 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 pcre<8.38 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 pcre<8.38 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 pcre<8.38 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8218 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8216 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8217 ffmpeg2<2.8.2 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8219 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8363 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8365 ffmpeg2<2.8.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8364 d9491 27 a9517 27 libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 libxml2<2.9.3 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 libxml2<2.9.3 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942 suse{,32}_libxml2-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941 suse{,32}_libxml2-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2327 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2328 suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8380 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8382 suse{,32}_base-[0-9]* uninitialized-memory-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8390 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8383 suse{,32}_base-[0-9]* integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8394 suse{,32}_base-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8381 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8392 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8386 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8385 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8388 suse{,32}_base-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8384 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8389 suse{,32}_base-[0-9]* sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8393 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8391 suse{,32}_base-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8395 libsndfile<1.0.25 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 libsndfile<1.0.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 suse{,32}_libsndfile<13.1nb2 unknown http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805 suse{,32}_libsndfile<13.1nb2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756 d9521 8 a9528 8 cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8077 cyrus-imapd>=2.3<2.3.19 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.4<2.4.18 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.5<2.5.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8076 cyrus-imapd>=2.3<2.5.7 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8078 gcc48{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc49{,-libs}<4.9.4 insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 gcc50{,-libs}-[0-9]* insufficiently-random-numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5276 d9530 1 a9530 1 cups-filters<1.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3258 d9537 1 a9537 1 xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-145.html d9547 1 a9547 1 cups-filters<1.2.0 input-validation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8327 d9553 1 a9553 1 go<1.5.2nb1 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8618 d9555 8 a9562 8 xenkernel3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-162.html xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-164.html xenkernel45<4.5.1nb2 information-disclosure http://xenbits.xen.org/xsa/advisory-165.html xenkernel45<4.5.1nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-166.html d9581 3 a9583 3 ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8662 ffmpeg2<2.8.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8661 ffmpeg2<2.8.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8663 d9593 1 a9593 1 dpkg<1.16.17 off-by-one http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0860 d9604 6 a9609 6 pcre<8.38nb1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla<4.2.16 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8508 bugzilla>=4.3<4.4.11 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 bugzilla>=5.0<5.0.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8509 d9631 2 a9632 2 gnutls<3.3.15 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 gnutls>=3.4<3.4.1 ssl-downgrade http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575 d9634 1 a9634 1 p5-PathTools<3.62 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607 d9671 5 a9675 5 oracle-{jdk,jre}8<8.0.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA openjdk8<1.8.71 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujul2015-2367955.html#AppendixJAVA mysql-server>=5.5<5.5.47 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.6<5.6.28 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL mysql-server>=5.7<5.7.10 multiple-vulnerabilities http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL d9683 2 a9684 2 xenkernel45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-167.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-168.html d9743 4 a9746 4 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2213 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2328 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2329 ffmpeg2<2.8.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2330 d9766 4 a9769 4 ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7576 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7578 ruby{18,193,200,21,22}-activerecord32<3.2.22.1 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577 ruby{18,193,200,21,22}-redmine-[0-9]* security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7577 d9772 2 a9773 2 gtk2+<2.24.29nb1 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 gtk3+<3.9.8 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 d9791 1 a9791 1 xerces-c<3.1.3 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0729 d9840 8 a9847 8 ruby{18,193,200,21,22}-actionpack-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7581 ruby{18,193,200,21,22}-actionpack-[0-9]* code-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7579 ruby{18,193,200,21,22}-redmine-[0-9]* cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7580 drupal-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby192-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby193-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby200-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postfix<3.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d9860 1 a9860 1 xfce4-thunar<1.6.10nb2 integer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7447 d9872 2 a9873 2 isc-dhcpd<4.3.4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2774 nss<3.21.1 remote-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1950 d9875 3 a9877 3 samba>=3<3.9999 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560 samba>=4<4.3.6 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7560 samba>=4<4.3.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0771 d9888 2 a9889 2 pcre<8.38nb2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191 pcre2<10.22 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3191 d9894 7 a9900 7 xenkernel45<4.5.1nb2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-159.html xenkernel45<4.5.1nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-160.html xenkernel45<4.5.1nb2 remote-code-execution http://xenbits.xen.org/xsa/advisory-155.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-154.html xenkernel45<4.5.3 denial-of-service http://xenbits.xen.org/xsa/advisory-170.html oracle-{jdk,jre}8<8.0.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html openjdk8<1.8.77 remote-code-execution http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html d9902 2 a9903 2 dropbear<2016.72 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116 libmatroska<1.4.4 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8792 d9914 1 a9914 1 putty<0.67 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2563 d9916 2 a9917 2 websvn<2.3.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2511 erlang<18.0 man-in-the-middle http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2774 d9919 3 a9921 3 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948 lhasa<0.3.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2347 d9926 1 a9926 1 exim<4.86.2 privilege-escalation http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1531 d9930 10 a9939 10 jenkins<1.642.2 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788 jenkins<1.650 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0788 jenkins<1.642.2 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789 jenkins<1.650 http-header-injection http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0789 jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790 jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0790 jenkins<1.642.2 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791 jenkins<1.650 brute-force-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0791 jenkins<1.642.2 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792 jenkins<1.650 unspecified http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0792 d9948 2 a9949 2 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3947 squid<3.5.16 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3948 d9952 24 a9975 24 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2118 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2110 samba<4.2.11 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba>=4.3<4.3.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba>=4.4<4.4.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5370 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2113 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2114 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2115 samba<4.2.11 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba>=4.3<4.3.8 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba>=4.4<4.4.2 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2111 samba<4.2.11 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 samba>=4.3<4.3.8 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 samba>=4.4<4.4.2 man-in-the-middle-attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2112 d9981 3 a9983 3 cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3659 cacti-[0-9]* sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3172 cacti-[0-9]* security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2313 d9986 8 a9993 8 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 suse{,32}_libtiff-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547 tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 suse{,32}_libtiff-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186 xenkernel45<4.5.3 information-leak http://xenbits.xen.org/xsa/advisory-172.html xenkernel45<4.5.3 address-width-overflow http://xenbits.xen.org/xsa/advisory-173.html libssh<0.73 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0739 libssh2<1.7.0 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0787 d9995 6 a10000 6 optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3981 optipng<0.7.6 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3982 optipng<0.6.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7801 optipng<0.7.6 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7802 libxml2<2.9.4 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 suse{,32}_libxml2-[0-9]* heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806 d10009 4 a10012 4 latex2rtf<2.3.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8106 gdk-pixbuf2<2.33 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7552 vlc<2.2.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3941 xdelta3<3.0.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9765 d10014 2 a10015 2 ffmpeg1-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 ffmepg010-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5479 d10019 11 a10029 11 gd<2.1.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074 hexchat<2.10.2 man-in-the-middle-attack http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7449 mysql-client>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.5<5.5.49 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-client>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL mysql-server>=5.6<5.6.30 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL oracle-{jdk,jre}8<8.0.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.91 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA cairo<1.14.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3190 giflib-util<5.1.5 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3977 varnish<3.0.7 http-header-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8852 d10033 1 a10033 1 qemu<2.6.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4002 d10048 1 a10048 1 poppler<0.40.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8868 d10060 8 a10067 8 jq<1.5nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8863 jq<1.5nb4 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4074 ImageMagick<6.9.3.10 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3714 ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3715 ImageMagick<6.9.3.10 security-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3716 ImageMagick<6.9.3.10 information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3717 ImageMagick<6.9.3.10 request-forgery http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3718 libtasn1<4.8 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4008 d10069 3 a10071 3 libarchive<3.2.0 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1541 lcms2<2.6 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7455 py{27,34,35,36}-mercurial<3.8.1 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3105 d10077 3 a10079 3 xentools45<4.5.3 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-179.html wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4476 wpa_supplicant<2.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4477 d10087 4 a10090 4 botan>=1.8.3<1.10.8 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742 botan>=1.11.0<1.11.9 weak-encryption http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9742 botan>=1.11.0<1.11.27 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2196 botan>=1.11.0<1.11.29 ssl-downgrade http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2850 d10095 2 a10096 2 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837 libxml2<2.9.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838 d10138 1 a10138 1 xenkernel45<4.5.3nb2 privilege-escalation http://xenbits.xen.org/xsa/advisory-176.html d10163 1 a10163 1 xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html d10167 1 a10167 1 perl<5.22.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8853 d10169 16 a10184 16 libxml2<2.9.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447 libxml2<2.9.4 format-string http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448 libxml2<2.9.4 information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4562 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4563 ImageMagick<7.0.1.2 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4564 ImageMagick<7.0.1.8 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118 GraphicsMagick<1.3.24 arbitrary-code-execution http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5118 gdk-pixbuf2<2.33.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8875 ansible<1.9.6 insecure-temp-files http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3096 nginx<1.8.1nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450 nginx>=1.9<1.9.10nb1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4450 xentools45<4.5.3nb3 privilege-escalation http://xenbits.xen.org/xsa/advisory-178.html xenkernel45<4.5.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-179.html xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-180.html xenkernel45<4.5.3nb2 denial-of-service http://xenbits.xen.org/xsa/advisory-181.html d10188 12 a10199 12 ruby{18,21,22,23}-puppet>4.0<4.4.2 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2785 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4453 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4454 qemu<2.6.1 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5126 qemu<2.6.1 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5337 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5238 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick<7.0.1.2 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4563 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4564 ImageMagick6<6.9.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4562 d10204 2 a10205 2 ansible>=1.9<1.9.6.1 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 ansible>=2.0<2.0.2.0 arbitrary-file-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3096 d10207 1 a10207 1 clamav<0.99.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405 d10209 3 a10211 3 libxslt<1.1.29 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683 libxslt<1.1.29 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684 ocaml<4.03.0 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869 d10237 18 a10254 18 php{55,56,70}-contao41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838 wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832 wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833 wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834 wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835 wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836 wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837 wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5838 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5832 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5833 php{55,56,70}-ja-wordpress<4.5.3 cross-site-scripting http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5834 php{55,56,70}-ja-wordpress<4.5.3 sensitive-information-disclosure http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5835 php{55,56,70}-ja-wordpress<4.5.3 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5836 php{55,56,70}-ja-wordpress<4.5.3 restriction-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5837 php{55,56,70}-ja-wordpress<4.5.3 filtering-bypass http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5839 d10256 2 a10257 2 apache-tomcat>=7.0<7.0.70 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 apache-tomcat>=8.0<8.0.36 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092 d10262 6 a10267 6 dnsmasq<2.76 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8899 haproxy<1.6.6 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5360 bzip2<1.0.7 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189 wget<1.18 arbitrary-file-overwrite http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4971 expat<2.2.0 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472 suse{,32}_expat-[0-9]* denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4472 d10305 4 a10308 4 contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao35<3.5.15 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao41-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 php{55,56,70}-contao42<4.2.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567 d10317 4 a10320 4 apache-tomcat-5.5.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-6.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat-7.[0-9]* access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 apache-tomcat<8.0.37 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5388 d10322 2 a10323 2 apache<2.2.31nb4 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 apache>=2.4<2.4.23nb2 access-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387 d10326 4 a10329 4 apache>=2.4.17<2.4.19 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546 samba>=4.0<4.2.15 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.3<4.3.11 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 samba>=4.4<4.4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2119 d10355 2 a10356 2 mysql>=5.5<5.5.50 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL mysql>=5.6<5.6.31 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL d10361 2 a10362 2 oracle-{jdk,jre}8<8.0.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA openjdk8<1.8.101 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA d10364 9 a10372 9 wireshark<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools3-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools33-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools41-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools44-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d10386 4 a10389 4 xentools45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html xentools46<4.6.3 denial-of-service http://xenbits.xen.org/xsa/advisory-175.html xenkernel45<4.5.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html xenkernel46<4.6.4 privilege-elevation http://xenbits.xen.org/xsa/advisory-182.html d10391 6 a10396 6 qemu<2.6.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 qemu0-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403 xentools45<4.5.3nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html xentools46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-184.html xenkernel45<4.5.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html xenkernel46<4.6.4 denial-of-service http://xenbits.xen.org/xsa/advisory-183.html d10403 20 a10422 20 php{55,56,70,71}-ja-wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 wordpress<4.5 remote-hijacking http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635 php70-gd>=7.0<7.0.9 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128 php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766 php70-gd>=7.0<7.0.8 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php56-gd>=5.6<5.5.37 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php55-gd>=5.5<5.6.23 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5767 php70-mbstring>=7.0<7.0.8 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php56-mbstring>=5.6<5.6.23 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-mbstring>=5.5<5.5.37 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5768 php55-intl>=5.5<5.5.36 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php56-intl>=5.6<5.6.22 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php70-intl>=7.0<7.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 php{55,56,70,71}-ja-wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 wordpress<4.5 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634 php{55,56,70,71}-ja-wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 wordpress<4.5 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029 openssh<7.3.1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515 d10432 2 a10433 2 nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 suse{,32}_mozilla-nspr-[0-9]* buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 d10439 2 a10440 2 fontconfig<2.12.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 suse{,32}_fontconfig-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384 d10481 15 a10495 15 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4952 qemu<2.6.1 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5106 qemu<2.6.1 local-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5105 qemu<2.6.1 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5107 libVNCServer<0.9.10 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055 xenkernel45<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html xenkernel45>=4.5.3<4.5.3nb3 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html xenkernel45<4.5.3nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html xenkernel46<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-185.html xenkernel46>=4.6.3<4.6.3nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-186.html xenkernel46<4.6.3nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-187.html libidn<1.33 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8948 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6261 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6262 libidn<1.33 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6263 d10497 2 a10498 2 libcrack<2.7nb2 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 qemu<2.7.0 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6351 d10508 20 a10527 20 php70-curl<7.0.10 heap-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7134 php>=7.0<7.0.10 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7133 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7132 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7130 php70-wddx<7.0.10 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php56-wddx<5.6.25 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7131 php70-exif<7.0.10 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php56-exif<5.6.25 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7128 php70-wddx<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php56-wddx<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7129 php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7127 php70-gd<7.0.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php56-gd<5.6.25 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7126 php>=7.0<7.0.10 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php<5.6.25 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7125 php>=7.0<7.0.10 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 php<5.6.25 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7124 d10541 15 a10555 15 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411 php56-mysql<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-mysqli<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php56-intl<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php56-wddx<5.6.26 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 php70-mysql<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-mysqli<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412 php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413 php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414 php70-intl<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416 php>=7.0<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417 php70-wddx<7.0.11 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418 d10587 6 a10592 6 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7907 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7908 qemu<2.7.0nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7909 qemu<2.7.0 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7161 inspircd<2.0.23 signature-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7142 irssi<0.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7044 d10597 17 a10613 17 gdk-pixbuf2<2.35.3 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6352 adodb<5.20.7 sql-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7405 openjpeg<2.1.2 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7445 freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4118 freerdp<1.1.0b2013071101 null-pointer-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4119 p5-DBD-mysql<4.037 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1246 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620 tiff<4.0.7 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623 tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658 d10616 1 a10616 1 nspr<4.12 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951 d10623 1 a10623 1 ap22-modsecurity<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d10625 1 a10625 1 oracle-{jdk,jre}-[0-9]* multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixJAVA d10628 6 a10633 6 mysql-client>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.5<5.5.53 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.6<5.6.34 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-client>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL mysql-server>5.7<5.7.16 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL d10647 5 a10651 5 argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8333 argus-[0-9]* stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8335 mupdf<1.10 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7506 mupdf<1.10 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7505 mupdf<1.10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7504 d10654 8 a10661 8 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8577 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8667 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578 qemu<2.8.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8668 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8909 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669 qemu<2.8.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910 d10663 6 a10668 6 mupdf<1.10 buffer-overrun http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9136 moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9186 moodle-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9187 moodle-[0-9]* cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9188 py{27,34,35}-Pillow<3.3.2 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9189 py{27,34,35}-Pillow<3.3.2 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9190 d10864 6 a10869 6 rabbitmq<3.6.6 authentication-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9877 contao35<3.5.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao35<3.5.21 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao42<4.3 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao43<4.3.2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10074 php{55,56,70,71}-contao42-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d10875 6 a10880 6 py{27,34,35,36}-borgbackup<1.0.9 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10100 py{27,34,35,36}-borgbackup<1.0.9 local-filename-spoofing http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10099 php{56,70,71}-ja-wordpress<4.6.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169 php{56,70,71}-ja-wordpress<4.6.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168 wordpress<4.6.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169 wordpress<4.6.1 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168 d10971 1 a10971 1 php{56,70,71}-piwigo<2.8.6 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5608 d10974 3 a10976 3 mysql-server>5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-server>5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-server>5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL d10983 3 a10985 3 mysql-cluster<7.2.27 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-cluster<7.3.15 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL mysql-cluster<7.4.13 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL d10990 3 a10992 3 openjdk8<1.8.121 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA oracle-{jdk,jre}<8.0.121 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA ImageMagick<7.0.3.10 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6823 d10994 10 a11003 10 tiff<4.0.7 out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453 tiff<4.0.7 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 tiff<4.0.7 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563 tiff<4.0.7 sensitive-information-disclosure http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321 tiff<4.0.7 heap-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5319 tiff<4.0.7 stack-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318 tiff<4.0.7 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317 tiff<4.0.7 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316 tiff<4.0.7 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323 d11008 1 a11008 1 owncloudclient<2.2.3 privilege-elevation http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7102 d11011 3 a11013 3 magento<2.0.6 php-object-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4010 gnuchess<6.2.4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8972 bash<4.4.006 security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9401 d11015 31 a11045 31 xenkernel42-[0-9]* information-leak http://xenbits.xen.org/xsa/advisory-200.html xenkernel45<4.5.5nb2 information-leak http://xenbits.xen.org/xsa/advisory-200.html xenkernel46<4.6.5 information-leak http://xenbits.xen.org/xsa/advisory-200.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-203.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-202.html xenkernel45<4.5.5nb3 denial-of-service http://xenbits.xen.org/xsa/advisory-202.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-202.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html xenkernel45<4.5.5nb2 privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-204.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-192.html xentools42-[0-9]* arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html xentools45<4.5.5nb1 arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html xentools46<4.6.5 arbitrary-file-overwrite http://xenbits.xen.org/xsa/advisory-198.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-193.html xenkernel45<4.5.5nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-193.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-193.html xenkernel42-[0-9]* arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html xenkernel45<4.5.5nb1 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html xenkernel46<4.6.5 arbitrary-code-execution http://xenbits.xen.org/xsa/advisory-195.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html xenkernel42-[0-9]* privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html xenkernel45<4.5.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-191.html xenkernel46<4.6.5 privilege-elevation http://xenbits.xen.org/xsa/advisory-197.html ffmpeg3>3.1<3.1.3 heap-buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6920 ffmpeg3>3.1<3.1.1 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164 ffmpeg2>2.0<2.8.8 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164 d11048 4 a11051 4 libdwarf<20160614 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7410 gd<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317 gd<2.2.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311 gd<2.2.4 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9312 d11054 1 a11054 1 ruby{18,21,22,23}-tk-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2337 d11057 1 a11057 1 libbpg-[0-9]* out-of-bounds-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8710 d11061 2 a11062 2 tcpreplay<4.1.2 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160 php{56,70,71}-http<3.0.1 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5873 d11095 1 a11095 1 gd<2.2.4 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912 d11211 27 a11237 27 SOGo<3.1.3 code-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6191 ruby{18,21,22,23}-mcollective<2.8.9 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2788 pcsc-lite<1.8.20 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10109 xenkernel45<4.5.5nb1 denial-of-service http://xenbits.xen.org/xsa/advisory-196.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-196.html py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9909 py{27,34,35,36}-html5lib<0.99999999 cross-site-scripting http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9910 flightgear<2016.4.4 arbitrary-file-overwrite http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9956 ghostscript-agpl<9.23 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196 ghostscript-gpl<9.06nb10 use-after-free http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196 radare2<1.4.0 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6197 radare2<1.4.0 buffer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6319 radare2<1.4.0 out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6387 radare2<1.4.0 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6415 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4487 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4488 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4489 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4490 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4491 libiberty-[0-9]* denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4492 libiberty-[0-9]* out-of-bounds-read http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4493 libiberty-[0-9]* arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2226 ruby{18,21,22,23}-zip<1.2.1 directory-traversal http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5946 libdwarf<20160115 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5027 libdwarf<20161124 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9558 vim<8.0.0377 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6349 vim<8.0.0378 integer-overflow http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6350 d11560 3 a11562 3 xenkernel45<4.5.5nb5 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html xenkernel46<4.6.5nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html xenkernel48<4.8.0nb1 privilege-elevation http://xenbits.xen.org/xsa/advisory-212.html d11569 4 a11572 4 dovecot<2.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages radare2<1.4.0 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6448 radare2<1.3.0 unspecified http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6194 radare2<1.4.0 null-dereference http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7274 d11695 1 a11695 1 ruby21-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d11942 9 a11950 9 mysql-server>=5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-server>=5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-server>=5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.5<5.5.54 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.6<5.6.35 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL mysql-client>=5.7<5.7.17 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL openjdk8<1.8.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA oracle-jdk8<8.0.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA oracle-jre8<8.0.131 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixJAVA d12328 3 a12330 3 expat<2.2.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9063 expat<2.2.1 denial-of-service http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9233 php{56,70,71}-contao43-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d12841 2 a12842 2 mysql-client>=5.6<5.6.37 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL mysql-server>=5.6<5.6.37 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL d12844 4 a12847 4 mysql-server>=5.7<5.7.19 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL openjdk8<1.8.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA oracle-jdk8<8.0.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA oracle-jre8<8.0.144 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA d12932 3 a12934 3 xenkernel45-[0-9]* multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html xenkernel46<4.6.6nb1 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html xenkernel48<4.8.2 multiple-vulnerabilities http://xenbits.xen.org/xsa/advisory-230.html d13151 1 a13151 1 mariadb-server<5.5.57 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL d13156 20 a13175 20 xenkernel42-[0-9]* out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xenkernel45-[0-9]* out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xenkernel46<4.6.6nb1 out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xenkernel48<4.8.3 out-of-bounds-write http://xenbits.xen.org/xsa/advisory-231.html xentools42-[0-9]* double-free http://xenbits.xen.org/xsa/advisory-233.html xentools45-[0-9]* double-free http://xenbits.xen.org/xsa/advisory-233.html xentools46<4.6.6nb1 double-free http://xenbits.xen.org/xsa/advisory-233.html xentools48<4.8.3 double-free http://xenbits.xen.org/xsa/advisory-233.html xenkernel42-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel45-[0-9]* null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel46<4.6.6nb1 null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel48<4.8.3 null-dereference http://xenbits.xen.org/xsa/advisory-232.html xenkernel42-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel45-[0-9]* privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel46<4.6.6nb1 privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel48<4.8.3 privilege-escalation http://xenbits.xen.org/xsa/advisory-234.html xenkernel42-[0-9]* denial-of-service http://xenbits.xen.org/xsa/advisory-207.html xenkernel45<4.5.5nb4 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html xenkernel46<4.6.5 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html xenkernel48<4.8.1 denial-of-service http://xenbits.xen.org/xsa/advisory-207.html d13395 1 a13395 1 tcpdump<4.7.4 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3138 d13578 4 a13581 4 xenkernel42-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html xenkernel45-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html xenkernel46-[0-9]* memory-corruption http://xenbits.xen.org/xsa/advisory-236.html xenkernel48<4.8.3 memory-corruption http://xenbits.xen.org/xsa/advisory-236.html d13608 4 a13611 4 mysql-server>=5.5<5.5.58 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-server>=5.6<5.6.38 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mysql-server>=5.7<5.7.20 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL mariadb-server>=5.5<5.5.58 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL d13617 2 a13618 2 oracle-{jdk,jre}8<8.0.151 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA openjdk8<1.8.151 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixJAVA d13787 1 a13787 1 evince<3.25.91 command-injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159 d13795 3 a13797 3 mrxvt-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages rxvt-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages webkit24-gtk{,3}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d14029 1 a14029 1 apache-2.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d14134 7 a14140 7 asterisk>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server>=5.5<5.5.59 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mysql-server>=5.6<5.6.39 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mysql-server>=5.7<5.7.21 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL mariadb-server>=5.5<5.5.59 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL oracle-{jdk,jre}8<8.0.162 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA openjdk8<1.8.162 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA d14802 8 a14809 8 mysql-server>=5.5<5.5.60 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-server>=5.6<5.6.40 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-server>=5.7<5.7.22 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.5<5.5.60 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.6<5.6.40 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL mysql-client>=5.7<5.7.22 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL oracle-{jdk,jre}8<8.0.171 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA openjdk8<1.8.171 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA d15423 8 a15430 8 oracle-{jdk,jre}8<8.0.173 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA openjdk8<1.8.173 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA mysql-client>=5.5<5.5.61 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-client>=5.6<5.6.41 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-client>=5.7<5.7.23 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.5<5.5.61 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.6<5.6.41 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL mysql-server>=5.7<5.7.23 multiple-vulnerabilities http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL d15819 1 a15819 1 php{71,72}-contao45-4.5.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d15981 3 a15983 3 firefox45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages firefox52-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages spidermonkey52-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16007 4 a16010 4 firefox{,-bin,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html firefox{,-bin,-gtk1}>=2.0<2.0.0.1 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html thunderbird{,-gtk1}<1.5.0.9 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html seamonkey{,-bin,-gtk1}<1.0.7 heap-overflow http://www.mozilla.org/security/announce/2006/mfsa2006-69.html d16150 1 a16150 1 py{27,34,35,36,37,38}-crypto-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16171 1 a16171 1 webkit1-gtk{,3}-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16339 3 a16341 3 php-5.5.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-7.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16451 1 a16451 1 mbedtls1-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16474 1 a16474 1 xchat-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16540 2 a16541 2 py27-django-1.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,34,35,36}-django-1.8.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16670 1 a16670 1 rssh-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16754 1 a16754 1 ghostscript-gpl-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d16946 4 a16949 4 xenkernel45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xenkernel46-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools45-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools46-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17118 1 a17118 1 jetty-7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17202 2 a17203 2 ruby22-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages ruby23-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17287 1 a17287 1 bind>=9.6<9.11.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17322 3 a17324 3 postgresql91-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql92-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages postgresql93-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17434 1 a17434 1 python34-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17438 1 a17438 1 bind>=9.12<9.13 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17745 1 a17745 1 jabberd<=2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17918 1 a17918 1 nodejs-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d17977 1 a17977 1 php{56,70,71,72,73}-contao35-3.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18081 1 a18081 1 asterisk>=14<15 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18229 1 a18229 1 t1lib-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18528 1 a18528 1 php-7.1.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18621 1 a18621 1 php56-typo3<8.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18659 2 a18660 2 apache-tomcat-6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages apache-tomcat-8.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18935 1 a18935 1 nodejs-8.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d18972 1 a18972 1 postgresql94-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d19282 1 a19282 1 ruby24-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d19643 2 a19644 2 xenkernel48-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages xentools48-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d19696 2 a19697 2 magento<2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python27-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d19866 1 a19866 1 bind>=9.14<9.16 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d19913 1 a19913 1 python35-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d20003 1 a20003 1 cliqz-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d20060 2 a20061 2 freetype2<2.10.4 remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 suse{,32}_freetype2-[0-9]* remote-system-access http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 d20367 1 a20367 1 php-7.2.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d22422 1 a22422 1 php-7.3.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d23418 3 a23420 3 gtk+-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages gtk2+-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages qt4-libs-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d23934 4 a23937 4 isc-dhcp4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhcpd4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhclient4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages isc-dhcrelay4-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d23939 2 a23940 2 postgresql10-* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages py{27,36,37,38,39,310}-sip<5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d24241 1 a24241 1 typo3<8 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25088 1 a25088 1 yubico-c-client-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25099 1 a25099 1 pcre-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25144 2 a25145 2 python36-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages python37-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25149 1 a25149 1 py{27,34,35,36,37,38,39,310,311}-django<3.2 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25174 1 a25174 1 ruby{30,31,32}-rails<6.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25670 1 a25670 1 apache-tomcat<8.5 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25771 4 a25774 4 asterisk<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages asterisk>=19<20 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages jq<1.7.1 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50246 jq<1.7.1 buffer-overflow http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-50268 d25824 2 a25825 2 postgresql-server>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nodejs>=16<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25850 1 a25850 1 asterisk-13.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d25941 2 a25942 2 php>=7.4<8.0 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php>=8.0<8.1 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d26024 4 a26027 4 mysql-client-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.6.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-client-5.7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages mysql-server-5.7.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d26073 1 a26073 1 olm-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d26081 1 a26081 1 python38-[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d26098 1 a26098 1 postgresql-server>=12<13 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages d26116 1 a26116 1 bind>=9.16<9.18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages @ 1.300 log @doc: add libtasn1 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.299 2025/02/02 09:36:33 taca Exp $ d183 3 a185 5 apache<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache6<1.3.26 remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.1? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.2? remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt apache-2.0.3[0-8]* remote-root-shell http://httpd.apache.org/info/security_bulletin_20020617.txt d484 3 a486 10 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0113 apache-2.0.? denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.[0-3][0-9] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.4[0-8] denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 apache-2.0.? remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.[0-3][0-9] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache-2.0.4[0-8] remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 apache<1.3.29nb2 remote-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 d563 1 a563 1 samba-3.0.[0-4]{,a*,nb?} remote-code-execution http://www.samba.org/samba/whatsnew/samba-3.0.5.html d733 2 a734 6 phpmyadmin-2.6.0-pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-code-execution http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.[4-5]* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0pl2 remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 phpmyadmin-2.6.0-pl* remote-file-read http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-4 d806 1 a806 1 catdoc<0.91.5-2 local-file-write http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0193 a833 1 pdfTexinteTexbin=1.9<1.9.1-p429 local-security-bypass http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2489 d5512 1 a5512 1 kdelibs4<.5.5nb8 spoofing-attack http://secunia.com/advisories/46157/ d5646 1 a5646 1 ipmitool=1.1.0-rc2<1.1.0-rc4 arbitrary-code-execution http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9622 d9536 1 a9536 1 suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/ d9618 1 a9618 1 suse{,32}_mozilla-nss[0-9]* arbitrary-code-execution https://www.mozilla.org/en-US/security/advisories/mfsa2015-150/ d22353 1 a22353 1 ImageMagick<7.1.0-14 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-3962 d24839 2 a24840 2 openscad<2022-01-09 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0497 openscad<2022-02-04 uninitialized-memory-read https://nvd.nist.gov/vuln/detail/CVE-2022-0496 d24930 1 a24930 1 ImageMagick<7.1.0-29 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1115 @ 1.299 log @doc: mark drupal7 and drupal9 as eol @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.298 2025/01/29 15:32:47 taca Exp $ d26134 1 @ 1.298 log @doc/pkg-vulnerabilities: add an entry for BIND 9.16 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.297 2025/01/27 23:12:15 morr Exp $ d26132 2 @ 1.297 log @Add new vim vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.296 2025/01/22 22:28:33 rillig Exp $ d26131 1 @ 1.296 log @doc/pkg-vulnerabilities: fix package names that ended with "-" @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.295 2025/01/15 12:28:39 wiz Exp $ d26130 1 @ 1.295 log @doc: new pam-u2f release, fixing CVE-2025-23013 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.294 2025/01/14 20:42:02 wiz Exp $ d4306 3 a4308 3 seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-55.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-56.html seamonkey-{,-bin,-gtk1}<2.0 arbitrary-code-execution http://www.mozilla.org/security/announce/2009/mfsa2009-62.html d7272 1 a7272 1 nagios-base-<3.5.0nb2 denial-of-service http://secunia.com/advisories/55976/ d7517 1 a7517 1 py{27,26}-imaging-<1.1.7nb8 insecure-temp-file http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933 d7821 1 a7821 1 nagios-base-<3.5.1nb1 denial-of-service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1878 d8772 1 a8772 1 suse{,32}_freetype2-<13.1nb2 multiple-vulnerabilities http://www.suse.com/support/update/announcement/2015/suse-su-20150463-1.html @ 1.294 log @doc: add one (of two) git and two (of six) new rsync vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.293 2025/01/14 13:26:59 wiz Exp $ d26129 1 @ 1.293 log @doc: update cgal vulnerability status Per https://github.com/CGAL/cgal/issues/5946 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.292 2025/01/12 01:01:55 morr Exp $ d26126 3 @ 1.292 log @doc: add vim vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.291 2024/12/22 21:03:13 wiz Exp $ d20718 4 a20721 4 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28601 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-28636 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35628 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35636 d21977 3 a21979 3 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35634 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35633 cgal-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35635 @ 1.291 log @doc: add one of the new webkit-gtk vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.290 2024/12/20 10:27:01 wiz Exp $ d26125 1 @ 1.290 log @doc: vuln: remove trailing empty line @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.289 2024/12/18 21:36:40 jschauma Exp $ d26124 1 @ 1.289 log @note liboqs vulnerability to CVE-2024-54137 (incorrect decapsulation) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.288 2024/12/16 18:33:59 prlw1 Exp $ a26123 1 @ 1.288 log @doc: remove language packs from firefox vulnerabilities - spotted by wiz@@ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.287 2024/12/16 18:30:08 prlw1 Exp $ d26123 2 @ 1.287 log @doc: add firefox115* 128* vulnerability code execution exploiting use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.286 2024/12/16 18:17:23 prlw1 Exp $ a26121 1 firefox128-l10n<128.3.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 a26122 1 firefox115-l10n<115.16.1 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 @ 1.286 log @doc: add firefox vulnerability code execution exploiting use-after-free https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.285 2024/12/13 22:06:35 wiz Exp $ d26120 5 a26124 1 firefox<131.0.2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-9680 @ 1.285 log @doc: add catch-all for multiple gstreamer vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.284 2024/12/11 09:43:45 wiz Exp $ d26120 1 @ 1.284 log @doc: add curl vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.283 2024/12/07 06:53:52 wiz Exp $ d26119 1 @ 1.283 log @doc: add upper bounds for gvfs vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.282 2024/12/05 08:04:38 wiz Exp $ d26118 1 @ 1.282 log @doc: add django vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.281 2024/11/28 08:31:24 wiz Exp $ d17412 3 a17414 3 gvfs>=1.29.4 multiple-vulnerabilities https://nvd.nist.gov/vuln/detail/CVE-2019-12448 gvfs>=1.29.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12447 gvfs>=1.29.4 insecure-file-permissions https://nvd.nist.gov/vuln/detail/CVE-2019-12449 @ 1.281 log @doc: add webkit-gtk vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.280 2024/11/25 12:02:28 leot Exp $ d26116 2 @ 1.280 log @doc: zbar 0.23.93 fixes CVE-2023-408{89,90} Via upstream changelog and upstream commit 012a030250a203e5529d09caedea7ad7173dacfd. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.279 2024/11/23 08:28:44 wiz Exp $ d26115 1 @ 1.279 log @doc: fix two nodejs entries @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.278 2024/11/18 23:01:27 wiz Exp $ d25203 2 a25204 2 zbar-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-40890 zbar-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-40889 @ 1.278 log @doc: add wget vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.277 2024/11/16 11:58:12 wiz Exp $ d14532 1 a14532 2 nodejs>=8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7651 nodejs>=9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7651 d24955 1 a24955 1 nodejs>=18.18.12.1 arbitrary-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-43548 @ 1.277 log @doc: note eol of pgsql 12 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.276 2024/11/16 08:50:48 wiz Exp $ d26115 1 @ 1.276 log @doc: remove vulnerability for Halibut (a .NET framework) - not halibut @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.275 2024/11/15 18:05:32 jakllsch Exp $ d26114 1 @ 1.275 log @openafs vulnerabilities OPENAFS-SA-2024-00[1-3] @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.274 2024/11/12 23:16:37 wiz Exp $ a22186 1 halibut<4.4.7 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31819 @ 1.274 log @doc: switch vuln URLs to CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.273 2024/11/10 08:30:25 wiz Exp $ d26109 6 @ 1.273 log @doc: add two libsoup3 vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.272 2024/11/06 08:20:32 wiz Exp $ d26107 2 a26108 2 libsoup3<3.6.0 request-smuggling https://gitlab.gnome.org/GNOME/libsoup/-/issues/377 libsoup3<3.6.1 denial-of-service https://gitlab.gnome.org/GNOME/libsoup/-/issues/391 @ 1.272 log @doc: add curl vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.271 2024/10/31 11:02:38 wiz Exp $ d26107 2 @ 1.271 log @doc: more webkit vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.270 2024/10/29 20:52:03 wiz Exp $ d26106 1 @ 1.270 log @doc: add modular-xorg-* vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.269 2024/10/27 16:52:09 thor Exp $ d26105 1 @ 1.269 log @doc/pkg-vulnerabilities: document mpg123 buffer overlow < 1.32.8 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.268 2024/10/20 21:06:20 wiz Exp $ d26103 2 @ 1.268 log @doc: add element-web vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.267 2024/10/10 21:48:26 wiz Exp $ d26102 1 @ 1.267 log @doc: add two vulnerabilities for libarchive @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.266 2024/10/09 20:23:35 wiz Exp $ d26101 1 @ 1.266 log @doc: add eol entry for python38 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.265 2024/10/07 19:01:19 wiz Exp $ d26099 2 @ 1.265 log @doc: add two vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.264 2024/10/03 20:17:10 he Exp $ d26098 1 @ 1.264 log @Add CVE-2024-8508: unbound possible DoS via name compression. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.263 2024/09/27 07:09:23 wiz Exp $ d26096 2 @ 1.263 log @doc: add some cups vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.262 2024/09/26 10:35:12 wiz Exp $ d26095 1 @ 1.262 log @doc: note olm vulnerabilities and EOL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.261 2024/09/25 14:35:10 wiz Exp $ d26091 4 @ 1.261 log @doc: add another webkit-gtk vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.260 2024/09/11 21:27:29 wiz Exp $ d26087 4 @ 1.260 log @doc: add libcurl-gnutls vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.259 2024/09/11 06:07:22 wiz Exp $ d26086 1 @ 1.259 log @doc: add more Python upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.258 2024/09/10 11:28:08 spz Exp $ d26085 1 @ 1.258 log @change the "fixed by" for http://secunia.com/advisories/42998/ to 1.4 since the version numbering here is 1.3 1.31 1.32.1.33 1.34 1.4, 1.34 and 1.4 were released in 2010 and 2011 so the distinction doesn't matter a whole lot, and pkgsrc is at 1.8 released in 2020. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.257 2024/09/10 07:55:14 wiz Exp $ d26003 2 a26004 4 # https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524 python38-[0-9]* race-condition https://github.com/python/cpython/issues/114572 # https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa python39-[0-9]* race-condition https://github.com/python/cpython/issues/114572 d26008 4 a26011 4 python38-[0-9]* ip-range-classification https://github.com/python/cpython/issues/113171 python39-[0-9]* ip-range-classification https://github.com/python/cpython/issues/113171 python310-[0-9]* ip-range-classification https://github.com/python/cpython/issues/113171 python311-[0-9]* ip-range-classification https://github.com/python/cpython/issues/113171 @ 1.257 log @doc: add upper bounds for Python vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.256 2024/09/09 20:24:57 wiz Exp $ d5070 1 a5070 1 p5-Convert-UUlib<1.34 denial-of-service http://secunia.com/advisories/42998/ @ 1.256 log @doc: gtk3 vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.255 2024/09/06 08:49:32 wiz Exp $ d26061 5 a26065 5 python38-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python39-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python310-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python311-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 python312-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2024-8088 d26078 5 a26082 5 python38-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python39-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python310-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python311-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 python312-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-6232 @ 1.255 log @doc: add some vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.254 2024/09/03 18:33:51 morr Exp $ d26086 1 @ 1.254 log @Add yet another vim vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.253 2024/08/26 20:13:42 wiz Exp $ d26069 17 @ 1.253 log @doc: add another vim vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.252 2024/08/26 17:02:01 wiz Exp $ d26068 1 @ 1.252 log @doc: add apr vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.251 2024/08/23 08:28:01 wiz Exp $ d26060 1 a26060 1 vim<9.1.0689 heap-buffer-overflow https://github.com/vim/vim/security/GHSA-v2x2-cjcg-f9jm d26067 1 @ 1.251 log @doc: add python infinite loop vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.250 2024/08/23 07:15:07 wiz Exp $ d26066 1 @ 1.250 log @doc: another vim overflow vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.249 2024/08/19 21:11:01 wiz Exp $ d26061 5 @ 1.249 log @doc: add py-WebOb vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.248 2024/08/17 04:49:31 wiz Exp $ d26060 1 @ 1.248 log @doc: new webkit out, add one of the vulns (there are more) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.247 2024/08/16 18:16:03 wiz Exp $ d26059 1 @ 1.247 log @doc: add unbound vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.246 2024/08/15 22:33:53 wiz Exp $ d26058 1 @ 1.246 log @doc: add two dovecot vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.245 2024/08/13 14:37:31 wiz Exp $ d26057 1 @ 1.245 log @doc: add nodejs18 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.244 2024/08/12 13:04:05 wiz Exp $ d26055 2 @ 1.244 log @doc: add roundcube vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.243 2024/08/07 22:35:45 nia Exp $ d26054 1 @ 1.243 log @pkg-vulnerabilities: I applied the patch for CVE-2022-47021 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.242 2024/08/07 22:29:01 nia Exp $ d26053 1 @ 1.242 log @CVE-2022-47664 was fixed in libde265-1.0.10 according to commits linked here: https://github.com/strukturag/libde265/issues/368 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.241 2024/08/06 15:10:10 nia Exp $ d24858 1 a24858 1 opusfile-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47021 @ 1.241 log @pkg-vulnerabilities: more fixed bugs in openimageio source: https://raw.githubusercontent.com/AcademySoftwareFoundation/OpenImageIO/master/CHANGES.md @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.240 2024/08/06 15:07:17 nia Exp $ d25522 1 a25522 1 libde265-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-47664 @ 1.240 log @pkg-vulnerabilities: all of these bugs were fixed in openimageio-2.5.0.0 source: https://raw.githubusercontent.com/AcademySoftwareFoundation/OpenImageIO/master/SECURITY.md @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.239 2024/08/06 15:06:59 wiz Exp $ d24059 1 a24059 1 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593 d24061 1 a24061 1 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43595 d24064 1 a24064 1 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649 @ 1.239 log @doc: add a django vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.238 2024/08/06 14:44:53 nia Exp $ d24043 16 a24058 16 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43598 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41999 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41838 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602 openimageio-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41837 d24060 1 a24060 1 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43594 d24062 2 a24063 2 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143 d24065 2 a24066 2 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41988 @ 1.238 log @pkg-vulnerabilities: two fixed in speex CVE-2020-23903 was fixed in speex-1.2.1 870ff845b32f314aec0036641ffe18aba4916887 CVE-2020-23904 is invalid per https://github.com/xiph/speex/issues/14 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.237 2024/08/06 14:41:23 nia Exp $ d26051 2 @ 1.237 log @pkg-vulnerabilities: two patched in unzip @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.236 2024/08/05 06:37:07 wiz Exp $ d22342 1 a22342 2 speex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23904 speex-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-23903 @ 1.236 log @doc: add some upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.235 2024/08/02 22:37:32 morr Exp $ d22886 2 a22887 2 unzip-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-0529 unzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-0530 @ 1.235 log @Add vim vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.234 2024/07/31 08:09:00 wiz Exp $ d20620 1 a20620 1 wolfssl-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-3336 d25208 1 a25208 1 zola-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-40274 @ 1.234 log @doc: add curl vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.233 2024/07/27 21:04:33 wiz Exp $ d26050 2 @ 1.233 log @doc: vuln: update libreoffice pattern According to email from upstream, 6.4.4's "stealth" off-by-default feature fixes that problem. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.232 2024/07/27 06:08:17 wiz Exp $ d26049 1 @ 1.232 log @doc: update some libreoffice and libtomcrypt vuln entries @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.231 2024/07/26 21:03:55 wiz Exp $ d18644 1 a18644 1 libreoffice-[0-9]* remote-file-view https://nvd.nist.gov/vuln/detail/CVE-2012-5639 @ 1.231 log @doc: orc vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.230 2024/07/26 14:15:14 wiz Exp $ d12136 4 a12139 10 libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327 libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2016-10327 libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7856 libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7856 libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870 libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-7870 libreoffice-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-7882 libreoffice5-bin-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2017-7882 libreoffice-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8358 libreoffice5-bin-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-8358 d14973 1 a14973 1 libreoffice-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-10583 a15635 1 libreoffice-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-14939 d18190 1 a18190 1 libtomcrypt-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-17362 @ 1.230 log @doc: mark mysql* 5.6 and 5.7 as EOL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.229 2024/07/25 06:27:11 wiz Exp $ d26055 1 @ 1.229 log @doc: vuln: add an upper bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.228 2024/07/24 07:30:12 wiz Exp $ d26051 4 @ 1.228 log @doc: add libcurl-gnutls vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.227 2024/07/23 06:04:37 wiz Exp $ d19639 1 a19639 1 openssh-[0-9]* man-in-the-middle https://nvd.nist.gov/vuln/detail/CVE-2020-14145 @ 1.227 log @doc: add more upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.226 2024/07/22 06:24:18 adam Exp $ d26050 1 @ 1.226 log @Updated security/mit-krb5; Removed textproc/py-markuppy @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.225 2024/07/19 05:53:56 wiz Exp $ d12007 1 a12007 1 dpkg-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2017-8283 d21806 1 a21806 1 grilo-[0-9]* improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2021-39365 @ 1.225 log @doc: update some ansible patterns according to gentoo ansible's own documentation on this seems lacking @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.224 2024/07/17 18:59:45 wiz Exp $ d26048 2 @ 1.224 log @doc: add apache vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.223 2024/07/17 12:17:08 wiz Exp $ d19089 1 a19089 1 ansible-[0-9]* directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2020-1735 d19091 1 a19091 1 ansible-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-1738 d19094 1 a19094 1 ansible-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-1753 d19143 1 a19143 1 ansible-[0-9]* code-injection https://nvd.nist.gov/vuln/detail/CVE-2020-10684 d21311 4 a21314 2 ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3532 ansible-[0-9]* information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-3533 @ 1.223 log @idoc: update some vulnerabilities with upper bounds, remove some dupes @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.222 2024/07/15 06:10:51 wiz Exp $ d26045 1 @ 1.222 log @idoc: update some wireshark vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.221 2024/07/15 06:06:01 wiz Exp $ d19487 1 a19487 1 libupnp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-13848 d19496 1 a19496 1 ImageMagick-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-13902 d21355 2 a21356 1 ImageMagick-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2021-34183 d24049 3 a24051 5 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599 d24053 2 a24054 6 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43594 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43595 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592 d24056 1 a24056 3 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41988 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977 d24058 6 d24065 1 a24065 14 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-43603 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43602 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43601 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43600 openimageio-[0-9]* heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43599 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43598 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43597 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43596 d24068 4 a24071 3 openimageio-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-43593 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-43592 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41999 a24072 10 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41981 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41977 openimageio-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41838 openimageio-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2022-41837 openimageio-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-41794 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-41649 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41684 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41639 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-38143 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-36354 d24985 1 a24985 1 fcitx5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-37311 d25261 1 a25261 1 netatalk3-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-43634 @ 1.221 log @doc: update some exiv2 vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.220 2024/07/14 12:59:10 wiz Exp $ d20054 1 a20054 1 wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-26575 d25448 2 a25449 2 wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3649 wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3648 d25451 1 a25451 1 wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-4512 d25453 1 a25453 1 wireshark-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-5371 @ 1.220 log @doc: add exiv2 vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.219 2024/07/14 06:16:33 wiz Exp $ d21810 5 a21814 3 exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18774 exiv2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18773 exiv2-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-18771 @ 1.219 log @doc: add py-httpie vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.218 2024/07/12 07:09:03 adam Exp $ d26065 1 @ 1.218 log @Updated mail/exim[-html] @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.217 2024/07/10 06:15:28 wiz Exp $ d26064 1 @ 1.217 log @doc: add a new django vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.216 2024/07/08 03:38:52 jnemeth Exp $ d26063 1 @ 1.216 log @adjust CVS-2022-37325 for Asterisk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.215 2024/07/04 06:35:01 wiz Exp $ d26061 2 @ 1.215 log @doc: add some vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.214 2024/07/02 20:22:56 adam Exp $ d25063 3 a25065 3 asterisk<16.28.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 asterisk>=17<18.14.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 asterisk>=19<19.6.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 @ 1.214 log @added Apache HTTP server vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.213 2024/06/28 18:59:47 wiz Exp $ d26058 3 @ 1.213 log @doc: add two mit-krb5 vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.212 2024/06/25 06:14:02 wiz Exp $ d26050 8 @ 1.212 log @doc: add samba problem @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.211 2024/06/24 12:26:31 gdt Exp $ d26048 2 @ 1.211 log @pkg-vulnerabilites: Add emacs/orgmode See also https://www.cve.org/CVERecord?id=CVE-2024-39331 https://list.orgmode.org/877cegwhch.fsf@@stebalien.com/ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.210 2024/06/22 12:52:25 kim Exp $ d26046 2 @ 1.210 log @doc: Update CVE-2022-29458 (ncurses) The vulnerability only applies to ncurses 6.3 before patch 20220416, but since pkgsrc went from 6.3 directly to 6.4, mark this as applying to <6.4 to avoid having to come up with a fictional convention for identifying the patch version. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.209 2024/06/18 06:50:04 wiz Exp $ d26042 4 @ 1.209 log @doc: add two python vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.208 2024/06/17 18:56:34 adam Exp $ d23390 1 a23390 1 ncurses-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29458 @ 1.208 log @add libxml2 vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.207 2024/06/11 06:08:04 wiz Exp $ d26030 12 @ 1.207 log @doc: add some upper bounds for grafana and gitea These entries look govulncheck-generated, and govulncheck reports no problem with the current versions. Use current version as upper bound (could probably be lowered). @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.206 2024/06/09 18:32:17 wiz Exp $ d26028 2 @ 1.206 log @doc: add vte* vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.205 2024/06/07 06:49:54 wiz Exp $ d21540 1 a21540 1 grafana-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538 d25855 2 a25856 2 gitea-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 gitea-[0-9]* improper-rendering https://pkg.go.dev/vuln/GO-2023-1988 @ 1.205 log @doc: add one of the new php vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.204 2024/06/06 07:46:05 wiz Exp $ d26026 2 @ 1.204 log @doc: add a couple of the vulns affecting nginx <1.26.1 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.203 2024/06/05 12:16:55 wiz Exp $ d26023 3 @ 1.203 log @doc: vuln: update grafana entry, add libarchive one @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.202 2024/05/23 10:52:37 wiz Exp $ d26021 2 @ 1.202 log @doc: fix gstreamer entry, add upper bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.201 2024/05/23 10:09:16 tm Exp $ d18117 1 a18117 1 grafana-[0-9]* information-leak https://nvd.nist.gov/vuln/detail/CVE-2019-15635 d26020 1 @ 1.201 log @doc: pkg-vulnerabilities +gstreamer, +keepassxc, +lighttpd, +py-mysql, +py-requests @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.200 2024/05/22 11:47:41 wiz Exp $ d26018 1 a26018 1 gstreamer-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-4453 @ 1.200 log @doc: add asterisk* vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.199 2024/05/19 11:59:02 wiz Exp $ d26014 6 @ 1.199 log @doc: add ghostscript vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.198 2024/05/15 13:13:19 wiz Exp $ d26011 3 @ 1.198 log @doc: add dino vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.197 2024/05/15 08:18:54 wiz Exp $ d26009 2 @ 1.197 log @doc: remove some vulns (for libav, not gst-*-libav), add upper bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.196 2024/05/15 07:53:36 wiz Exp $ d26008 1 @ 1.196 log @doc: add some upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.195 2024/05/14 23:06:15 wiz Exp $ d19161 1 a19161 1 gst-rtsp-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-6095 a21990 3 gst-plugins1-libav-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18778 gst-plugins1-libav-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18776 gst-plugins1-libav-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-18775 @ 1.195 log @doc: 5 more git vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.194 2024/05/11 13:07:13 morr Exp $ d17105 1 a17105 1 gitea-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2018-15192 d19464 1 a19464 3 grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18624 grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18625 grafana-[0-9]* cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2018-18623 d20009 1 a20009 1 grafana-[0-9]* signature-forgery https://nvd.nist.gov/vuln/detail/CVE-2020-15216 d24922 1 a24922 1 assimp-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-45748 @ 1.194 log @Add entry for vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.193 2024/05/09 08:57:23 wiz Exp $ d26008 5 @ 1.193 log @doc: add go vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.192 2024/05/09 06:48:37 wiz Exp $ d26007 1 @ 1.192 log @doc: amarok vuln was fixed sometime before 3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.191 2024/05/09 06:41:48 wiz Exp $ d26005 2 @ 1.191 log @doc: convert a nss vuln to a firefox one @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.190 2024/05/08 21:49:11 khorben Exp $ d19385 1 a19385 1 amarok-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13152 @ 1.190 log @doc: add XSS in phpldapadmin @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.189 2024/05/08 11:19:51 he Exp $ d24712 1 a24712 1 nss-[0-9]* timing https://nvd.nist.gov/vuln/detail/CVE-2020-12413 @ 1.189 log @Add entry for net/unbound / CVE-2024-33655, and mark as denial-of-service even though it probably is more "contributing to denial-of-service". Temporarily use cve.mitre.org, which at least lists CVE as "assigned". @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.188 2024/05/07 11:07:14 wiz Exp $ d26004 1 @ 1.188 log @doc: update tinyproxy vuln patterns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.187 2024/05/06 05:49:59 wiz Exp $ d26003 1 @ 1.187 log @doc: add two uriparser CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.186 2024/05/05 07:32:19 wiz Exp $ d24707 1 a24707 1 tinyproxy-[0-9]* insecure-defaults https://nvd.nist.gov/vuln/detail/CVE-2022-40468 d26002 1 @ 1.186 log @doc: add some upper bounds for vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.185 2024/05/03 06:00:22 wiz Exp $ d26000 2 @ 1.185 log @doc: add an upper bound for gnome-autoar @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.184 2024/05/02 14:51:53 wiz Exp $ d22902 1 a22902 1 blender-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-0546 d24280 3 a24282 3 blender-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-2833 blender-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2832 blender-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2831 d25999 1 @ 1.184 log @doc: add py-aiohttp vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.183 2024/04/29 21:31:42 wiz Exp $ d20611 1 a20611 1 gnome-autoar-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-36241 @ 1.183 log @doc: add R vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.182 2024/04/29 06:06:11 wiz Exp $ d25998 1 @ 1.182 log @doc: add an upper bound for a jasper vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.181 2024/04/27 06:10:26 wiz Exp $ d25997 1 @ 1.181 log @doc: add upper bounds for emacs vulns; remove very unspecific hiawatha hiawatha entry from 2010, and URL doesn't exist any longer @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.180 2024/04/25 15:14:49 taca Exp $ d13094 1 a13094 1 jasper-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2017-13745 @ 1.180 log @doc/pkg-vulnerabilities: add CVE-2024-27282 Add CVE-2024-27282 for ruby31-base, ruby32-base and ruby33. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.179 2024/04/25 07:24:08 wiz Exp $ a5174 1 hiawatha-[0-9]* multiple-vulnerabilities http://www.hiawatha-webserver.org/changelog d25101 3 a25103 3 emacs-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48339 emacs-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2022-48338 emacs-[0-9]* shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-48337 @ 1.179 log @doc: add an upper bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.178 2024/04/23 12:12:07 wiz Exp $ d25995 3 @ 1.178 log @doc: remove CVE-2020-23171, it affects nim's zip bindings (separate, unpackaged) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.177 2024/04/23 07:16:08 wiz Exp $ d19716 1 a19716 1 qemu-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-15859 @ 1.177 log @doc: remove CVE-2021-41259, it has been rejected @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.176 2024/04/21 06:54:04 wiz Exp $ a21733 1 nim-[0-9]* arbitrary-file-write https://nvd.nist.gov/vuln/detail/CVE-2020-23171 @ 1.176 log @doc: fix PKGNAME in pattern @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.175 2024/04/19 05:58:51 wiz Exp $ a22352 1 nim-[0-9]* server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2021-41259 @ 1.175 log @doc: add some upper bounds, improve some entries @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.174 2024/04/15 22:12:14 wiz Exp $ d5585 1 a5585 1 libobby-[0-9]* multiple-vulnerabilities https://www.openwall.com/lists/oss-security/2011/10/30/3 @ 1.174 log @doc: add CVE-2024-31497 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.173 2024/04/13 08:14:24 wiz Exp $ d5584 2 a5585 2 net6-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46605/ gobby-[0-9]* multiple-vulnerabilities http://secunia.com/advisories/46698/ d12817 2 a12818 2 ledger-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12481 ledger-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-12482 d13145 2 a13146 2 ledger-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2017-2807 ledger-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2017-2808 d20428 1 a20428 1 gobby-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-35450 @ 1.173 log @doc: improve some patterns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.172 2024/04/13 03:12:37 taca Exp $ d25995 2 @ 1.172 log @doc/pkg-vulnerabilities: add entries for php-7.4 and php-8.0 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.171 2024/04/13 03:10:35 taca Exp $ d25984 11 a25994 11 php81<8.1.28 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php81>=8.1.11<8.1.28 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php81<8.1.28 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php82<8.2.18 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php82<8.2.18 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php82<8.2.18 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php83<8.3.5 command-injection https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 php83<8.3.5 security-bypass https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 php83<8.3.5 authentication-bypass https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr php-7.4.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages php-8.0.[0-9]* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages @ 1.171 log @doc/pkg-vulnerabilities: add several php{80,81,82} entries CVE-2024-1874 https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 CVE-2024-2756 https://github.com/php/php-src/security/advisories/GHSA-wpj3-hf5j-x4v4 CVE-2024-3096 https://github.com/php/php-src/security/advisories/GHSA-h746-cjrr-wfmr @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.170 2024/04/12 07:28:33 wiz Exp $ d25993 2 @ 1.170 log @doc: add more upper bounds tex-context was fixed in https://github.com/contextgarden/context-mirror/commit/25fcad7435f56cdce2658336909f4da6a65589c0 in 2018, but I'm not sure what version that corresponds to so just mark today's version safe. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.169 2024/04/11 06:46:19 wiz Exp $ d25984 9 @ 1.169 log @doc: add more upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.168 2024/04/10 19:49:30 nia Exp $ d14077 2 a14078 2 tex-context-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513 tex-lualibs-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17513 @ 1.168 log @Make MariaDB vulnerability version specifiers apply properly to the versions we've included with pkgsrc. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.167 2024/04/10 07:27:00 wiz Exp $ d14034 1 a14034 1 scummvm-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2017-17528 d15891 1 a15891 1 zziplib-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2018-16548 @ 1.167 log @doc: add more upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.166 2024/04/08 06:31:39 wiz Exp $ d22746 9 a22754 3 mariadb-server<10.6.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46657 mariadb-server<10.6.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46658 mariadb-server<10.7.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46659 d23562 12 a23573 4 mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 @ 1.166 log @doc: add still more upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.165 2024/04/08 06:21:05 wiz Exp $ d14884 2 a14885 1 tiff-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2018-10126 d16681 1 a16681 1 openjpeg-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6988 d22963 1 a22963 1 openjpeg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-3575 @ 1.165 log @doc: add more upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.164 2024/04/08 06:06:36 wiz Exp $ d22401 4 a22404 1 lua54-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-43519 d22688 1 a22688 1 lua54-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-44647 d23210 1 a23210 1 lua54-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-28805 d23874 1 a23874 1 lua54-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-33099 @ 1.164 log @doc: add some upper bounds @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.163 2024/04/07 21:36:33 wiz Exp $ d25939 2 a25940 2 python311-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 python312-[0-9]* privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2023-6597 @ 1.163 log @doc: add a p5-HTTP-Body vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.162 2024/04/07 14:00:53 taca Exp $ d16639 1 a16639 1 cairo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6461 d25139 1 a25139 2 # CPAN up to and including 2.34 perl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31484 d25141 1 a25141 2 # HTTP::Tiny up to and including 0.082, part of perl perl-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-31486 d25442 4 a25445 2 w3m-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38252 w3m-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-38253 @ 1.162 log @doc/pkg-vulnerabilities: add several php-concrete-cms entries php{80,81,82}-concrete-cms<9.2.8 XSS CVE-2024-2753 CVE-2024-3178 CVE-2024-3179 CVE-2024-3180 CVE-2024-3181 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.161 2024/04/05 20:11:27 wiz Exp $ d25965 1 @ 1.161 log @doc: update some vuln patterns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.160 2024/04/05 07:02:57 wiz Exp $ d25960 5 @ 1.160 log @doc: add some upper bounds for vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.159 2024/04/03 21:01:03 wiz Exp $ d25956 2 a25957 2 go121-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 go122-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 d25959 1 a25959 1 apache-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 @ 1.159 log @doc: add more vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.158 2024/04/03 19:23:02 rhialto Exp $ d25953 3 a25955 3 nodejs>=18<19 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 nodejs>=20<21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 nodejs>=21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27983 d25958 1 a25958 1 nghttp2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 @ 1.158 log @Set xpdf<4.05 for those CVEs mentioned in xpdf's CHANGES for 4.05. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.157 2024/03/29 18:22:44 wiz Exp $ d25799 2 a25800 2 modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6377 modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6478 d25831 1 a25831 1 sendmail<8.18.0.2 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-51765 d25854 1 a25854 1 modular-xorg-server<21.1.11 heap-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6816 d25951 9 @ 1.157 log @doc: add xz upper bound @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.156 2024/03/29 18:13:24 wiz Exp $ d14410 1 a14410 1 xpdf<5.0 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2018-7453 d15850 1 a15850 1 xpdf<5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-16369 d24135 1 a24135 1 xpdf<4.04 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-36561 d25682 3 a25684 3 xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2664 xpdf-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2663 xpdf-[0-9]* divide-by-zero https://nvd.nist.gov/vuln/detail/CVE-2023-2662 d25686 1 a25686 1 xpdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-3436 @ 1.156 log @doc: add xz backdoor @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.155 2024/03/27 13:33:34 wiz Exp $ d25950 1 a25950 1 xz>=5.6 backdoor https://www.openwall.com/lists/oss-security/2024/03/29/4 @ 1.155 log @doc: pkg-vulnerabilities: add more @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.154 2024/03/25 03:09:27 jnemeth Exp $ d25950 1 @ 1.154 log @limit scope of CVS-2022-37325 for Asterisk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.153 2024/03/23 15:16:59 taca Exp $ d25946 4 @ 1.153 log @doc: add ruby33 for CVE-2024-27281 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.152 2024/03/23 14:50:53 taca Exp $ d25053 3 a25055 1 asterisk-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-37325 @ 1.152 log @doc: add ruby32-base for CVE-2024-27281 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.151 2024/03/23 14:30:25 taca Exp $ d25943 1 @ 1.151 log @doc: add ruby31-base for two CVEs. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.150 2024/03/22 20:14:03 wiz Exp $ d25942 1 @ 1.150 log @doc: add a gnutls vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.149 2024/03/21 09:01:30 wiz Exp $ d25940 2 @ 1.149 log @doc: note (one of the) new python vuln(s) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.148 2024/03/14 09:16:29 wiz Exp $ d25939 1 @ 1.148 log @pkg-vulnerabilities: add expat entry @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.147 2024/03/09 20:19:47 wiz Exp $ d25934 5 @ 1.147 log @doc: add more vulnerabilities, add upper bound for fontforge @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.146 2024/03/05 01:02:00 joerg Exp $ d25933 1 @ 1.146 log @There is no Python 2.7 version of Django 2+ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.145 2024/03/04 13:56:42 wiz Exp $ d25922 2 a25923 2 fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25081 fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25082 d25928 5 @ 1.145 log @doc: add new py-django DOS CVE @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.144 2024/03/03 12:55:49 wiz Exp $ d14584 1 a14584 1 py{27,34,35,36}-django>=2.0<2.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-7537 d15641 1 a15641 1 py{27,34,35,36,37}-django>=2.0<2.0.8 open-redirect https://nvd.nist.gov/vuln/detail/CVE-2018-14574 d15980 1 a15980 1 py{27,34,35,36,37,38}-django>=2.1<2.1.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2018-16984 d16561 2 a16562 2 py{27,34,35,36,37,38}-django>=2.0<2.0.10 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 py{27,34,35,36,37,38}-django>=2.1<2.1.5 frame-content-spoofing https://nvd.nist.gov/vuln/detail/CVE-2019-3498 d16791 2 a16792 2 py{27,34,35,36,37,38}-django>=2.0<2.0.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 py{27,34,35,36,37,38}-django>=2.1<2.1.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-6975 d17445 2 a17446 2 py{27,34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-12308 py{27,34,35,36,37,38}-django>=2.0<2.2.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2019-11358 d17584 2 a17585 2 py{27,34,35,36,37,38}-django>=2.1<2.1.10 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 py{27,34,35,36,37,38}-django>=2.2<2.2.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12781 d17818 2 a17819 2 py{27,34,35,36,37,38}-django>=2.1<2.1.11 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ py{27,34,35,36,37,38}-django>=2.2<2.2.4 multiple-vulnerabilities https://www.djangoproject.com/weblog/2019/aug/01/security-releases/ d18500 2 a18501 2 py{27,34,35,36,37,38}-django>=2.1<2.1.15 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118 py{27,34,35,36,37,38}-django>=2.2<2.2.8 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2019-19118 d18613 2 a18614 2 py{27,34,35,36,37,38}-django>=2.1<2.1.15 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 py{27,34,35,36,37,38}-django>=2.2<2.2.9 account-impersonation https://nvd.nist.gov/vuln/detail/CVE-2019-19844 d18908 1 a18908 1 py{27,34,35,36,37,38}-django>=2.2<2.2.10 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-7471 d19074 2 a19075 2 py{27,34,35,36,37,38}-django>=2.2<2.2.11 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 py{27,34,35,36,37,38}-django>=3.0<3.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2020-9402 d19473 4 a19476 4 py{27,34,35,36,37,38}-django>=2.2<2.2.13 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 py{27,34,35,36,37,38}-django>=3.0<3.0.7 data-leak https://nvd.nist.gov/vuln/detail/CVE-2020-13254 py{27,34,35,36,37,38}-django>=2.2<2.2.13 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 py{27,34,35,36,37,38}-django>=3.0<3.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2020-13596 d20620 2 a20621 2 py{27,36,37,38,39}-django>=2.2<2.2.18 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281 py{27,36,37,38,39}-django>=3.1<3.1.6 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2021-3281 d22469 3 a22471 3 py{27,36,37,38,39,310}-django>=2.2<2.2.25 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{27,36,37,38,39,310}-django>=3.1<3.1.14 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 py{27,36,37,38,39,310}-django>=3.2<3.2.10 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-44420 d22612 9 a22620 9 py{27,36,37,38,39,310}-django>=2.2<2.2.26 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{27,36,37,38,39,310}-django>=3.2<3.2.11 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{27,36,37,38,39,310}-django>=4<4.0.1 access-bypass https://nvd.nist.gov/vuln/detail/CVE-2021-45452 py{27,36,37,38,39,310}-django>=2.2<2.2.26 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{27,36,37,38,39,310}-django>=3.2<3.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{27,36,37,38,39,310}-django>=4<2.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-45115 py{27,36,37,38,39,310}-django>=2.2<2.2.26 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 py{27,36,37,38,39,310}-django>=3.2<3.2.11 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 py{27,36,37,38,39,310}-django>=4<4.0.1 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-45116 d22793 6 a22798 6 py{27,36,37,38,39,310}-django>=2.2<2.2.27 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{27,36,37,38,39,310}-django>=3.2<3.2.12 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{27,36,37,38,39,310}-django>=4.0<4.0.2 infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-23833 py{27,36,37,38,39,310}-django>=2.2<2.2.27 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{27,36,37,38,39,310}-django>=3.2<3.2.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 py{27,36,37,38,39,310}-django>=4.0<4.0.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-22818 d23323 6 a23328 6 py{27,36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{27,36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{27,36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28347 py{27,36,37,38,39,310}-django>=2.2<2.2.28 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 py{27,36,37,38,39,310}-django>=3.2<3.2.13 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 py{27,36,37,38,39,310}-django>=4.0<4.0.4 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-28346 d23858 2 a23859 2 py{27,36,37,38,39,310}-django>=3.2<3.2.14 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265 py{27,36,37,38,39,310}-django>=4.0<4.0.6 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-34265 d23904 2 a23905 2 py{27,36,37,38,39,310}-django>=3.2<3.2.15 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359 py{27,36,37,38,39,310}-django>=4.0<4.0.7 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-36359 d24561 3 a24563 3 py{27,36,37,38,39,310,311}-django>=3.2<3.2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{27,36,37,38,39,310,311}-django>=4.0<4.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 py{27,36,37,38,39,310,311}-django>=4.1<4.1.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-41323 d25142 3 a25144 3 py{27,36,37,38,39,310,311}-django>=3.2<3.2.19 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 py{27,36,37,38,39,310,311}-django>=4.1<4.1.9 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 py{27,36,37,38,39,310,311}-django>=4.2<4.2.1 input-validation https://nvd.nist.gov/vuln/detail/CVE-2023-31047 d25180 3 a25182 3 py{27,37,38,39,310,311}-django>=3.2<3.2.20 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{27,37,38,39,310,311}-django>=4.1<4.1.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 py{27,37,38,39,310,311}-django>=4.2<4.2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-36053 d25209 3 a25211 3 py{27,37,38,39,310,311}-django>=3.2<3.2.21 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 py{27,37,38,39,310,311}-django>=4.1<4.1.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 py{27,37,38,39,310,311}-django>=4.2<4.2.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41164 d25383 3 a25385 3 py{27,37,38,39,310,311}-django>=3.2<3.2.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 py{27,37,38,39,310,311}-django>=4.1<4.1.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 py{27,37,38,39,310,311}-django>=4.2<4.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 d25873 3 a25875 3 py{27,37,38,39,310,311,312}-django>=3.2<3.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{27,37,38,39,310,311,312}-django>=4.1<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{27,37,38,39,310,311,312}-django>=4.2<4.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 d25925 3 a25927 3 py{27,37,38,39,310,311,312}-django>=3<3.2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 py{27,37,38,39,310,311,312}-django>=4<4.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 py{27,37,38,39,310,311,312}-django>=5<5.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 @ 1.144 log @pkg-vulnerabilities: add upper bound for prometheus The current prometheus is not using the vulnerable library any longer, but I can't easily find out when that happened, so mark today's version as fixed. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.143 2024/02/27 13:37:50 tm Exp $ d25925 3 @ 1.143 log @doc: pkg-vulnerabilities +fontforge +mantis +opendmarc +py-cbor2 +routinator +wireshark +wolfssl +yasm @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.142 2024/02/24 15:06:38 taca Exp $ d21541 1 a21541 1 prometheus-[0-9]* insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2021-3538 @ 1.142 log @doc: add CVE-2024-26146 Add CVE-2024-26146 entries for www/ruby-rack2 and www/ruby-rack. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.141 2024/02/24 15:05:22 taca Exp $ d25914 11 @ 1.141 log @doc: add CVE-2024-26144 Add CVE-2024-26144 entries for devel/ruby-activestorage61 and devel/ruby-activestorage70. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.140 2024/02/24 15:03:48 taca Exp $ d25912 2 @ 1.140 log @doc: add CVE-2024-26143 Add CVE-2024-26143 entries for www/ruby-actionpack70 and www/ruby-actionpack71. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.139 2024/02/24 15:02:49 taca Exp $ d25910 2 @ 1.139 log @doc: add CVE-2024-26142 Add CVE-2024-26142 entry for www/ruby-actionpack71. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.138 2024/02/24 15:01:53 taca Exp $ d25908 2 @ 1.138 log @doc: add CVE-2024-26141 Add CVE-2024-26141 entries for www/ruby-rack2 and www/ruby-rack. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.137 2024/02/24 15:00:58 taca Exp $ d25907 1 @ 1.137 log @doc: add CVE-2024-25126 Add CVE-2024-25126 entries for www/ruby-rack2 and www/ruby-rack. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.136 2024/02/23 12:59:46 wiz Exp $ d25905 2 @ 1.136 log @doc: add libcares vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.135 2024/02/21 08:02:28 wiz Exp $ d25903 2 @ 1.135 log @doc: py-cryptography vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.134 2024/02/19 10:23:37 wiz Exp $ d25902 1 @ 1.134 log @doc: fix py-dns entry, 2.6 had the fix @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.133 2024/02/19 09:26:04 leot Exp $ d25901 1 @ 1.133 log @Use `<` instead of `<=` for latest py-dns entry Using `<=` can ends up in "accidentally" mark the vulnerability fixed due unrelated PKGREVISION bumps and should be always avoided. 2.6.1 was released in the meantime and we can use `<2.6.1` now. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.132 2024/02/17 13:51:03 wiz Exp $ d25900 1 a25900 1 py{27,37,38,39,310,311,312}-dns<2.6.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29483 @ 1.132 log @doc: fix pattern noted by he@@ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.131 2024/02/17 13:27:26 wiz Exp $ d25900 1 a25900 1 py{27,37,38,39,310,311,312}-dns<=2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29483 @ 1.131 log @doc: py-dns vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.130 2024/02/15 22:47:21 wiz Exp $ d25900 1 a25900 1 py{27,37,38,39,310,311,312}<=2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-29483 @ 1.130 log @doc: nss vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.129 2024/02/14 15:48:12 wiz Exp $ d25900 1 @ 1.129 log @doc: powerdns-recursor vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.128 2024/02/13 22:25:11 wiz Exp $ d25899 1 @ 1.128 log @doc: dnsmasq CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.127 2024/02/13 15:24:30 taca Exp $ d25897 2 @ 1.127 log @doc/pkg-vulnerabilities: add bind916 security problems @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.126 2024/02/13 14:13:37 taca Exp $ d25895 2 @ 1.126 log @doc/pkg-vulnerabilities: add bind918 security problems @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.125 2024/02/13 13:59:36 he Exp $ d25890 5 @ 1.125 log @Add the two new entries for unbound: CVE-2023-50387, DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers. and CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU. Nist doesn't have those yet, so use cve.mitre.org (even though they are only "candidate CVEs" there at the time of this commit. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.124 2024/02/12 08:54:31 wiz Exp $ d25885 5 @ 1.124 log @doc: fix libuv minimal affected version @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.123 2024/02/12 04:35:57 jnemeth Exp $ d25883 2 @ 1.123 log @note that asterisk-13.* is eol @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.122 2024/02/11 10:07:10 wiz Exp $ d25876 1 a25876 1 libuv>=1.45<1.48 address-check-bypass https://nvd.nist.gov/vuln/detail/CVE-2024-24806 @ 1.122 log @doc: comment out two png vulns (one false positive, one test program) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.121 2024/02/09 20:31:43 wiz Exp $ d25882 1 @ 1.121 log @doc: postgresql vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.120 2024/02/09 06:59:03 wiz Exp $ d24804 1 a24804 1 png-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4214 d25527 1 a25527 1 png-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3857 @ 1.120 log @doc: add missing python version to vulnerabilities Noted by adam@@ @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.119 2024/02/09 03:02:21 wiz Exp $ d25877 5 @ 1.119 log @doc: more vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.118 2024/02/07 18:01:16 wiz Exp $ d25873 3 a25875 3 py{27,37,38,39,310,311}-django>=3.2<3.2.24 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{27,37,38,39,310,311}-django>=4.1<4.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 py{27,37,38,39,310,311}-django>=4.2<4.2.10 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-24680 @ 1.118 log @doc: webkit-gtk 2.42.5 out @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.117 2024/02/07 16:35:29 wiz Exp $ d25873 4 @ 1.117 log @doc: expat vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.116 2024/02/05 20:08:49 nia Exp $ d25872 1 @ 1.116 log @libxml2 bug fixed according to linked gitlab issue @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.115 2024/02/05 20:00:56 nia Exp $ d24580 1 a24580 1 libexpat<2.5 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-43680 d25870 2 @ 1.115 log @libheif bug fixed according to linked github issue (which is strangely still open, but mentions that it was fixed in commit bca0162018df9a32d21c05aad1fa203881fa7813, introduced in 1.7.0) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.114 2024/02/05 19:58:14 nia Exp $ d25500 1 a25500 1 libxml2-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-45322 @ 1.114 log @faad2 bugs fixed according to linked github issue @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.113 2024/02/03 16:39:14 tm Exp $ d22342 1 a22342 1 libheif-[0-9]* heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-23109 @ 1.113 log @doc: pkg-vulnerabilities +curl, +glpi, +graphviz, +mbedtls, +opensc, +py-aiohttp, +py-octoprint @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.112 2024/01/24 20:16:09 wiz Exp $ d25667 2 a25668 2 faad2-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38858 faad2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38857 @ 1.112 log @doc: add upper bound for minizip vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.111 2024/01/22 16:53:00 adam Exp $ d25858 12 @ 1.111 log @pkg-vulnerabilities: nodejs16 is eol @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.110 2024/01/22 09:15:45 wiz Exp $ d25748 1 a25748 1 minizip-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-45853 @ 1.110 log @doc: note postgresql11 is eol @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.109 2024/01/20 20:44:00 wiz Exp $ d25857 1 @ 1.109 log @doc: add py-Pillow vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.108 2024/01/20 12:13:53 wiz Exp $ d25856 1 @ 1.108 log @doc: add one of the vulns fixed in gnutls 3.8.3 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.107 2024/01/19 13:01:40 wiz Exp $ d25855 1 @ 1.107 log @doc: coreutils vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.106 2024/01/16 11:20:04 wiz Exp $ d25854 1 @ 1.106 log @doc: add one of the new modular-xorg-server vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.105 2024/01/01 00:11:56 wiz Exp $ d25853 1 @ 1.105 log @doc: gstreamer vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.104 2023/12/30 12:04:21 wiz Exp $ d25852 1 @ 1.104 log @doc: libheif, libde265 vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.103 2023/12/29 20:29:51 wiz Exp $ d25851 1 @ 1.103 log @doc: filezilla terrapin vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.102 2023/12/29 19:42:58 wiz Exp $ d25849 2 @ 1.102 log @doc: p5-Spreadsheet-ParseExcel vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.101 2023/12/29 13:12:03 wiz Exp $ d25848 1 @ 1.101 log @doc: update exim pattern for fixed smtp smuggling @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.100 2023/12/26 19:46:34 wiz Exp $ d25847 1 @ 1.100 log @doc: more *ssh vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.99 2023/12/26 19:27:49 wiz Exp $ d25826 1 a25826 1 exim-[0-9]* email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-51766 @ 1.99 log @doc: note fixed sendmail version @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.98 2023/12/24 12:47:46 bsiegert Exp $ d25845 2 @ 1.98 log @Add vulnerability entries for the recent Go vulns This is for all the ones I found with a quick scan with govulncheck, modulo those that are fixed already. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.97 2023/12/24 09:53:03 wiz Exp $ d25829 1 a25829 1 sendmail-[0-9]* email-spoofing https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-51765 @ 1.97 log @doc: use CVEs for SMPT smuggling, add sendmail @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.96 2023/12/23 20:23:40 thor Exp $ d25830 15 @ 1.96 log @pkg-vulnerabilities: set affected R version < 3.3.3 instead of dropping the line Sorry. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857466 3.3.3 was the upstream release fixing it. Not seeing this in NEWS in R sources, though. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.95 2023/12/23 20:18:16 bsiegert Exp $ d25820 1 a25820 1 postfix<3.8.4 email-spoofing https://www.postfix.org/smtp-smuggling.html d25826 1 a25826 1 exim-[0-9]* email-spoofing https://bugs.exim.org/show_bug.cgi?id=3063 d25829 1 @ 1.95 log @Add glow and nuclei vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.94 2023/12/23 19:34:09 wiz Exp $ d11349 1 a11349 1 R-[0-9]* buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8714 @ 1.94 log @doc: pkg-vulnerabilities: revert previous, we do not remove entries Add an upper bound instead, or comment out if it's disputed. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.93 2023/12/23 19:12:50 thor Exp $ d25827 2 @ 1.93 log @pkg-vulnerabilities: drop R buffer overflow that applied to 3.3, ages ago @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.92 2023/12/23 14:59:24 wiz Exp $ d11349 1 @ 1.92 log @doc: exim smtp smuggling vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.91 2023/12/22 19:17:31 bsiegert Exp $ a11348 1 R-[0-9]* buffer-overflow https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8714 @ 1.91 log @git-lfs vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.90 2023/12/22 18:31:00 bsiegert Exp $ d25826 1 @ 1.90 log @vulnerability entries for mysqld_exporter and postgres_exporter @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.89 2023/12/22 17:35:19 wiz Exp $ d25825 1 @ 1.89 log @doc: postfix smtp smuggling vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.88 2023/12/21 07:04:57 wiz Exp $ d25821 4 @ 1.88 log @doc: libssh2 terrapin vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.87 2023/12/20 18:48:02 wiz Exp $ d25820 1 @ 1.87 log @doc: erlang terrapin vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.86 2023/12/20 17:10:08 wiz Exp $ d25819 1 @ 1.86 log @doc: dropbear terrapin vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.85 2023/12/20 17:06:04 wiz Exp $ d25818 1 @ 1.85 log @doc: terrapin for proftpd vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.84 2023/12/18 21:16:47 wiz Exp $ d25817 1 @ 1.84 log @doc: paramiko vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.83 2023/12/18 19:25:13 wiz Exp $ d25816 1 @ 1.83 log @doc: add some ssh implementation vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.82 2023/12/18 10:27:11 thor Exp $ d25815 1 @ 1.82 log @pkg-vulnerabilities: deactivate one old hdf5 issue Those fuzzed POCs from 5 years ago trigger this in hdf5 since some time: h5dump error: internal error (file h5dump.c:line 1471) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.81 2023/12/18 08:56:42 wiz Exp $ d25809 6 @ 1.81 log @doc: new webkit version with some new CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.80 2023/12/16 07:08:54 wiz Exp $ d15072 1 a15072 1 hdf5-[0-9]* multiple-vulnerabilities https://github.com/Twi1ight/fuzzing-pocs/tree/master/hdf5 @ 1.80 log @doc: jq vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.79 2023/12/15 13:19:02 wiz Exp $ d25807 2 @ 1.79 log @doc: mark some asterisk versions as EOL @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.78 2023/12/15 13:13:23 wiz Exp $ d25805 2 @ 1.78 log @doc: asterisk vuln @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.77 2023/12/13 15:55:24 wiz Exp $ d25803 2 @ 1.77 log @doc: opensc-0.24.0, fixes CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.76 2023/12/13 07:48:08 wiz Exp $ d25800 3 @ 1.76 log @doc: vuln: + modular-xorg-server @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.75 2023/12/08 19:56:46 wiz Exp $ d25799 1 @ 1.75 log @doc: fish vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.74 2023/12/07 00:19:46 taca Exp $ d25797 2 @ 1.74 log @doc/pkg-vulnerabilities: tweak CVE-2018-14628 entry Split an entry for samba4 to two parts: * before 4.19 * 4.19 and later @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.73 2023/12/06 08:07:49 wiz Exp $ d25796 1 @ 1.73 log @doc: more vulns for curl, webkit-gtk, go @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.72 2023/12/05 13:47:19 wiz Exp $ d25784 2 a25785 1 samba4>=4.0<4.19.3 information-leak https://nvd.nist.gov/vuln/detail/CVE-2018-14628 @ 1.72 log @doc: pkg-vulnerabilities: samba4, py-cryptography, perl @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.71 2023/11/23 10:59:49 wiz Exp $ d25787 8 @ 1.71 log @doc: pkg-vulnerabilities: + vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.70 2023/11/20 20:26:34 wiz Exp $ d25784 3 @ 1.70 log @doc: pkg-vulnerabilities: expand gimp, add gnutls @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.69 2023/11/17 09:49:25 wiz Exp $ d25783 1 @ 1.69 log @doc: pkg-vulnerabilities: add some of the new vim vulns @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.68 2023/11/17 08:05:29 nia Exp $ d25757 4 a25760 1 gimp<2.10.36 unknown-impact https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/#security-and-bug-fixes d25782 1 @ 1.68 log @bugs with patches in mupdf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.67 2023/11/16 18:10:44 nia Exp $ d25777 2 @ 1.67 log @more tiff bugs with patches on nvd @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.66 2023/11/16 18:02:50 nia Exp $ d23561 2 a23562 2 mupdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30974 mupdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-30975 @ 1.66 log @tiff bugs fixed according to patches linked on nvd @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.65 2023/11/16 09:42:02 wiz Exp $ d24245 3 a24247 3 tiff-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2521 tiff-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2519 tiff-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2520 d24256 1 a24256 1 tiff-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48281 @ 1.65 log @doc: pkg-vulnerabilities: gstreamer @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.64 2023/11/15 21:18:05 wiz Exp $ d24363 10 a24372 10 tiff-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0804 tiff-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0803 tiff-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0802 tiff-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0801 tiff-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0800 tiff-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0799 tiff-[0-9]* out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-0798 tiff-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0797 tiff-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0796 tiff-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-0795 d25660 1 a25660 1 tiff-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-26965 @ 1.64 log @doc: pkg-vulnerabilities: webkit-gtk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.63 2023/11/15 09:41:18 wiz Exp $ d25768 9 @ 1.63 log @doc: pkg-vulnerabilities: + yt-dlp @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.62 2023/11/10 08:08:45 wiz Exp $ d25761 7 @ 1.62 log @doc: pkg-vulnerabilities: update tor entry @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.61 2023/11/09 14:00:08 wiz Exp $ d25760 1 @ 1.61 log @pkg-vulnerabilities: add entries for tor and gimp for which I don't know CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.60 2023/11/06 14:01:32 wiz Exp $ d25759 1 a25759 1 tor-[0-9]* unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE @ 1.60 log @doc: pkg-vulnerabilities: ltm CVE @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.59 2023/11/06 13:19:23 wiz Exp $ d25757 3 @ 1.59 log @doc: pkg-vulnerabilities: add exiv2 CVE @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.58 2023/11/01 12:31:03 wiz Exp $ d25756 1 @ 1.58 log @doc: pkg-vulnerabilities: roundcube @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.57 2023/10/28 07:39:48 wiz Exp $ d25755 1 @ 1.57 log @doc: pkg-vulnerabilities: + py-pip @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.56 2023/10/25 09:09:17 wiz Exp $ d25754 1 @ 1.56 log @doc: pkg-vulnerabilities: add 3 for modular-xorg-server @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.55 2023/10/22 10:05:48 wiz Exp $ d25753 1 @ 1.55 log @doc: pkg-vulnerabilities: add entry for py-configobj @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.54 2023/10/20 18:49:33 wiz Exp $ d25750 3 @ 1.54 log @doc: pkg-vulnerabilities: add minizip @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.53 2023/10/20 18:36:59 wiz Exp $ d25749 1 @ 1.53 log @doc: pkg-vulnerabilities: remove one apache entry (https://github.com/icing/blog/blob/main/h2-rapid-reset.md) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.52 2023/10/19 13:31:51 wiz Exp $ d25748 1 @ 1.52 log @doc: pkg-vulnerabilities: more apache @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.51 2023/10/19 13:30:11 wiz Exp $ a25742 2 # unclear, see https://github.com/apache/httpd-site/pull/10 apache-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-44487 @ 1.51 log @doc: pkg-vulnerabilities: apache vulnerability @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.50 2023/10/19 08:56:37 wiz Exp $ d25748 2 @ 1.50 log @doc: pkg-vulnerabilities: add more for CVE-2023-44487 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.49 2023/10/17 11:44:02 prlw1 Exp $ d25747 1 @ 1.49 log @doc: update exim fixed version for remaining 2 of the CVEs in https://exim.org/static/doc/security/CVE-2023-zdi.txt @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.48 2023/10/16 10:28:51 he Exp $ d25743 4 @ 1.48 log @Fix pattern for protobuf-c CVE-2022-33070 (applies to <=1.4.0). @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.47 2023/10/14 09:40:47 wiz Exp $ d25372 1 a25372 1 exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42117 d25374 1 a25374 1 exim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42119 @ 1.47 log @doc: pkg-vulnerabilities: + samba @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.46 2023/10/11 11:16:45 wiz Exp $ d23598 1 a23598 1 protobuf-c-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33070 @ 1.46 log @doc: pkg-vulnerabilities: + curl @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.45 2023/10/10 20:17:44 tm Exp $ d25737 6 @ 1.45 log @doc: pkg-vulnerabilities +KeePass, +atasm, +h2o, +kilo, +libdwarf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.44 2023/10/10 20:07:15 tm Exp $ d25735 2 @ 1.44 log @doc: pkg-vulnerabilities +binutils @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.43 2023/10/10 19:58:12 tm Exp $ d25729 6 @ 1.43 log @doc: pkg-vulnerabilities +frr, +mupdf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.42 2023/10/10 19:47:43 wiz Exp $ d25718 11 @ 1.42 log @doc: pkg-vulnerabilities: add CVE-2023-44487 and eol for old tomcats @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.41 2023/10/10 19:46:11 tm Exp $ d25703 15 @ 1.41 log @doc: pkg-vulnerabilities +libsass, +nuclei, +powerdns-recursor, +quickjs, +tcpdump, +xpdf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.40 2023/10/10 19:32:44 tm Exp $ d25693 10 @ 1.40 log @doc: pkg-vulnerabilities +routinator, +sniproxy, +sofia-sip, +spice-server, +terraform @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.39 2023/10/10 19:25:06 tm Exp $ d25679 14 @ 1.39 log @doc: pkg-vulnerabilities +bitcoin, +consul, +faad2, +gnuplot, +screen, +tiff @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.38 2023/10/10 19:14:01 tm Exp $ d25673 6 @ 1.38 log @doc: pkg-vulnerabilities +gawk, +mp4v2, +nats-server, +njs, +qpdf @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.37 2023/10/10 18:53:57 tm Exp $ d25659 14 @ 1.37 log @doc: pkg-vulnerabilities +grub2, +opendkim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.36 2023/10/10 18:47:32 tm Exp $ d25641 18 @ 1.36 log @doc: pkg-vulnerabilities +advancecomp, +poppler, +protobuf-c @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.35 2023/10/10 17:55:00 tm Exp $ d25636 5 @ 1.35 log @doc: pkg-vulnerabilities +vault, +vim, +webkit-gtk, +wordpress @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.34 2023/10/10 17:33:56 tm Exp $ d25626 10 @ 1.34 log @doc: pkg-vulnerabilities +haproxy, +p7zip, +py-MechanicalSoup, +tightvnc, +unrar, +vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.33 2023/10/10 17:24:50 tm Exp $ d25620 6 @ 1.33 log @doc: pkg-vulnerabilities +asn1c, +xterm, +yajl, +zziplib @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.32 2023/10/10 14:32:06 tm Exp $ d25603 17 @ 1.32 log @doc: pkg-vulnerabilities +go120, +gradle, +php-concrete5, +php-piwigo, +py-octoprint, +py-urllib3, +tiff, +tnftpd, +vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.31 2023/10/10 14:09:14 tm Exp $ d25598 5 @ 1.31 log @doc: pkg-vulnerabilities +ImageMagick, +gifsicle, +gpac, +gradle, +libcue, +mosquitto, +tiff, +vim, +webkit-gtk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.30 2023/10/10 13:56:11 tm Exp $ d25584 14 @ 1.30 log @doc: pkg-vulnerabilities +gradle, +grafana, +libde265, +libheif, +mbedtls, +memcached, +moodle, +pev, +redis, +samba4 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.29 2023/10/10 12:12:17 tm Exp $ d25575 9 @ 1.29 log @doc: pkg-vulnerabilities +cmark-gfm, +exempi, +pandoc, +syncthing @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.28 2023/10/10 10:17:47 tm Exp $ d25556 19 @ 1.28 log @doc: pkg-vulnerabilities +consul, +dnsmasq, +emacs, +libcares, +libde265, +liferea, +opendoas, +qemu, +stellarium, +webkit-gtk @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.27 2023/10/10 10:11:13 nia Exp $ d25548 8 @ 1.27 log @bugs fixed in mariadb according to their nvd.nist.gov pages @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.26 2023/10/10 09:58:01 nia Exp $ d25532 16 @ 1.26 log @various bugs fixed in mariadb according to their nvd.nist.gov pages @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.25 2023/10/10 09:27:28 nia Exp $ d22802 21 a22822 7 mariadb-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-46669 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46668 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46665 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46664 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46662 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46663 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-46661 @ 1.25 log @CVE-2022-47015 fixed upstream in mariadb https://nvd.nist.gov/vuln/detail/CVE-2022-47015 https://github.com/MariaDB/server/commit/9b32e4b192303421ca26625153ae1190429e307f @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.24 2023/10/10 09:24:03 nia Exp $ d23197 72 a23268 24 mariadb-server-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-27387 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27386 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27382 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27380 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27384 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27385 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27383 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27379 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27378 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27381 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27376 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27377 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27458 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27457 mariadb-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27456 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27452 mariadb-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27455 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27451 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27448 mariadb-server-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-27447 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27446 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27449 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27445 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27444 @ 1.24 log @CVE-2022-4426 fixed in imagemagick https://github.com/ImageMagick/ImageMagick/discussions/6027 @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.23 2023/10/10 09:20:06 nia Exp $ d24951 4 a24954 1 mariadb-server-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47015 @ 1.23 log @few fixed vulnerabilitys in OIIO and ImageMagick https://raw.githubusercontent.com/AcademySoftwareFoundation/OpenImageIO/ab1a0eec999be796272fc3f455654fa0e4f9f41e/CHANGES.md https://security.gentoo.org/glsa/202209-19 https://github.com/ImageMagick/ImageMagick/commit/05673e63c919e61ffa1107804d1138c46547a475 https://github.com/ImageMagick/ImageMagick6/commit/3c5188b41902a909e163492fb0c19e49efefcefe @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.22 2023/10/09 21:46:58 tm Exp $ d24960 2 a24961 2 ImageMagick-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267 ImageMagick6-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-44267 @ 1.22 log @doc: pkg-vulnerabilities +jpegoptim, +optipng, +phppgadmin, +png @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.21 2023/10/09 21:34:03 tm Exp $ d24962 2 a24963 1 ImageMagick-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2022-44268 d24967 1 a24967 1 GraphicsMagick-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1270 d25287 4 a25290 4 openimageio-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24472 openimageio-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-24473 openimageio-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-22845 openimageio-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36183 @ 1.21 log @doc: pkg-vulnerabilities +vim @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.20 2023/10/09 21:26:19 tm Exp $ d25460 6 @ 1.20 log @doc: pkg-vulnerabilities +jhead, +monit, +opensc, +tiff @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.19 2023/10/09 19:09:42 tm Exp $ d25452 8 @ 1.19 log @doc: pkg-vulnerabilities +djvulibre, +grpc, +mutt, +podman @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.18 2023/10/09 17:36:25 wiz Exp $ d25445 7 @ 1.18 log @doc: pkg-vulnerabilities: + avahi, libxml2, libcue @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.17 2023/10/08 20:05:45 tm Exp $ d25436 9 @ 1.17 log @doc: pkg-vulnerabilities +catdoc, +geeklog, +openssh, +wolfssl @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.16 2023/10/08 19:58:41 tm Exp $ d25429 7 @ 1.16 log @doc: pkg-vulnerabilities +nasm, +puppet @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.15 2023/10/08 17:58:17 schmonz Exp $ d25423 6 @ 1.15 log @libspf2 CVE-2023-42118 believed fixed in 1.2.11nb2. @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.14 2023/10/06 08:38:32 prlw1 Exp $ d25409 14 @ 1.14 log @doc: update exim fixed version for 3 of the CVEs @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.13 2023/10/05 19:06:44 tm Exp $ d25307 1 a25307 1 libspf2-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42118 @ 1.13 log @doc: pkg-vulnerabilities +gnupg2, +libde265, +libmicrohttpd @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.12 2023/10/05 18:53:36 tm Exp $ d25303 3 a25305 3 exim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42114 exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42115 exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42116 @ 1.12 log @doc: pkg-vulnerabilities +freerdp2 +matrix-synapse @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.11 2023/10/05 18:34:29 tm Exp $ d25399 10 @ 1.11 log @doc: pkg-vulnerabilities +vorbis-tools, +vsftpd, +w3m, +wireshark @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.10 2023/10/05 14:13:03 tm Exp $ d25380 19 @ 1.10 log @doc: +freeimage @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.9 2023/10/05 13:48:21 tm Exp $ d25357 23 @ 1.9 log @doc: +amanda-server, +lldpd, +zabbix @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.8 2023/10/05 13:21:51 tm Exp $ d25344 13 @ 1.8 log @doc: +croc, +ming @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.7 2023/10/04 16:27:27 wiz Exp $ d25336 8 @ 1.7 log @doc: django, grub2 vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.6 2023/10/03 21:46:00 wiz Exp $ d25322 14 @ 1.6 log @doc: + libX11, libXpm vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.5 2023/09/29 22:09:50 wiz Exp $ d25317 5 @ 1.5 log @doc: gst-plugins1-bad vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.4 2023/09/29 17:45:30 wiz Exp $ d25312 5 @ 1.4 log @doc: exim, libspf2 security issues @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.3 2023/09/29 09:44:28 wiz Exp $ d25309 3 @ 1.3 log @doc: update libvpx fixed version @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.2 2023/09/29 09:37:31 wiz Exp $ d25303 6 @ 1.2 log @doc: + wekit-gtk, libvpx vulnerabilities @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.1 2023/09/29 09:13:27 wiz Exp $ d25302 1 a25302 1 libvpx<1.13.1 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2023-5217 @ 1.1 log @Add package vulnerability database and EOL information to pkgsrc itself. Feel free to add entries here (and ask pkgsrc-security to re-generate the signed file). (These files lived in a separate repository before.) @ text @d1 1 a1 1 # $NetBSD: pkg-vulnerabilities,v 1.10937 2023/09/26 21:16:59 tm Exp $ d25296 7 @